From 3767c8b48063ca3f802fe1f1d089073d4c55d4a0 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 10 Nov 2023 01:56:43 +0000 Subject: [PATCH 01/51] Implement sample read replica rotation logic --- example/readreplica/cmd/main.go | 276 ++++++++++++++++++++++++++++++++ 1 file changed, 276 insertions(+) create mode 100644 example/readreplica/cmd/main.go diff --git a/example/readreplica/cmd/main.go b/example/readreplica/cmd/main.go new file mode 100644 index 0000000000..7dc3014e0d --- /dev/null +++ b/example/readreplica/cmd/main.go @@ -0,0 +1,276 @@ +package main + +import ( + "context" + "fmt" + "os" + "path/filepath" + "strings" + "time" + + snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" + "github.com/vdaas/vald/internal/sync/errgroup" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/tools/clientcmd" +) + +const ( + namespace = "default" + replicaid = 0 + deploymentPrefix = "vald-agent-ngt-readreplica" + snapshotPrefix = "vald-agent-ngt-snapshot" + pvcPrefix = "vald-agent-ngt-readreplica-pvc" +) + +func main() { + homeDir, err := os.UserHomeDir() + if err != nil { + panic(err) + } + + kubeconfig := filepath.Join(homeDir, ".kube", "config") + + cfg, err := clientcmd.BuildConfigFromFlags("", kubeconfig) + if err != nil { + panic(err) + } + + client, err := kubernetes.NewForConfig(cfg) + if err != nil { + panic(err) + } + + sclient, err := snapshotclient.NewForConfig(cfg) + if err != nil { + panic(err) + } + + updater := New(replicaid, client, sclient) + + ctx := context.Background() + if err := updater.Start(ctx); err != nil { + panic(err) + } +} + +type readreplicaUpdater struct { + replicaid int + namespace string + deploymentPrefix string + snapshotPrefix string + pvcPrefix string + clientset *kubernetes.Clientset + sClientset *snapshotclient.Clientset +} + +func New(replicaid int, client *kubernetes.Clientset, sclient *snapshotclient.Clientset) *readreplicaUpdater { + return &readreplicaUpdater{ + replicaid: replicaid, + namespace: namespace, + deploymentPrefix: fmt.Sprintf("%s-%d", deploymentPrefix, replicaid), + snapshotPrefix: fmt.Sprintf("%s-%d", snapshotPrefix, replicaid), + pvcPrefix: fmt.Sprintf("%s-%d", pvcPrefix, replicaid), + clientset: client, + sClientset: sclient, + } +} + +func (r *readreplicaUpdater) Start(ctx context.Context) error { + newSnapShot, oldSnapShot, err := r.createSnapshot(ctx) + if err != nil { + return err + } + + newPvc, oldPvc, err := r.createPVC(ctx, newSnapShot.Name) + if err != nil { + return err + } + + err = r.updateDeployment(ctx, newPvc.Name) + if err != nil { + return err + } + + err = r.deleteSnapshot(ctx, oldSnapShot.Name) + if err != nil { + return err + } + err = r.deletePVC(ctx, oldPvc.Name) + if err != nil { + return err + } + + return nil +} + +func (r *readreplicaUpdater) createSnapshot(ctx context.Context) (new, old *snapshotv1.VolumeSnapshot, err error) { + snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(namespace) + + list, err := snapshotInterface.List(ctx, metav1.ListOptions{}) + if err != nil { + return nil, nil, err + } + + for _, snap := range list.Items { + if strings.HasPrefix(snap.Name, r.snapshotPrefix) { + old = &snap + break + } + } + if old == nil { + return nil, nil, fmt.Errorf("old snapshot not found") + } + + new = &snapshotv1.VolumeSnapshot{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf(r.snapshotPrefix+"-%d", time.Now().Unix()), + Namespace: old.Namespace, + }, + Spec: old.Spec, + } + + new, err = snapshotInterface.Create(ctx, new, metav1.CreateOptions{}) + if err != nil { + return nil, nil, fmt.Errorf("failed to create snapshot: %w", err) + } + return new, old, nil +} + +func (r *readreplicaUpdater) createPVC(ctx context.Context, newSnapShot string) (new, old *v1.PersistentVolumeClaim, err error) { + pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(namespace) + list, err := pvcInterface.List(ctx, metav1.ListOptions{}) + if err != nil { + return nil, nil, err + } + + for _, pvc := range list.Items { + if strings.HasPrefix(pvc.Name, r.pvcPrefix) { + old = &pvc + break + } + } + if old == nil { + return nil, nil, fmt.Errorf("old pvc not found") + } + + new = &v1.PersistentVolumeClaim{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf(r.pvcPrefix+"-%d", time.Now().Unix()), + Namespace: old.Namespace, + }, + Spec: v1.PersistentVolumeClaimSpec{ + AccessModes: old.Spec.AccessModes, + Resources: old.Spec.Resources, + DataSource: &v1.TypedLocalObjectReference{ + Name: newSnapShot, + Kind: old.Spec.DataSource.Kind, + APIGroup: old.Spec.DataSource.APIGroup, + }, + }, + } + + new, err = pvcInterface.Create(ctx, new, metav1.CreateOptions{}) + if err != nil { + return nil, nil, fmt.Errorf("failed to create pvc: %w", err) + } + return new, old, nil +} + +func (r *readreplicaUpdater) updateDeployment(ctx context.Context, newPVC string) error { + deploymentInterface := r.clientset.AppsV1().Deployments(namespace) + + deployment, err := deploymentInterface.Get(ctx, r.deploymentPrefix, metav1.GetOptions{}) + if err != nil { + return err + } + + if deployment.Spec.Template.ObjectMeta.Annotations == nil { + deployment.Spec.Template.ObjectMeta.Annotations = map[string]string{} + } + deployment.Spec.Template.ObjectMeta.Annotations["kubectl.kubernetes.io/restartedAt"] = time.Now().Format(time.RFC3339) + + for _, vol := range deployment.Spec.Template.Spec.Volumes { + if vol.Name == fmt.Sprintf("%s-clone", r.deploymentPrefix) { + vol.PersistentVolumeClaim.ClaimName = newPVC + } + } + + _, err = deploymentInterface.Update(ctx, deployment, metav1.UpdateOptions{}) + if err != nil { + return err + } + + return nil +} + +func (r *readreplicaUpdater) deleteSnapshot(ctx context.Context, snapshot string) error { + snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(namespace) + + watcher, err := snapshotInterface.Watch(ctx, metav1.ListOptions{}) + if err != nil { + return fmt.Errorf("failed to watch snapshot: %w", err) + } + defer watcher.Stop() + + eg, egctx := errgroup.New(ctx) + eg.Go(func() error { + for { + select { + case <-egctx.Done(): + return egctx.Err() + case event := <-watcher.ResultChan(): + if event.Type == watch.Deleted { + fmt.Println("old volume snapshot deleted.") + return nil + } else { + fmt.Println("event: ", event.Type) + } + } + } + }) + + err = snapshotInterface.Delete(ctx, snapshot, metav1.DeleteOptions{}) + if err != nil { + return fmt.Errorf("failed to delete snapshot: %w", err) + } + + return eg.Wait() +} + +func (r *readreplicaUpdater) deletePVC(ctx context.Context, pvc string) error { + pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(namespace) + + watcher, err := pvcInterface.Watch(ctx, metav1.ListOptions{}) + if err != nil { + return fmt.Errorf("failed to watch PVC: %w", err) + } + defer watcher.Stop() + + eg, egctx := errgroup.New(ctx) + eg.Go(func() error { + for { + select { + case <-egctx.Done(): + return egctx.Err() + case event := <-watcher.ResultChan(): + if event.Type == watch.Deleted { + fmt.Println("old PVC deleted.") + return nil + } else { + fmt.Println("event: ", event.Type) + } + } + } + }) + + err = pvcInterface.Delete(ctx, pvc, metav1.DeleteOptions{}) + if err != nil { + return fmt.Errorf("failed to delete PVC: %w", err) + } + + return eg.Wait() +} From 1e4a07015acf4d80b06ff93e1af2d1f8618d96cc Mon Sep 17 00:00:00 2001 From: ykadowak Date: Thu, 16 Nov 2023 04:33:05 +0000 Subject: [PATCH 02/51] Add external-snapshotter in go.mod --- hack/go.mod.default | 1 + 1 file changed, 1 insertion(+) diff --git a/hack/go.mod.default b/hack/go.mod.default index b78b7c3c84..ba685da2ca 100755 --- a/hack/go.mod.default +++ b/hack/go.mod.default @@ -199,6 +199,7 @@ replace ( github.com/kr/fs => github.com/kr/fs upgrade github.com/kr/pretty => github.com/kr/pretty upgrade github.com/kr/text => github.com/kr/text upgrade + github.com/kubernetes-csi/external-snapshotter/client/v6 => github.com/kubernetes-csi/external-snapshotter/client/v6 upgrade github.com/kylelemons/godebug => github.com/kylelemons/godebug upgrade github.com/leanovate/gopter => github.com/leanovate/gopter upgrade github.com/leodido/go-urn => github.com/leodido/go-urn upgrade From 82c4d11248156cb8d09aff58f54dacb3de530d7a Mon Sep 17 00:00:00 2001 From: ykadowak Date: Thu, 16 Nov 2023 07:30:15 +0000 Subject: [PATCH 03/51] Add readreplica initial implementation --- cmd/index/job/readreplica/rotate/main.go | 60 +++++++ cmd/index/job/readreplica/rotate/sample.yaml | 108 ++++++++++++ internal/config/readreplica_rotate.go | 10 ++ .../job/readreplica/rotate/config/config.go | 71 ++++++++ .../job/readreplica/rotate/service/options.go | 54 ++++++ .../job/readreplica/rotate/service/rotator.go | 74 ++++++++ .../job/readreplica/rotate/usecase/rotate.go | 166 ++++++++++++++++++ 7 files changed, 543 insertions(+) create mode 100644 cmd/index/job/readreplica/rotate/main.go create mode 100644 cmd/index/job/readreplica/rotate/sample.yaml create mode 100644 internal/config/readreplica_rotate.go create mode 100644 pkg/index/job/readreplica/rotate/config/config.go create mode 100644 pkg/index/job/readreplica/rotate/service/options.go create mode 100644 pkg/index/job/readreplica/rotate/service/rotator.go create mode 100644 pkg/index/job/readreplica/rotate/usecase/rotate.go diff --git a/cmd/index/job/readreplica/rotate/main.go b/cmd/index/job/readreplica/rotate/main.go new file mode 100644 index 0000000000..d30acea13c --- /dev/null +++ b/cmd/index/job/readreplica/rotate/main.go @@ -0,0 +1,60 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package main + +import ( + "context" + + "github.com/vdaas/vald/internal/errors" + "github.com/vdaas/vald/internal/info" + "github.com/vdaas/vald/internal/log" + "github.com/vdaas/vald/internal/runner" + "github.com/vdaas/vald/internal/safety" + "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/config" + "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/usecase" +) + +const ( + maxVersion = "v0.0.10" + minVersion = "v0.0.0" + name = "readreplica rotate job" +) + +func main() { + if err := safety.RecoverFunc(func() error { + return runner.Do( + context.Background(), + runner.WithName(name), + runner.WithVersion(info.Version, maxVersion, minVersion), + runner.WithConfigLoader(func(path string) (interface{}, *config.GlobalConfig, error) { + cfg, err := config.NewConfig(path) + if err != nil { + return nil, nil, errors.Wrap(err, "failed to load "+name+"'s configuration") + } + return cfg, &cfg.GlobalConfig, nil + }), + runner.WithDaemonInitializer(func(cfg interface{}) (runner.Runner, error) { + c, ok := cfg.(*config.Data) + if !ok { + return nil, errors.ErrInvalidConfig + } + return usecase.New(c) + }), + ) + })(); err != nil { + log.Fatal(err, info.Get()) + return + } +} + diff --git a/cmd/index/job/readreplica/rotate/sample.yaml b/cmd/index/job/readreplica/rotate/sample.yaml new file mode 100644 index 0000000000..fef8ef2d49 --- /dev/null +++ b/cmd/index/job/readreplica/rotate/sample.yaml @@ -0,0 +1,108 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +--- +version: v0.0.0 +time_zone: JST +logging: + format: raw + level: info + logger: glg +server_config: + servers: + - name: grpc + host: 0.0.0.0 + port: 8081 + grpc: + bidirectional_stream_concurrency: 20 + connection_timeout: "" + header_table_size: 0 + initial_conn_window_size: 0 + initial_window_size: 0 + interceptors: [] + keepalive: + max_conn_age: "" + max_conn_age_grace: "" + max_conn_idle: "" + time: "" + timeout: "" + max_header_list_size: 0 + max_receive_message_size: 0 + max_send_message_size: 0 + read_buffer_size: 0 + write_buffer_size: 0 + mode: GRPC + probe_wait_time: 3s + restart: true + health_check_servers: + - name: readiness + host: 0.0.0.0 + port: 3001 + http: + handler_timeout: "" + idle_timeout: "" + read_header_timeout: "" + read_timeout: "" + shutdown_duration: 0s + write_timeout: "" + mode: "" + probe_wait_time: 3s + metrics_servers: + startup_strategy: + - grpc + - readiness + full_shutdown_duration: 600s + tls: + ca: /path/to/ca + cert: /path/to/cert + enabled: false + key: /path/to/key +rotator: + agent_port: 8081 + agent_name: "vald-agent-ngt" + agent_dns: vald-agent-ngt.default.svc.cluster.local + agent_namespace: "default" +observability: + enabled: false + otlp: + collector_endpoint: "opentelemetry-collector-collector.default.svc.cluster.local:4317" + trace_batch_timeout: "1s" + trace_export_timeout: "1m" + trace_max_export_batch_size: 1024 + trace_max_queue_size: 256 + metrics_export_interval: "1s" + metrics_export_timeout: "1m" + attribute: + namespace: "_MY_POD_NAMESPACE_" + pod_name: "_MY_POD_NAME_" + node_name: "_MY_NODE_NAME_" + service_name: "vald-index-correction" + metrics: + enable_cgo: true + enable_goroutine: true + enable_memory: true + enable_version_info: true + version_info_labels: + - vald_version + - server_name + - git_commit + - build_time + - go_version + - go_os + - go_arch + - ngt_version + trace: + enabled: true diff --git a/internal/config/readreplica_rotate.go b/internal/config/readreplica_rotate.go new file mode 100644 index 0000000000..d3457923cd --- /dev/null +++ b/internal/config/readreplica_rotate.go @@ -0,0 +1,10 @@ +package config + +type ReadreplicaRotate struct { + AgentName string `json:"agent_name" yaml:"agent_name"` +} + +func (r *ReadreplicaRotate) Bind() *ReadreplicaRotate { + r.AgentName = GetActualValue(r.AgentName) + return r +} diff --git a/pkg/index/job/readreplica/rotate/config/config.go b/pkg/index/job/readreplica/rotate/config/config.go new file mode 100644 index 0000000000..aa35b7acb8 --- /dev/null +++ b/pkg/index/job/readreplica/rotate/config/config.go @@ -0,0 +1,71 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package config + +import ( + "github.com/vdaas/vald/internal/config" + "github.com/vdaas/vald/internal/errors" +) + +// GlobalConfig is a type alias of config.GlobalConfig representing application base configurations. +type GlobalConfig = config.GlobalConfig + +// Data represents the application configurations. +type Data struct { + // GlobalConfig represents application base configurations. + config.GlobalConfig `json:",inline" yaml:",inline"` + + // Server represent all server configurations + Server *config.Servers `json:"server_config" yaml:"server_config"` + + // Observability represents observability configurations. + Observability *config.Observability `json:"observability" yaml:"observability"` + + // TODO: + ReadreplicaRotate *config.ReadreplicaRotate `json:"rotator" yaml:"rotator"` +} + +// NewConfig loads configurations from the file path. +func NewConfig(path string) (cfg *Data, err error) { + cfg = new(Data) + + if err = config.Read(path, &cfg); err != nil { + return nil, err + } + + if cfg != nil { + _ = cfg.GlobalConfig.Bind() + } else { + return nil, errors.ErrInvalidConfig + } + + if cfg.Server != nil { + _ = cfg.Server.Bind() + } else { + return nil, errors.ErrInvalidConfig + } + + if cfg.Observability != nil { + _ = cfg.Observability.Bind() + } else { + cfg.Observability = new(config.Observability).Bind() + } + + if cfg.ReadreplicaRotate != nil { + _ = cfg.ReadreplicaRotate.Bind() + } else { + return nil, errors.ErrInvalidConfig + } + return cfg, nil +} diff --git a/pkg/index/job/readreplica/rotate/service/options.go b/pkg/index/job/readreplica/rotate/service/options.go new file mode 100644 index 0000000000..24717b392d --- /dev/null +++ b/pkg/index/job/readreplica/rotate/service/options.go @@ -0,0 +1,54 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package service + +// Option represents the functional option for index. +type Option func(_ *rotator) error + +var defaultOpts = []Option{} + +func WithReplicaId(id int) Option { + return func(r *rotator) error { + r.replicaid = id + return nil + } +} + +func WithNamespace(ns string) Option { + return func(r *rotator) error { + r.namespace = ns + return nil + } +} + +func WithDeploymentPrefix(dp string) Option { + return func(r *rotator) error { + r.deploymentPrefix = dp + return nil + } +} + +func WithSnapshotPrefix(sp string) Option { + return func(r *rotator) error { + r.snapshotPrefix = sp + return nil + } +} + +func WithPvcPrefix(pp string) Option { + return func(r *rotator) error { + r.pvcPrefix = pp + return nil + } +} diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go new file mode 100644 index 0000000000..fb72ffc570 --- /dev/null +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -0,0 +1,74 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package service + +import ( + "context" + "reflect" + + snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" + "github.com/vdaas/vald/internal/errors" + "github.com/vdaas/vald/internal/log" + "github.com/vdaas/vald/internal/observability/trace" + "k8s.io/client-go/kubernetes" +) + +const ( + apiName = "vald/index/job/readreplica/rotate" +) + +// Rotator represents an interface for indexing. +type Rotator interface { + Start(ctx context.Context) error +} + +type rotator struct { + replicaid int + namespace string + deploymentPrefix string + snapshotPrefix string + pvcPrefix string + // TODO: この辺はconbenchがマージされたあと、GetClientとかで引っ張ってくる + clientset *kubernetes.Clientset + sClientset *snapshotclient.Clientset +} + +// New returns Indexer object if no error occurs. +func New(opts ...Option) (Rotator, error) { + r := new(rotator) + for _, opt := range append(defaultOpts, opts...) { + if err := opt(r); err != nil { + oerr := errors.ErrOptionFailed(err, reflect.ValueOf(opt)) + e := &errors.ErrCriticalOption{} + if errors.As(oerr, &e) { + log.Error(err) + return nil, oerr + } + log.Warn(oerr) + } + } + return r, nil +} + +// Start starts rotation process. +func (idx *rotator) Start(ctx context.Context) error { + _, span := trace.StartSpan(ctx, apiName+"/service/rotator.Start") + defer func() { + if span != nil { + span.End() + } + }() + + return nil +} diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go new file mode 100644 index 0000000000..8c73c94934 --- /dev/null +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -0,0 +1,166 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package usecase + +import ( + "context" + "os" + "syscall" + + iconfig "github.com/vdaas/vald/internal/config" + "github.com/vdaas/vald/internal/errors" + "github.com/vdaas/vald/internal/log" + "github.com/vdaas/vald/internal/net/grpc" + "github.com/vdaas/vald/internal/net/grpc/interceptor/server/recover" + "github.com/vdaas/vald/internal/observability" + "github.com/vdaas/vald/internal/runner" + "github.com/vdaas/vald/internal/safety" + "github.com/vdaas/vald/internal/servers/server" + "github.com/vdaas/vald/internal/servers/starter" + "github.com/vdaas/vald/internal/sync/errgroup" + "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/config" + "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/service" +) + +type run struct { + eg errgroup.Group + cfg *config.Data + observability observability.Observability + server starter.Server + indexer service.Rotator +} + +// New returns Runner instance. +func New(cfg *config.Data) (_ runner.Runner, err error) { + eg := errgroup.Get() + + indexer, err := service.New() + if err != nil { + return nil, err + } + + srv, err := starter.New( + starter.WithConfig(cfg.Server), + starter.WithGRPC(func(cfg *iconfig.Server) []server.Option { + return []server.Option{ + server.WithGRPCOption( + grpc.ChainUnaryInterceptor(recover.RecoverInterceptor()), + grpc.ChainStreamInterceptor(recover.RecoverStreamInterceptor()), + ), + } + }), + ) + if err != nil { + return nil, err + } + + var obs observability.Observability + if cfg.Observability.Enabled { + obs, err = observability.NewWithConfig( + cfg.Observability, + ) + if err != nil { + return nil, err + } + } + + return &run{ + eg: eg, + cfg: cfg, + observability: obs, + server: srv, + indexer: indexer, + }, nil +} + +// PreStart is a method called before execution of Start, and it invokes the PreStart method of observability. +func (r *run) PreStart(ctx context.Context) error { + if r.observability != nil { + return r.observability.PreStart(ctx) + } + return nil +} + +// Start is a method used to initiate an operation in the run, and it returns a channel for receiving errors +// during the operation and an error representing any initialization errors. +func (r *run) Start(ctx context.Context) (<-chan error, error) { + ech := make(chan error, 4) + var sech, oech <-chan error + if r.observability != nil { + oech = r.observability.Start(ctx) + } + sech = r.server.ListenAndServe(ctx) + + r.eg.Go(safety.RecoverFunc(func() (err error) { + defer func() { + p, err := os.FindProcess(os.Getpid()) + if err != nil { + // using Fatal to avoid this process to be zombie + // skipcq: RVV-A0003 + log.Fatalf("failed to find my pid to kill %v", err) + return + } + log.Info("sending SIGTERM to myself to stop this job") + if err := p.Signal(syscall.SIGTERM); err != nil { + log.Error(err) + } + }() + return r.indexer.Start(ctx) + })) + + r.eg.Go(safety.RecoverFunc(func() (err error) { + defer close(ech) + for { + select { + case <-ctx.Done(): + return ctx.Err() + case err = <-oech: + case err = <-sech: + } + if err != nil { + select { + case <-ctx.Done(): + return errors.Join(ctx.Err(), err) + case ech <- err: + } + } + } + })) + return ech, nil +} + +// PreStop is a method called before execution of Stop. +func (*run) PreStop(_ context.Context) error { + return nil +} + +// Stop is a method used to stop an operation in the run. +func (r *run) Stop(ctx context.Context) (errs error) { + if r.observability != nil { + if err := r.observability.Stop(ctx); err != nil { + errs = errors.Join(errs, err) + } + } + if r.server != nil { + if err := r.server.Shutdown(ctx); err != nil { + errs = errors.Join(errs, err) + } + } + return errs +} + +// PtopStop is a method called after execution of Stop. +func (*run) PostStop(_ context.Context) error { + return nil +} From 875ce3b47744f2a06968f3a02eeca32f9e279357 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 20 Nov 2023 07:21:54 +0000 Subject: [PATCH 04/51] Add service implementation of readreplica rotator --- .../job/readreplica/rotate/service/options.go | 7 + .../job/readreplica/rotate/service/rotator.go | 242 +++++++++++++++++- .../job/readreplica/rotate/usecase/rotate.go | 55 +++- 3 files changed, 298 insertions(+), 6 deletions(-) diff --git a/pkg/index/job/readreplica/rotate/service/options.go b/pkg/index/job/readreplica/rotate/service/options.go index 24717b392d..e75d1a410d 100644 --- a/pkg/index/job/readreplica/rotate/service/options.go +++ b/pkg/index/job/readreplica/rotate/service/options.go @@ -52,3 +52,10 @@ func WithPvcPrefix(pp string) Option { return nil } } + +func WithVolumeName(vn string) Option { + return func(r *rotator) error { + r.volumeName = vn + return nil + } +} diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index fb72ffc570..cdd490ef15 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -15,12 +15,20 @@ package service import ( "context" + "fmt" "reflect" + "strings" + "time" + snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" "github.com/vdaas/vald/internal/errors" "github.com/vdaas/vald/internal/log" "github.com/vdaas/vald/internal/observability/trace" + "github.com/vdaas/vald/internal/sync/errgroup" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/kubernetes" ) @@ -39,14 +47,26 @@ type rotator struct { deploymentPrefix string snapshotPrefix string pvcPrefix string + volumeName string // TODO: この辺はconbenchがマージされたあと、GetClientとかで引っ張ってくる clientset *kubernetes.Clientset sClientset *snapshotclient.Clientset } // New returns Indexer object if no error occurs. -func New(opts ...Option) (Rotator, error) { +func New(clientset *kubernetes.Clientset, sClientset *snapshotclient.Clientset, opts ...Option) (Rotator, error) { r := new(rotator) + + if clientset == nil { + return nil, fmt.Errorf("clientset is nil") + } + if sClientset == nil { + return nil, fmt.Errorf("snapshot clientset is nil") + } + + r.clientset = clientset + r.sClientset = sClientset + for _, opt := range append(defaultOpts, opts...) { if err := opt(r); err != nil { oerr := errors.ErrOptionFailed(err, reflect.ValueOf(opt)) @@ -62,7 +82,7 @@ func New(opts ...Option) (Rotator, error) { } // Start starts rotation process. -func (idx *rotator) Start(ctx context.Context) error { +func (r *rotator) Start(ctx context.Context) error { _, span := trace.StartSpan(ctx, apiName+"/service/rotator.Start") defer func() { if span != nil { @@ -70,5 +90,223 @@ func (idx *rotator) Start(ctx context.Context) error { } }() + if err := r.rotate(ctx); err != nil { + // TODO: better error handling + return err + } + + return nil +} + +func (r *rotator) rotate(ctx context.Context) error { + newSnap, oldSnap, err := r.createSnapshot(ctx) + if err != nil { + return err + } + + newPvc, oldPvc, err := r.createPVC(ctx, newSnap.Name) + if err != nil { + log.Infof("failed to create PVC. removing the new snapshot(%v)...", newSnap.Name) + if dserr := r.deleteSnapshot(ctx, newSnap.Name); dserr != nil { + errors.Join(err, dserr) + } + return err + } + + err = r.updateDeployment(ctx, newPvc.Name) + if err != nil { + log.Infof("failed to update Deployment. removing the new snapshot(%v) and pvc(%v)...", newSnap.Name, newPvc.Name) + if dperr := r.deletePVC(ctx, newPvc.Name); dperr != nil { + errors.Join(err, dperr) + } + if dserr := r.deleteSnapshot(ctx, newSnap.Name); dserr != nil { + errors.Join(err, dserr) + } + return err + } + + err = r.deleteSnapshot(ctx, oldSnap.Name) + if err != nil { + return err + } + + err = r.deletePVC(ctx, oldPvc.Name) + if err != nil { + return err + } + return nil } + +func (r *rotator) createSnapshot(ctx context.Context) (new, old *snapshotv1.VolumeSnapshot, err error) { + snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(r.namespace) + + list, err := snapshotInterface.List(ctx, metav1.ListOptions{}) + if err != nil { + return nil, nil, err + } + + snapshotname := fmt.Sprintf("%s-%d", r.snapshotPrefix, r.replicaid) + for _, snap := range list.Items { + if strings.HasPrefix(snap.Name, snapshotname) { + old = &snap + break + } + } + if old == nil { + return nil, nil, fmt.Errorf("old snapshot not found") + } + + new = &snapshotv1.VolumeSnapshot{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf(snapshotname+"-%d", time.Now().Unix()), + Namespace: old.Namespace, + }, + Spec: old.Spec, + } + + new, err = snapshotInterface.Create(ctx, new, metav1.CreateOptions{}) + if err != nil { + return nil, nil, fmt.Errorf("failed to create snapshot: %w", err) + } + return new, old, nil +} + +func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old *v1.PersistentVolumeClaim, err error) { + pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) + list, err := pvcInterface.List(ctx, metav1.ListOptions{}) + if err != nil { + return nil, nil, err + } + + pvcname := fmt.Sprintf("%s-%d", r.pvcPrefix, r.replicaid) + for _, pvc := range list.Items { + if strings.HasPrefix(pvc.Name, pvcname) { + old = &pvc + break + } + } + if old == nil { + return nil, nil, fmt.Errorf("old pvc not found") + } + + new = &v1.PersistentVolumeClaim{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf(pvcname+"-%d", time.Now().Unix()), + Namespace: old.Namespace, + }, + Spec: v1.PersistentVolumeClaimSpec{ + AccessModes: old.Spec.AccessModes, + Resources: old.Spec.Resources, + DataSource: &v1.TypedLocalObjectReference{ + Name: newSnapShot, + Kind: old.Spec.DataSource.Kind, + APIGroup: old.Spec.DataSource.APIGroup, + }, + }, + } + + new, err = pvcInterface.Create(ctx, new, metav1.CreateOptions{}) + if err != nil { + return nil, nil, fmt.Errorf("failed to create pvc: %w", err) + } + return new, old, nil +} + +func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { + deploymentInterface := r.clientset.AppsV1().Deployments(r.namespace) + + deploymentname := fmt.Sprintf("%s-%d", r.deploymentPrefix, r.replicaid) + deployment, err := deploymentInterface.Get(ctx, deploymentname, metav1.GetOptions{}) + if err != nil { + return err + } + + if deployment.Spec.Template.ObjectMeta.Annotations == nil { + deployment.Spec.Template.ObjectMeta.Annotations = map[string]string{} + } + deployment.Spec.Template.ObjectMeta.Annotations["kubectl.kubernetes.io/restartedAt"] = time.Now().Format(time.RFC3339) + + for _, vol := range deployment.Spec.Template.Spec.Volumes { + if vol.Name == r.volumeName { + vol.PersistentVolumeClaim.ClaimName = newPVC + } + } + + _, err = deploymentInterface.Update(ctx, deployment, metav1.UpdateOptions{}) + if err != nil { + return err + } + + return nil +} + +func (r *rotator) deleteSnapshot(ctx context.Context, snapshot string) error { + snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(r.namespace) + + watcher, err := snapshotInterface.Watch(ctx, metav1.ListOptions{}) + if err != nil { + return fmt.Errorf("failed to watch snapshot: %w", err) + } + defer watcher.Stop() + + eg, egctx := errgroup.New(ctx) + eg.Go(func() error { + log.Infof("deleting volume snapshot(%v)...", snapshot) + for { + select { + case <-egctx.Done(): + return egctx.Err() + case event := <-watcher.ResultChan(): + if event.Type == watch.Deleted { + log.Infof("volume snapshot(%v) deleted", snapshot) + return nil + } else { + log.Debugf("waching volume snapshot events. event: ", event.Type) + } + } + } + }) + + err = snapshotInterface.Delete(ctx, snapshot, metav1.DeleteOptions{}) + if err != nil { + return fmt.Errorf("failed to delete snapshot: %w", err) + } + + return eg.Wait() +} + +func (r *rotator) deletePVC(ctx context.Context, pvc string) error { + pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) + + watcher, err := pvcInterface.Watch(ctx, metav1.ListOptions{}) + if err != nil { + return fmt.Errorf("failed to watch PVC: %w", err) + } + defer watcher.Stop() + + eg, egctx := errgroup.New(ctx) + eg.Go(func() error { + log.Infof("deleting PVC(%v)...", pvc) + for { + select { + case <-egctx.Done(): + return egctx.Err() + case event := <-watcher.ResultChan(): + if event.Type == watch.Deleted { + log.Infof("PVC(%v) deleted", pvc) + return nil + } else { + log.Debugf("waching PVC events. event: %v", event.Type) + } + } + } + }) + + err = pvcInterface.Delete(ctx, pvc, metav1.DeleteOptions{}) + if err != nil { + return fmt.Errorf("failed to delete PVC: %w", err) + } + + return eg.Wait() +} diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index 8c73c94934..0126853345 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -15,9 +15,12 @@ package usecase import ( "context" + "fmt" "os" + "path/filepath" "syscall" + snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" iconfig "github.com/vdaas/vald/internal/config" "github.com/vdaas/vald/internal/errors" "github.com/vdaas/vald/internal/log" @@ -31,6 +34,8 @@ import ( "github.com/vdaas/vald/internal/sync/errgroup" "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/config" "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/service" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/tools/clientcmd" ) type run struct { @@ -38,14 +43,56 @@ type run struct { cfg *config.Data observability observability.Observability server starter.Server - indexer service.Rotator + rotator service.Rotator +} + +// FIXME: get clients from internal/k8s +func getClients() (*kubernetes.Clientset, *snapshotclient.Clientset, error) { + homeDir, err := os.UserHomeDir() + if err != nil { + panic(err) + } + + kubeconfig := filepath.Join(homeDir, ".kube", "config") + + cfg, err := clientcmd.BuildConfigFromFlags("", kubeconfig) + if err != nil { + panic(err) + } + + client, err := kubernetes.NewForConfig(cfg) + if err != nil { + panic(err) + } + + sclient, err := snapshotclient.NewForConfig(cfg) + if err != nil { + panic(err) + } + + return client, sclient, nil } // New returns Runner instance. func New(cfg *config.Data) (_ runner.Runner, err error) { eg := errgroup.Get() - indexer, err := service.New() + client, sclient, err := getClients() + if err != nil { + return nil, fmt.Errorf("failed to get kubernetes client: %w", err) + } + + // TODO: この辺はconfigから取得するようにする + rotator, err := service.New( + client, + sclient, + service.WithDeploymentPrefix("vald-agent-ngt-readreplica"), + service.WithNamespace("default"), + service.WithReplicaId(0), + service.WithPvcPrefix("vald-agent-ngt-readreplica-pvc"), + service.WithSnapshotPrefix("vald-agent-ngt-snapshot"), + service.WithVolumeName("vald-agent-ngt-readreplica-pvc"), + ) if err != nil { return nil, err } @@ -80,7 +127,7 @@ func New(cfg *config.Data) (_ runner.Runner, err error) { cfg: cfg, observability: obs, server: srv, - indexer: indexer, + rotator: rotator, }, nil } @@ -116,7 +163,7 @@ func (r *run) Start(ctx context.Context) (<-chan error, error) { log.Error(err) } }() - return r.indexer.Start(ctx) + return r.rotator.Start(ctx) })) r.eg.Go(safety.RecoverFunc(func() (err error) { From 93367605c2b31c22785014f98aa369bd2c7c3048 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 20 Nov 2023 07:58:42 +0000 Subject: [PATCH 05/51] Add readreplica rotate config --- cmd/index/job/readreplica/rotate/sample.yaml | 7 ++++--- internal/config/readreplica_rotate.go | 13 +++++++++++-- pkg/index/job/readreplica/rotate/usecase/rotate.go | 11 +++++------ 3 files changed, 20 insertions(+), 11 deletions(-) diff --git a/cmd/index/job/readreplica/rotate/sample.yaml b/cmd/index/job/readreplica/rotate/sample.yaml index fef8ef2d49..75218089b4 100644 --- a/cmd/index/job/readreplica/rotate/sample.yaml +++ b/cmd/index/job/readreplica/rotate/sample.yaml @@ -71,10 +71,11 @@ server_config: enabled: false key: /path/to/key rotator: - agent_port: 8081 - agent_name: "vald-agent-ngt" - agent_dns: vald-agent-ngt.default.svc.cluster.local agent_namespace: "default" + deployment_prefix: "vald-agent-ngt-readreplica" + snapshot_prefix: vald-agent-ngt-snapshot + pvc_prefix: "vald-agent-ngt-readreplica-pvc" + volume_name: "vald-agent-ngt-readreplica-pvc" observability: enabled: false otlp: diff --git a/internal/config/readreplica_rotate.go b/internal/config/readreplica_rotate.go index d3457923cd..24938f63d3 100644 --- a/internal/config/readreplica_rotate.go +++ b/internal/config/readreplica_rotate.go @@ -1,10 +1,19 @@ package config type ReadreplicaRotate struct { - AgentName string `json:"agent_name" yaml:"agent_name"` + AgentNamespace string `json:"agent_namespace" yaml:"agent_namespace"` + DeploymentPrefix string `json:"deployment_prefix" yaml:"deployment_prefix"` + SnapshotPrefix string `json:"snapshot_prefix" yaml:"snapshot_prefix"` + PvcPrefix string `json:"pvc_prefix" yaml:"pvc_prefix"` + VolumeName string `json:"volume_name" yaml:"volume_name"` } func (r *ReadreplicaRotate) Bind() *ReadreplicaRotate { - r.AgentName = GetActualValue(r.AgentName) + r.AgentNamespace = GetActualValue(r.AgentNamespace) + r.DeploymentPrefix = GetActualValue(r.DeploymentPrefix) + r.SnapshotPrefix = GetActualValue(r.SnapshotPrefix) + r.PvcPrefix = GetActualValue(r.PvcPrefix) + r.VolumeName = GetActualValue(r.VolumeName) + return r } diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index 0126853345..c95d4a6ff7 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -82,16 +82,15 @@ func New(cfg *config.Data) (_ runner.Runner, err error) { return nil, fmt.Errorf("failed to get kubernetes client: %w", err) } - // TODO: この辺はconfigから取得するようにする rotator, err := service.New( client, sclient, - service.WithDeploymentPrefix("vald-agent-ngt-readreplica"), - service.WithNamespace("default"), + service.WithDeploymentPrefix(cfg.ReadreplicaRotate.DeploymentPrefix), + service.WithNamespace(cfg.ReadreplicaRotate.AgentNamespace), service.WithReplicaId(0), - service.WithPvcPrefix("vald-agent-ngt-readreplica-pvc"), - service.WithSnapshotPrefix("vald-agent-ngt-snapshot"), - service.WithVolumeName("vald-agent-ngt-readreplica-pvc"), + service.WithPvcPrefix(cfg.ReadreplicaRotate.PvcPrefix), + service.WithSnapshotPrefix(cfg.ReadreplicaRotate.SnapshotPrefix), + service.WithVolumeName(cfg.ReadreplicaRotate.VolumeName), ) if err != nil { return nil, err From 747cf923ea745a0d7e4a7c9763129714a0d9fd85 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Tue, 21 Nov 2023 09:28:52 +0000 Subject: [PATCH 06/51] Refactor to read labels --- cmd/index/job/readreplica/rotate/sample.yaml | 5 +- internal/config/readreplica_rotate.go | 16 ++-- .../job/readreplica/rotate/service/options.go | 26 ++---- .../job/readreplica/rotate/service/rotator.go | 83 +++++++++++-------- .../job/readreplica/rotate/usecase/rotate.go | 6 +- 5 files changed, 66 insertions(+), 70 deletions(-) diff --git a/cmd/index/job/readreplica/rotate/sample.yaml b/cmd/index/job/readreplica/rotate/sample.yaml index 75218089b4..ca4b50d6e4 100644 --- a/cmd/index/job/readreplica/rotate/sample.yaml +++ b/cmd/index/job/readreplica/rotate/sample.yaml @@ -72,9 +72,8 @@ server_config: key: /path/to/key rotator: agent_namespace: "default" - deployment_prefix: "vald-agent-ngt-readreplica" - snapshot_prefix: vald-agent-ngt-snapshot - pvc_prefix: "vald-agent-ngt-readreplica-pvc" + read_replica_label_key: "vald-readreplica-id" + read_replica_id: "0" volume_name: "vald-agent-ngt-readreplica-pvc" observability: enabled: false diff --git a/internal/config/readreplica_rotate.go b/internal/config/readreplica_rotate.go index 24938f63d3..025c88cc26 100644 --- a/internal/config/readreplica_rotate.go +++ b/internal/config/readreplica_rotate.go @@ -1,19 +1,17 @@ package config type ReadreplicaRotate struct { - AgentNamespace string `json:"agent_namespace" yaml:"agent_namespace"` - DeploymentPrefix string `json:"deployment_prefix" yaml:"deployment_prefix"` - SnapshotPrefix string `json:"snapshot_prefix" yaml:"snapshot_prefix"` - PvcPrefix string `json:"pvc_prefix" yaml:"pvc_prefix"` - VolumeName string `json:"volume_name" yaml:"volume_name"` + AgentNamespace string `json:"agent_namespace" yaml:"agent_namespace"` + ReadReplicaLabelKey string `json:"read_replica_label_key" yaml:"read_replica_label_key"` + ReadReplicaId string `json:"read_replica_id" yaml:"read_replica_id"` + VolumeName string `json:"volume_name" yaml:"volume_name"` } func (r *ReadreplicaRotate) Bind() *ReadreplicaRotate { r.AgentNamespace = GetActualValue(r.AgentNamespace) - r.DeploymentPrefix = GetActualValue(r.DeploymentPrefix) - r.SnapshotPrefix = GetActualValue(r.SnapshotPrefix) - r.PvcPrefix = GetActualValue(r.PvcPrefix) + r.ReadReplicaLabelKey = GetActualValue(r.ReadReplicaLabelKey) + r.ReadReplicaId = GetActualValue(r.ReadReplicaId) r.VolumeName = GetActualValue(r.VolumeName) - + return r } diff --git a/pkg/index/job/readreplica/rotate/service/options.go b/pkg/index/job/readreplica/rotate/service/options.go index e75d1a410d..ca34e91f6a 100644 --- a/pkg/index/job/readreplica/rotate/service/options.go +++ b/pkg/index/job/readreplica/rotate/service/options.go @@ -18,9 +18,9 @@ type Option func(_ *rotator) error var defaultOpts = []Option{} -func WithReplicaId(id int) Option { +func WithReplicaId(id string) Option { return func(r *rotator) error { - r.replicaid = id + r.readReplicaId = id return nil } } @@ -32,30 +32,16 @@ func WithNamespace(ns string) Option { } } -func WithDeploymentPrefix(dp string) Option { - return func(r *rotator) error { - r.deploymentPrefix = dp - return nil - } -} - -func WithSnapshotPrefix(sp string) Option { - return func(r *rotator) error { - r.snapshotPrefix = sp - return nil - } -} - -func WithPvcPrefix(pp string) Option { +func WithVolumeName(vn string) Option { return func(r *rotator) error { - r.pvcPrefix = pp + r.volumeName = vn return nil } } -func WithVolumeName(vn string) Option { +func WithReadReplicaLabelKey(key string) Option { return func(r *rotator) error { - r.volumeName = vn + r.readReplicaLabelKey = key return nil } } diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index cdd490ef15..2976a599d1 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -42,12 +42,10 @@ type Rotator interface { } type rotator struct { - replicaid int - namespace string - deploymentPrefix string - snapshotPrefix string - pvcPrefix string - volumeName string + namespace string + volumeName string + readReplicaLabelKey string + readReplicaId string // TODO: この辺はconbenchがマージされたあと、GetClientとかで引っ張ってくる clientset *kubernetes.Clientset sClientset *snapshotclient.Clientset @@ -141,26 +139,23 @@ func (r *rotator) rotate(ctx context.Context) error { func (r *rotator) createSnapshot(ctx context.Context) (new, old *snapshotv1.VolumeSnapshot, err error) { snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(r.namespace) - list, err := snapshotInterface.List(ctx, metav1.ListOptions{}) + list, err := snapshotInterface.List(ctx, metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), + }) if err != nil { return nil, nil, err } - - snapshotname := fmt.Sprintf("%s-%d", r.snapshotPrefix, r.replicaid) - for _, snap := range list.Items { - if strings.HasPrefix(snap.Name, snapshotname) { - old = &snap - break - } - } - if old == nil { + if len(list.Items) == 0 { return nil, nil, fmt.Errorf("old snapshot not found") } + old = &list.Items[0] + newNameBase := getNewBaseName(old.GetObjectMeta().GetName()) new = &snapshotv1.VolumeSnapshot{ ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf(snapshotname+"-%d", time.Now().Unix()), - Namespace: old.Namespace, + Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), + Namespace: old.GetNamespace(), + Labels: old.GetObjectMeta().GetLabels(), }, Spec: old.Spec, } @@ -174,26 +169,25 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *snapshotv1.Volu func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old *v1.PersistentVolumeClaim, err error) { pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) - list, err := pvcInterface.List(ctx, metav1.ListOptions{}) + list, err := pvcInterface.List(ctx, metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), + }) if err != nil { return nil, nil, err } - - pvcname := fmt.Sprintf("%s-%d", r.pvcPrefix, r.replicaid) - for _, pvc := range list.Items { - if strings.HasPrefix(pvc.Name, pvcname) { - old = &pvc - break - } - } - if old == nil { + if len(list.Items) == 0 { return nil, nil, fmt.Errorf("old pvc not found") } + old = &list.Items[0] + newNameBase := getNewBaseName(old.GetObjectMeta().GetName()) + + // remove timestamp from old pvc name new = &v1.PersistentVolumeClaim{ ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf(pvcname+"-%d", time.Now().Unix()), - Namespace: old.Namespace, + Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), + Namespace: old.GetNamespace(), + Labels: old.GetObjectMeta().GetLabels(), }, Spec: v1.PersistentVolumeClaimSpec{ AccessModes: old.Spec.AccessModes, @@ -216,12 +210,17 @@ func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old * func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { deploymentInterface := r.clientset.AppsV1().Deployments(r.namespace) - deploymentname := fmt.Sprintf("%s-%d", r.deploymentPrefix, r.replicaid) - deployment, err := deploymentInterface.Get(ctx, deploymentname, metav1.GetOptions{}) + list, err := deploymentInterface.List(ctx, metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), + }) if err != nil { return err } + if len(list.Items) == 0 { + return fmt.Errorf("deployment not found") + } + deployment := &list.Items[0] if deployment.Spec.Template.ObjectMeta.Annotations == nil { deployment.Spec.Template.ObjectMeta.Annotations = map[string]string{} } @@ -244,7 +243,9 @@ func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { func (r *rotator) deleteSnapshot(ctx context.Context, snapshot string) error { snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(r.namespace) - watcher, err := snapshotInterface.Watch(ctx, metav1.ListOptions{}) + watcher, err := snapshotInterface.Watch(ctx, metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), + }) if err != nil { return fmt.Errorf("failed to watch snapshot: %w", err) } @@ -279,7 +280,9 @@ func (r *rotator) deleteSnapshot(ctx context.Context, snapshot string) error { func (r *rotator) deletePVC(ctx context.Context, pvc string) error { pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) - watcher, err := pvcInterface.Watch(ctx, metav1.ListOptions{}) + watcher, err := pvcInterface.Watch(ctx, metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), + }) if err != nil { return fmt.Errorf("failed to watch PVC: %w", err) } @@ -310,3 +313,15 @@ func (r *rotator) deletePVC(ctx context.Context, pvc string) error { return eg.Wait() } + +func getNewBaseName(old string) string { + splits := strings.SplitAfter(old, "-") + newNameBase := old + "-" + // if this is not the first rotation, remove timestamp from the name + // e.g. vald-agent-ngt-readreplica-0 -> the last element will be "0" which len is 1 + // so this means this is the first rotation + if len(splits[len(splits)-1]) != 1 { + newNameBase = strings.Join(splits[:len(splits)-1], "") + } + return newNameBase +} diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index c95d4a6ff7..14e972ffba 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -85,11 +85,9 @@ func New(cfg *config.Data) (_ runner.Runner, err error) { rotator, err := service.New( client, sclient, - service.WithDeploymentPrefix(cfg.ReadreplicaRotate.DeploymentPrefix), service.WithNamespace(cfg.ReadreplicaRotate.AgentNamespace), - service.WithReplicaId(0), - service.WithPvcPrefix(cfg.ReadreplicaRotate.PvcPrefix), - service.WithSnapshotPrefix(cfg.ReadreplicaRotate.SnapshotPrefix), + service.WithReplicaId(cfg.ReadreplicaRotate.ReadReplicaId), + service.WithReadReplicaLabelKey(cfg.ReadreplicaRotate.ReadReplicaLabelKey), service.WithVolumeName(cfg.ReadreplicaRotate.VolumeName), ) if err != nil { From 57812e246a30e9bdd337185c57192746b2a99d65 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 01:51:24 +0000 Subject: [PATCH 07/51] replace id to _MY_TARGET_REPLICA_ID_ --- cmd/index/job/readreplica/rotate/sample.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/index/job/readreplica/rotate/sample.yaml b/cmd/index/job/readreplica/rotate/sample.yaml index ca4b50d6e4..e68914cabb 100644 --- a/cmd/index/job/readreplica/rotate/sample.yaml +++ b/cmd/index/job/readreplica/rotate/sample.yaml @@ -73,7 +73,7 @@ server_config: rotator: agent_namespace: "default" read_replica_label_key: "vald-readreplica-id" - read_replica_id: "0" + read_replica_id: "_MY_TARGET_REPLICA_ID_" volume_name: "vald-agent-ngt-readreplica-pvc" observability: enabled: false From 4a4842285d83d3574deb475055718f6667d22f08 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 02:29:00 +0000 Subject: [PATCH 08/51] Add snapshot k8s client --- internal/k8s/snapshot/client/client.go | 98 ++++++++++++++++++++++++++ internal/k8s/snapshot/client/option.go | 29 ++++++++ 2 files changed, 127 insertions(+) create mode 100644 internal/k8s/snapshot/client/client.go create mode 100644 internal/k8s/snapshot/client/option.go diff --git a/internal/k8s/snapshot/client/client.go b/internal/k8s/snapshot/client/client.go new file mode 100644 index 0000000000..e37faac87c --- /dev/null +++ b/internal/k8s/snapshot/client/client.go @@ -0,0 +1,98 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package client + +import ( + "context" + "fmt" + "os" + "path/filepath" + + snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + watch "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/tools/clientcmd" +) + +type ( + ListOptions = metav1.ListOptions + CreateOptions = metav1.CreateOptions + DeleteOptions = metav1.DeleteOptions + Lists = snapshotv1.VolumeSnapshotList + VolumeSnapshot = snapshotv1.VolumeSnapshot + Wacher = watch.Interface +) + +type Client interface { + List(context.Context, ListOptions) (*Lists, error) + Create(context.Context, *VolumeSnapshot, CreateOptions) (*VolumeSnapshot, error) + Watch(context.Context, ListOptions) (watch.Interface, error) + Delete(context.Context, string, DeleteOptions) error +} + +type client struct { + sClientset *snapshotclient.Clientset + namespace string +} + +// check if client implements Client interface +var _ Client = (*client)(nil) + +func New(opts ...Option) (Client, error) { + c := new(client) + for _, opt := range append(defaultOpts, opts...) { + if err := opt(c); err != nil { + return nil, err + } + } + + // Get client + // FIXME: use incluster config + homeDir, err := os.UserHomeDir() + if err != nil { + return nil, fmt.Errorf("failed to get user home dir: %w", err) + } + + kubeconfig := filepath.Join(homeDir, ".kube", "config") + + cfg, err := clientcmd.BuildConfigFromFlags("", kubeconfig) + if err != nil { + return nil, fmt.Errorf("failed to build config from flags: %w", err) + } + + sclient, err := snapshotclient.NewForConfig(cfg) + if err != nil { + return nil, fmt.Errorf("failed to create snapshot client: %w", err) + } + c.sClientset = sclient + + return c, nil +} + +func (c *client) List(ctx context.Context, options ListOptions) (*Lists, error) { + return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).List(ctx, options) +} + +func (c *client) Create(ctx context.Context, snapshot *VolumeSnapshot, options CreateOptions) (*VolumeSnapshot, error) { + return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).Create(ctx, snapshot, options) +} + +func (c *client) Watch(ctx context.Context, options ListOptions) (Wacher, error) { + return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).Watch(ctx, options) +} + +func (c *client) Delete(ctx context.Context, name string, options DeleteOptions) error { + return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).Delete(ctx, name, options) +} diff --git a/internal/k8s/snapshot/client/option.go b/internal/k8s/snapshot/client/option.go new file mode 100644 index 0000000000..fcb7efb98a --- /dev/null +++ b/internal/k8s/snapshot/client/option.go @@ -0,0 +1,29 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package client + +type Option func(*client) error + +var defaultOptions = []Option{ + WithNamespace("default"), +} + +func WithNamespace(ns string) Option { + return func(c *client) error { + if ns != "" { + c.namespace = ns + } + return nil + } +} From 45cc8e4bde753ba4066d88927a3c073227a2dd8e Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 02:29:05 +0000 Subject: [PATCH 09/51] Format --- internal/config/readreplica_rotate.go | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/internal/config/readreplica_rotate.go b/internal/config/readreplica_rotate.go index 025c88cc26..6975428120 100644 --- a/internal/config/readreplica_rotate.go +++ b/internal/config/readreplica_rotate.go @@ -1,10 +1,23 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. package config type ReadreplicaRotate struct { - AgentNamespace string `json:"agent_namespace" yaml:"agent_namespace"` + AgentNamespace string `json:"agent_namespace" yaml:"agent_namespace"` ReadReplicaLabelKey string `json:"read_replica_label_key" yaml:"read_replica_label_key"` - ReadReplicaId string `json:"read_replica_id" yaml:"read_replica_id"` - VolumeName string `json:"volume_name" yaml:"volume_name"` + ReadReplicaId string `json:"read_replica_id" yaml:"read_replica_id"` + VolumeName string `json:"volume_name" yaml:"volume_name"` } func (r *ReadreplicaRotate) Bind() *ReadreplicaRotate { From bb14dabfcba25d029670ae20ab5bf49dfdb97602 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 02:50:10 +0000 Subject: [PATCH 10/51] Fix snapshot client initialization --- internal/k8s/snapshot/client/option.go | 2 +- .../job/readreplica/rotate/service/rotator.go | 38 +++++++++---------- .../job/readreplica/rotate/usecase/rotate.go | 13 ++----- 3 files changed, 22 insertions(+), 31 deletions(-) diff --git a/internal/k8s/snapshot/client/option.go b/internal/k8s/snapshot/client/option.go index fcb7efb98a..ce1a578f37 100644 --- a/internal/k8s/snapshot/client/option.go +++ b/internal/k8s/snapshot/client/option.go @@ -15,7 +15,7 @@ package client type Option func(*client) error -var defaultOptions = []Option{ +var defaultOpts = []Option{ WithNamespace("default"), } diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index 2976a599d1..6fe30d40b1 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -20,9 +20,8 @@ import ( "strings" "time" - snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" - snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" "github.com/vdaas/vald/internal/errors" + sclient "github.com/vdaas/vald/internal/k8s/snapshot/client" "github.com/vdaas/vald/internal/log" "github.com/vdaas/vald/internal/observability/trace" "github.com/vdaas/vald/internal/sync/errgroup" @@ -47,23 +46,18 @@ type rotator struct { readReplicaLabelKey string readReplicaId string // TODO: この辺はconbenchがマージされたあと、GetClientとかで引っ張ってくる - clientset *kubernetes.Clientset - sClientset *snapshotclient.Clientset + clientset *kubernetes.Clientset + sClient sclient.Client } // New returns Indexer object if no error occurs. -func New(clientset *kubernetes.Clientset, sClientset *snapshotclient.Clientset, opts ...Option) (Rotator, error) { +func New(clientset *kubernetes.Clientset, opts ...Option) (Rotator, error) { r := new(rotator) if clientset == nil { return nil, fmt.Errorf("clientset is nil") } - if sClientset == nil { - return nil, fmt.Errorf("snapshot clientset is nil") - } - r.clientset = clientset - r.sClientset = sClientset for _, opt := range append(defaultOpts, opts...) { if err := opt(r); err != nil { @@ -76,6 +70,13 @@ func New(clientset *kubernetes.Clientset, sClientset *snapshotclient.Clientset, log.Warn(oerr) } } + + sclient, err := sclient.New(sclient.WithNamespace(r.namespace)) + if err != nil { + return nil, fmt.Errorf("failed to create snapshot client: %w", err) + } + r.sClient = sclient + return r, nil } @@ -136,10 +137,8 @@ func (r *rotator) rotate(ctx context.Context) error { return nil } -func (r *rotator) createSnapshot(ctx context.Context) (new, old *snapshotv1.VolumeSnapshot, err error) { - snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(r.namespace) - - list, err := snapshotInterface.List(ctx, metav1.ListOptions{ +func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeSnapshot, err error) { + list, err := r.sClient.List(ctx, sclient.ListOptions{ LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), }) if err != nil { @@ -151,7 +150,7 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *snapshotv1.Volu old = &list.Items[0] newNameBase := getNewBaseName(old.GetObjectMeta().GetName()) - new = &snapshotv1.VolumeSnapshot{ + new = &sclient.VolumeSnapshot{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), Namespace: old.GetNamespace(), @@ -160,10 +159,11 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *snapshotv1.Volu Spec: old.Spec, } - new, err = snapshotInterface.Create(ctx, new, metav1.CreateOptions{}) + new, err = r.sClient.Create(ctx, new, sclient.CreateOptions{}) if err != nil { return nil, nil, fmt.Errorf("failed to create snapshot: %w", err) } + return new, old, nil } @@ -241,9 +241,7 @@ func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { } func (r *rotator) deleteSnapshot(ctx context.Context, snapshot string) error { - snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(r.namespace) - - watcher, err := snapshotInterface.Watch(ctx, metav1.ListOptions{ + watcher, err := r.sClient.Watch(ctx, sclient.ListOptions{ LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), }) if err != nil { @@ -269,7 +267,7 @@ func (r *rotator) deleteSnapshot(ctx context.Context, snapshot string) error { } }) - err = snapshotInterface.Delete(ctx, snapshot, metav1.DeleteOptions{}) + err = r.sClient.Delete(ctx, snapshot, sclient.DeleteOptions{}) if err != nil { return fmt.Errorf("failed to delete snapshot: %w", err) } diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index 14e972ffba..09badc02d2 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -20,7 +20,6 @@ import ( "path/filepath" "syscall" - snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" iconfig "github.com/vdaas/vald/internal/config" "github.com/vdaas/vald/internal/errors" "github.com/vdaas/vald/internal/log" @@ -47,7 +46,7 @@ type run struct { } // FIXME: get clients from internal/k8s -func getClients() (*kubernetes.Clientset, *snapshotclient.Clientset, error) { +func getClients() (*kubernetes.Clientset, error) { homeDir, err := os.UserHomeDir() if err != nil { panic(err) @@ -65,26 +64,20 @@ func getClients() (*kubernetes.Clientset, *snapshotclient.Clientset, error) { panic(err) } - sclient, err := snapshotclient.NewForConfig(cfg) - if err != nil { - panic(err) - } - - return client, sclient, nil + return client, nil } // New returns Runner instance. func New(cfg *config.Data) (_ runner.Runner, err error) { eg := errgroup.Get() - client, sclient, err := getClients() + client, err := getClients() if err != nil { return nil, fmt.Errorf("failed to get kubernetes client: %w", err) } rotator, err := service.New( client, - sclient, service.WithNamespace(cfg.ReadreplicaRotate.AgentNamespace), service.WithReplicaId(cfg.ReadreplicaRotate.ReadReplicaId), service.WithReadReplicaLabelKey(cfg.ReadreplicaRotate.ReadReplicaLabelKey), From 162a78628314dbd66a795f1092be0d38d86c82d5 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 02:51:30 +0000 Subject: [PATCH 11/51] Add Apache License to main.go --- example/readreplica/cmd/main.go | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/example/readreplica/cmd/main.go b/example/readreplica/cmd/main.go index 7dc3014e0d..5ee5c4866c 100644 --- a/example/readreplica/cmd/main.go +++ b/example/readreplica/cmd/main.go @@ -1,3 +1,16 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. package main import ( From 9a93754d4f8d033a96d8c0d5f971ef6b45c50966 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 05:32:25 +0000 Subject: [PATCH 12/51] Use GetConfigOrDie --- .../job/readreplica/rotate/usecase/rotate.go | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index 09badc02d2..92ca50c4b2 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -17,7 +17,6 @@ import ( "context" "fmt" "os" - "path/filepath" "syscall" iconfig "github.com/vdaas/vald/internal/config" @@ -34,7 +33,7 @@ import ( "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/config" "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/service" "k8s.io/client-go/kubernetes" - "k8s.io/client-go/tools/clientcmd" + ctrl "sigs.k8s.io/controller-runtime" ) type run struct { @@ -47,18 +46,7 @@ type run struct { // FIXME: get clients from internal/k8s func getClients() (*kubernetes.Clientset, error) { - homeDir, err := os.UserHomeDir() - if err != nil { - panic(err) - } - - kubeconfig := filepath.Join(homeDir, ".kube", "config") - - cfg, err := clientcmd.BuildConfigFromFlags("", kubeconfig) - if err != nil { - panic(err) - } - + cfg := ctrl.GetConfigOrDie() client, err := kubernetes.NewForConfig(cfg) if err != nil { panic(err) From eed7522360fb696cad9ce75ad527c164193449a4 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 07:24:55 +0000 Subject: [PATCH 13/51] Use internal/k8s client --- internal/k8s/client/client.go | 80 +++++++++++++++++++ internal/k8s/client/option.go | 39 +++++++++ .../job/readreplica/rotate/service/rotator.go | 64 +++++++++++---- 3 files changed, 166 insertions(+), 17 deletions(-) create mode 100644 internal/k8s/client/client.go create mode 100644 internal/k8s/client/option.go diff --git a/internal/k8s/client/client.go b/internal/k8s/client/client.go new file mode 100644 index 0000000000..ce566f7d14 --- /dev/null +++ b/internal/k8s/client/client.go @@ -0,0 +1,80 @@ +package client + +import ( + "context" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + cli "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/manager" +) + +type ( + Object = cli.Object + ObjectKey = cli.ObjectKey + DeleteAllOfOptions = cli.DeleteAllOfOptions + DeleteOptions = cli.DeleteOptions + ListOptions = cli.ListOptions + ListOption = cli.ListOption + MatchingLabels = cli.MatchingLabels + InNamespace = cli.InNamespace +) + +const ( + DeletePropagationBackground = metav1.DeletePropagationBackground +) + +type Client interface { + // Get retrieves an obj for the given object key from the Kubernetes Cluster. + // obj must be a struct pointer so that obj can be updated with the response + // returned by the Server. + Get(ctx context.Context, name string, namespace string, obj cli.Object, opts ...cli.GetOption) error + // List retrieves list of objects for a given namespace and list options. On a + // successful call, Items field in the list will be populated with the + // result returned from the server. + List(ctx context.Context, list cli.ObjectList, opts ...cli.ListOption) error +} + +type client struct { + scheme *runtime.Scheme + reader cli.Reader +} + +func New(opts ...Option) (Client, error) { + c := new(client) + if c.scheme == nil { + c.scheme = runtime.NewScheme() + } + + for _, opt := range opts { + if err := opt(c); err != nil { + return nil, err + } + } + + mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), manager.Options{ + Scheme: c.scheme, + }) + if err != nil { + return nil, err + } + c.reader = mgr.GetAPIReader() + return c, nil +} + +func (c *client) Get(ctx context.Context, name, namespace string, obj cli.Object, opts ...cli.GetOption) error { + return c.reader.Get( + ctx, + cli.ObjectKey{ + Name: name, + Namespace: namespace, + }, + obj, + opts..., + ) +} + +func (c *client) List(ctx context.Context, list cli.ObjectList, opts ...cli.ListOption) error { + return c.reader.List(ctx, list, opts...) +} diff --git a/internal/k8s/client/option.go b/internal/k8s/client/option.go new file mode 100644 index 0000000000..db1f995046 --- /dev/null +++ b/internal/k8s/client/option.go @@ -0,0 +1,39 @@ +// +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +// Package client is Kubernetes client for getting resource from Kubernetes cluster. +package client + +import ( + "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +type Option func(*client) error + +func WithSchemeBuilder(sb scheme.Builder) Option { + return func(c *client) error { + sb.AddToScheme(c.scheme) + return nil + } +} + +func WithRuntimeSchemeBuilder(sb runtime.SchemeBuilder) Option { + return func(c *client) error { + sb.AddToScheme(c.scheme) + return nil + } +} diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index 6fe30d40b1..7442881354 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -21,14 +21,20 @@ import ( "time" "github.com/vdaas/vald/internal/errors" + client "github.com/vdaas/vald/internal/k8s/client" sclient "github.com/vdaas/vald/internal/k8s/snapshot/client" "github.com/vdaas/vald/internal/log" "github.com/vdaas/vald/internal/observability/trace" "github.com/vdaas/vald/internal/sync/errgroup" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/selection" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/kubernetes" + + snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + appsv1 "k8s.io/api/apps/v1" ) const ( @@ -48,6 +54,7 @@ type rotator struct { // TODO: この辺はconbenchがマージされたあと、GetClientとかで引っ張ってくる clientset *kubernetes.Clientset sClient sclient.Client + client client.Client } // New returns Indexer object if no error occurs. @@ -71,6 +78,17 @@ func New(clientset *kubernetes.Clientset, opts ...Option) (Rotator, error) { } } + client, err := client.New( + // TODO: この辺のscheme定義はinternal/k8sに押し込んでaliasとして参照する + client.WithRuntimeSchemeBuilder(v1.SchemeBuilder), + client.WithRuntimeSchemeBuilder(appsv1.SchemeBuilder), + client.WithRuntimeSchemeBuilder(snapshotv1.SchemeBuilder), + ) + if err != nil { + return nil, fmt.Errorf("failed to create kubernetes client: %w", err) + } + r.client = client + sclient, err := sclient.New(sclient.WithNamespace(r.namespace)) if err != nil { return nil, fmt.Errorf("failed to create snapshot client: %w", err) @@ -138,14 +156,17 @@ func (r *rotator) rotate(ctx context.Context) error { } func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeSnapshot, err error) { - list, err := r.sClient.List(ctx, sclient.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), - }) + list := snapshotv1.VolumeSnapshotList{} + req, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) if err != nil { return nil, nil, err } - if len(list.Items) == 0 { - return nil, nil, fmt.Errorf("old snapshot not found") + opts := client.ListOptions{ + Namespace: r.namespace, + LabelSelector: labels.NewSelector().Add(*req), + } + if err := r.client.List(ctx, &list, &opts); err != nil { + return nil, nil, fmt.Errorf("failed to get snapshot: %w", err) } old = &list.Items[0] @@ -169,14 +190,19 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeS func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old *v1.PersistentVolumeClaim, err error) { pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) - list, err := pvcInterface.List(ctx, metav1.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), - }) + + list := v1.PersistentVolumeClaimList{} + // TODO: requirementとoptsは全体で使いまわせる + req, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) if err != nil { return nil, nil, err } - if len(list.Items) == 0 { - return nil, nil, fmt.Errorf("old pvc not found") + opts := client.ListOptions{ + Namespace: r.namespace, + LabelSelector: labels.NewSelector().Add(*req), + } + if err := r.client.List(ctx, &list, &opts); err != nil { + return nil, nil, fmt.Errorf("failed to get PVC: %w", err) } old = &list.Items[0] @@ -210,17 +236,21 @@ func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old * func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { deploymentInterface := r.clientset.AppsV1().Deployments(r.namespace) - list, err := deploymentInterface.List(ctx, metav1.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), - }) + list := appsv1.DeploymentList{} + requirement, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) if err != nil { return err } - if len(list.Items) == 0 { - return fmt.Errorf("deployment not found") + opt := client.ListOptions{ + Namespace: r.namespace, + LabelSelector: labels.NewSelector().Add(*requirement), + } + opt.LabelSelector.Add(*requirement) + if err := r.client.List(ctx, &list, &opt); err != nil { + return fmt.Errorf("failed to get deployment through client: %w", err) } - deployment := &list.Items[0] + deployment := list.Items[0] if deployment.Spec.Template.ObjectMeta.Annotations == nil { deployment.Spec.Template.ObjectMeta.Annotations = map[string]string{} } @@ -232,7 +262,7 @@ func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { } } - _, err = deploymentInterface.Update(ctx, deployment, metav1.UpdateOptions{}) + _, err = deploymentInterface.Update(ctx, &deployment, metav1.UpdateOptions{}) if err != nil { return err } From 1fdd3d2d486733f257ad97e7fd175b2a6c62db65 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 22 Nov 2023 07:31:57 +0000 Subject: [PATCH 14/51] Refactor --- .../job/readreplica/rotate/service/rotator.go | 49 +++++++------------ 1 file changed, 17 insertions(+), 32 deletions(-) diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index 7442881354..e4dc6f5050 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -55,6 +55,7 @@ type rotator struct { clientset *kubernetes.Clientset sClient sclient.Client client client.Client + listOpts client.ListOptions } // New returns Indexer object if no error occurs. @@ -78,7 +79,7 @@ func New(clientset *kubernetes.Clientset, opts ...Option) (Rotator, error) { } } - client, err := client.New( + c, err := client.New( // TODO: この辺のscheme定義はinternal/k8sに押し込んでaliasとして参照する client.WithRuntimeSchemeBuilder(v1.SchemeBuilder), client.WithRuntimeSchemeBuilder(appsv1.SchemeBuilder), @@ -87,7 +88,7 @@ func New(clientset *kubernetes.Clientset, opts ...Option) (Rotator, error) { if err != nil { return nil, fmt.Errorf("failed to create kubernetes client: %w", err) } - r.client = client + r.client = c sclient, err := sclient.New(sclient.WithNamespace(r.namespace)) if err != nil { @@ -95,6 +96,16 @@ func New(clientset *kubernetes.Clientset, opts ...Option) (Rotator, error) { } r.sClient = sclient + // Construct list options for the readreplica label + req, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) + if err != nil { + return nil, err + } + r.listOpts = client.ListOptions{ + Namespace: r.namespace, + LabelSelector: labels.NewSelector().Add(*req), + } + return r, nil } @@ -157,15 +168,7 @@ func (r *rotator) rotate(ctx context.Context) error { func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeSnapshot, err error) { list := snapshotv1.VolumeSnapshotList{} - req, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) - if err != nil { - return nil, nil, err - } - opts := client.ListOptions{ - Namespace: r.namespace, - LabelSelector: labels.NewSelector().Add(*req), - } - if err := r.client.List(ctx, &list, &opts); err != nil { + if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return nil, nil, fmt.Errorf("failed to get snapshot: %w", err) } @@ -192,16 +195,7 @@ func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old * pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) list := v1.PersistentVolumeClaimList{} - // TODO: requirementとoptsは全体で使いまわせる - req, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) - if err != nil { - return nil, nil, err - } - opts := client.ListOptions{ - Namespace: r.namespace, - LabelSelector: labels.NewSelector().Add(*req), - } - if err := r.client.List(ctx, &list, &opts); err != nil { + if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return nil, nil, fmt.Errorf("failed to get PVC: %w", err) } @@ -237,16 +231,7 @@ func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { deploymentInterface := r.clientset.AppsV1().Deployments(r.namespace) list := appsv1.DeploymentList{} - requirement, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) - if err != nil { - return err - } - opt := client.ListOptions{ - Namespace: r.namespace, - LabelSelector: labels.NewSelector().Add(*requirement), - } - opt.LabelSelector.Add(*requirement) - if err := r.client.List(ctx, &list, &opt); err != nil { + if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return fmt.Errorf("failed to get deployment through client: %w", err) } @@ -262,7 +247,7 @@ func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { } } - _, err = deploymentInterface.Update(ctx, &deployment, metav1.UpdateOptions{}) + _, err := deploymentInterface.Update(ctx, &deployment, metav1.UpdateOptions{}) if err != nil { return err } From b6f93f2bcb7ec30136b7a7d687b799cd58cf1743 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 04:19:33 +0000 Subject: [PATCH 15/51] Use controller-runtime for CRUD in readreplica --- cmd/index/job/readreplica/rotate/main.go | 1 - internal/k8s/client/client.go | 60 ++++++++- .../job/readreplica/rotate/service/options.go | 11 +- .../job/readreplica/rotate/service/rotator.go | 125 ++++++++++-------- .../job/readreplica/rotate/usecase/rotate.go | 2 +- 5 files changed, 130 insertions(+), 69 deletions(-) diff --git a/cmd/index/job/readreplica/rotate/main.go b/cmd/index/job/readreplica/rotate/main.go index d30acea13c..131ddf0676 100644 --- a/cmd/index/job/readreplica/rotate/main.go +++ b/cmd/index/job/readreplica/rotate/main.go @@ -57,4 +57,3 @@ func main() { return } } - diff --git a/internal/k8s/client/client.go b/internal/k8s/client/client.go index ce566f7d14..8a4e801412 100644 --- a/internal/k8s/client/client.go +++ b/internal/k8s/client/client.go @@ -1,3 +1,16 @@ +// Copyright (C) 2019-2023 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. package client import ( @@ -5,6 +18,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" ctrl "sigs.k8s.io/controller-runtime" cli "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/manager" @@ -17,6 +31,9 @@ type ( DeleteOptions = cli.DeleteOptions ListOptions = cli.ListOptions ListOption = cli.ListOption + CreateOption = cli.CreateOption + CreateOptions = cli.CreateOptions + UpdateOptions = cli.UpdateOptions MatchingLabels = cli.MatchingLabels InNamespace = cli.InNamespace ) @@ -33,12 +50,26 @@ type Client interface { // List retrieves list of objects for a given namespace and list options. On a // successful call, Items field in the list will be populated with the // result returned from the server. - List(ctx context.Context, list cli.ObjectList, opts ...cli.ListOption) error + List(ctx context.Context, list cli.ObjectList, opts ...ListOption) error + + // Create saves the object obj in the Kubernetes cluster. obj must be a + // struct pointer so that obj can be updated with the content returned by the Server. + Create(ctx context.Context, obj Object, opts ...CreateOption) error + + // Delete deletes the given obj from Kubernetes cluster. + Delete(ctx context.Context, obj Object, opts ...cli.DeleteOption) error + + // Update updates the given obj in the Kubernetes cluster. obj must be a + // struct pointer so that obj can be updated with the content returned by the Server. + Update(ctx context.Context, obj Object, opts ...cli.UpdateOption) error + + Watch(ctx context.Context, obj cli.ObjectList, opts ...ListOption) (watch.Interface, error) } type client struct { - scheme *runtime.Scheme - reader cli.Reader + scheme *runtime.Scheme + reader cli.Reader + withWatch cli.WithWatch } func New(opts ...Option) (Client, error) { @@ -60,6 +91,13 @@ func New(opts ...Option) (Client, error) { return nil, err } c.reader = mgr.GetAPIReader() + c.withWatch, err = cli.NewWithWatch(ctrl.GetConfigOrDie(), cli.Options{ + Scheme: c.scheme, + }) + if err != nil { + return nil, err + } + return c, nil } @@ -78,3 +116,19 @@ func (c *client) Get(ctx context.Context, name, namespace string, obj cli.Object func (c *client) List(ctx context.Context, list cli.ObjectList, opts ...cli.ListOption) error { return c.reader.List(ctx, list, opts...) } + +func (c *client) Create(ctx context.Context, obj Object, opts ...CreateOption) error { + return c.withWatch.Create(ctx, obj, opts...) +} + +func (c *client) Delete(ctx context.Context, obj Object, opts ...cli.DeleteOption) error { + return c.withWatch.Delete(ctx, obj, opts...) +} + +func (c *client) Update(ctx context.Context, obj Object, opts ...cli.UpdateOption) error { + return c.withWatch.Update(ctx, obj, opts...) +} + +func (c *client) Watch(ctx context.Context, obj cli.ObjectList, opts ...ListOption) (watch.Interface, error) { + return c.withWatch.Watch(ctx, obj, opts...) +} diff --git a/pkg/index/job/readreplica/rotate/service/options.go b/pkg/index/job/readreplica/rotate/service/options.go index ca34e91f6a..a0f5a6897e 100644 --- a/pkg/index/job/readreplica/rotate/service/options.go +++ b/pkg/index/job/readreplica/rotate/service/options.go @@ -16,13 +16,10 @@ package service // Option represents the functional option for index. type Option func(_ *rotator) error -var defaultOpts = []Option{} - -func WithReplicaId(id string) Option { - return func(r *rotator) error { - r.readReplicaId = id - return nil - } +var defaultOpts = []Option{ + WithNamespace("default"), + WithReadReplicaLabelKey("vald-readreplica-id"), + WithVolumeName("vald-agent-ngt-readreplica-pvc"), } func WithNamespace(ns string) Option { diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index e4dc6f5050..e141e23885 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -20,21 +20,20 @@ import ( "strings" "time" + snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" "github.com/vdaas/vald/internal/errors" client "github.com/vdaas/vald/internal/k8s/client" sclient "github.com/vdaas/vald/internal/k8s/snapshot/client" "github.com/vdaas/vald/internal/log" "github.com/vdaas/vald/internal/observability/trace" "github.com/vdaas/vald/internal/sync/errgroup" + appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/selection" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/kubernetes" - - snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" - appsv1 "k8s.io/api/apps/v1" ) const ( @@ -59,7 +58,7 @@ type rotator struct { } // New returns Indexer object if no error occurs. -func New(clientset *kubernetes.Clientset, opts ...Option) (Rotator, error) { +func New(clientset *kubernetes.Clientset, replicaId string, opts ...Option) (Rotator, error) { r := new(rotator) if clientset == nil { @@ -67,6 +66,11 @@ func New(clientset *kubernetes.Clientset, opts ...Option) (Rotator, error) { } r.clientset = clientset + if replicaId == "" { + return nil, fmt.Errorf("readreplica id is empty. it should be set via MY_TARGET_REPLICA_ID env var") + } + r.readReplicaId = replicaId + for _, opt := range append(defaultOpts, opts...) { if err := opt(r); err != nil { oerr := errors.ErrOptionFailed(err, reflect.ValueOf(opt)) @@ -135,30 +139,30 @@ func (r *rotator) rotate(ctx context.Context) error { newPvc, oldPvc, err := r.createPVC(ctx, newSnap.Name) if err != nil { log.Infof("failed to create PVC. removing the new snapshot(%v)...", newSnap.Name) - if dserr := r.deleteSnapshot(ctx, newSnap.Name); dserr != nil { + if dserr := r.deleteSnapshot(ctx, newSnap); dserr != nil { errors.Join(err, dserr) } return err } - err = r.updateDeployment(ctx, newPvc.Name) + err = r.updateDeployment(ctx, newPvc.GetName()) if err != nil { log.Infof("failed to update Deployment. removing the new snapshot(%v) and pvc(%v)...", newSnap.Name, newPvc.Name) - if dperr := r.deletePVC(ctx, newPvc.Name); dperr != nil { + if dperr := r.deletePVC(ctx, newPvc); dperr != nil { errors.Join(err, dperr) } - if dserr := r.deleteSnapshot(ctx, newSnap.Name); dserr != nil { + if dserr := r.deleteSnapshot(ctx, newSnap); dserr != nil { errors.Join(err, dserr) } return err } - err = r.deleteSnapshot(ctx, oldSnap.Name) + err = r.deleteSnapshot(ctx, oldSnap) if err != nil { return err } - err = r.deletePVC(ctx, oldPvc.Name) + err = r.deletePVC(ctx, oldPvc) if err != nil { return err } @@ -171,19 +175,23 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeS if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return nil, nil, fmt.Errorf("failed to get snapshot: %w", err) } + if len(list.Items) == 0 { + return nil, nil, fmt.Errorf("no snapshot found") + } - old = &list.Items[0] - newNameBase := getNewBaseName(old.GetObjectMeta().GetName()) + cur := &list.Items[0] + old = cur.DeepCopy() + newNameBase := getNewBaseName(cur.GetObjectMeta().GetName()) new = &sclient.VolumeSnapshot{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), - Namespace: old.GetNamespace(), - Labels: old.GetObjectMeta().GetLabels(), + Namespace: cur.GetNamespace(), + Labels: cur.GetObjectMeta().GetLabels(), }, - Spec: old.Spec, + Spec: cur.Spec, } - new, err = r.sClient.Create(ctx, new, sclient.CreateOptions{}) + err = r.client.Create(ctx, new, &client.CreateOptions{}) if err != nil { return nil, nil, fmt.Errorf("failed to create snapshot: %w", err) } @@ -192,48 +200,51 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeS } func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old *v1.PersistentVolumeClaim, err error) { - pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) - list := v1.PersistentVolumeClaimList{} if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return nil, nil, fmt.Errorf("failed to get PVC: %w", err) } + if len(list.Items) == 0 { + return nil, nil, fmt.Errorf("no PVC found") + } - old = &list.Items[0] - newNameBase := getNewBaseName(old.GetObjectMeta().GetName()) + cur := &list.Items[0] + old = cur.DeepCopy() + newNameBase := getNewBaseName(cur.GetObjectMeta().GetName()) // remove timestamp from old pvc name new = &v1.PersistentVolumeClaim{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), - Namespace: old.GetNamespace(), - Labels: old.GetObjectMeta().GetLabels(), + Namespace: cur.GetNamespace(), + Labels: cur.GetObjectMeta().GetLabels(), }, Spec: v1.PersistentVolumeClaimSpec{ - AccessModes: old.Spec.AccessModes, - Resources: old.Spec.Resources, + AccessModes: cur.Spec.AccessModes, + Resources: cur.Spec.Resources, DataSource: &v1.TypedLocalObjectReference{ Name: newSnapShot, - Kind: old.Spec.DataSource.Kind, - APIGroup: old.Spec.DataSource.APIGroup, + Kind: cur.Spec.DataSource.Kind, + APIGroup: cur.Spec.DataSource.APIGroup, }, }, } - new, err = pvcInterface.Create(ctx, new, metav1.CreateOptions{}) - if err != nil { - return nil, nil, fmt.Errorf("failed to create pvc: %w", err) + if err := r.client.Create(ctx, new, &client.CreateOptions{}); err != nil { + return nil, nil, fmt.Errorf("failed to create PVC(%s): %w", new.GetName(), err) } + return new, old, nil } func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { - deploymentInterface := r.clientset.AppsV1().Deployments(r.namespace) - list := appsv1.DeploymentList{} if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return fmt.Errorf("failed to get deployment through client: %w", err) } + if len(list.Items) == 0 { + return fmt.Errorf("no deployment found") + } deployment := list.Items[0] if deployment.Spec.Template.ObjectMeta.Annotations == nil { @@ -247,55 +258,56 @@ func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { } } - _, err := deploymentInterface.Update(ctx, &deployment, metav1.UpdateOptions{}) - if err != nil { - return err + if err := r.client.Update(ctx, &deployment, &client.UpdateOptions{}); err != nil { + return fmt.Errorf("failed to update deployment: %w", err) } return nil } -func (r *rotator) deleteSnapshot(ctx context.Context, snapshot string) error { - watcher, err := r.sClient.Watch(ctx, sclient.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), - }) +func (r *rotator) deleteSnapshot(ctx context.Context, snapshot *snapshotv1.VolumeSnapshot) error { + watcher, err := r.client.Watch(ctx, + &snapshotv1.VolumeSnapshotList{ + Items: []snapshotv1.VolumeSnapshot{*snapshot}, + }, + &r.listOpts, + ) if err != nil { - return fmt.Errorf("failed to watch snapshot: %w", err) + return fmt.Errorf("failed to watch snapshot(%s): %w", snapshot.GetName(), err) } defer watcher.Stop() eg, egctx := errgroup.New(ctx) eg.Go(func() error { - log.Infof("deleting volume snapshot(%v)...", snapshot) + log.Infof("deleting volume snapshot(%v)...", snapshot.GetName()) for { select { case <-egctx.Done(): return egctx.Err() case event := <-watcher.ResultChan(): if event.Type == watch.Deleted { - log.Infof("volume snapshot(%v) deleted", snapshot) + log.Infof("volume snapshot(%v) deleted", snapshot.GetName()) return nil } else { - log.Debugf("waching volume snapshot events. event: ", event.Type) + log.Debugf("waching volume snapshot(%s) events. event: ", snapshot.GetName(), event.Type) } } } }) - err = r.sClient.Delete(ctx, snapshot, sclient.DeleteOptions{}) - if err != nil { + if err := r.client.Delete(ctx, snapshot, &client.DeleteOptions{}); err != nil { return fmt.Errorf("failed to delete snapshot: %w", err) } - return eg.Wait() } -func (r *rotator) deletePVC(ctx context.Context, pvc string) error { - pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(r.namespace) - - watcher, err := pvcInterface.Watch(ctx, metav1.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s", r.readReplicaLabelKey, r.readReplicaId), - }) +func (r *rotator) deletePVC(ctx context.Context, pvc *v1.PersistentVolumeClaim) error { + watcher, err := r.client.Watch(ctx, + &v1.PersistentVolumeClaimList{ + Items: []v1.PersistentVolumeClaim{*pvc}, + }, + &r.listOpts, + ) if err != nil { return fmt.Errorf("failed to watch PVC: %w", err) } @@ -303,25 +315,24 @@ func (r *rotator) deletePVC(ctx context.Context, pvc string) error { eg, egctx := errgroup.New(ctx) eg.Go(func() error { - log.Infof("deleting PVC(%v)...", pvc) + log.Infof("deleting PVC(%s)...", pvc.GetName()) for { select { case <-egctx.Done(): return egctx.Err() case event := <-watcher.ResultChan(): if event.Type == watch.Deleted { - log.Infof("PVC(%v) deleted", pvc) + log.Infof("PVC(%s) deleted", pvc.GetName()) return nil } else { - log.Debugf("waching PVC events. event: %v", event.Type) + log.Debugf("waching PVC(%s) events. event: %v", pvc.GetName(), event.Type) } } } }) - err = pvcInterface.Delete(ctx, pvc, metav1.DeleteOptions{}) - if err != nil { - return fmt.Errorf("failed to delete PVC: %w", err) + if err := r.client.Delete(ctx, pvc); err != nil { + return fmt.Errorf("failed to delete PVC(%s): %w", pvc.GetName(), err) } return eg.Wait() diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index 92ca50c4b2..fd6e5ec946 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -66,8 +66,8 @@ func New(cfg *config.Data) (_ runner.Runner, err error) { rotator, err := service.New( client, + cfg.ReadreplicaRotate.ReadReplicaId, service.WithNamespace(cfg.ReadreplicaRotate.AgentNamespace), - service.WithReplicaId(cfg.ReadreplicaRotate.ReadReplicaId), service.WithReadReplicaLabelKey(cfg.ReadreplicaRotate.ReadReplicaLabelKey), service.WithVolumeName(cfg.ReadreplicaRotate.VolumeName), ) From b6d4580e6e03a3d8b99f04cabcd69f7a84fe4f52 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 04:33:56 +0000 Subject: [PATCH 16/51] Remove snapshot client and use controller-runtime --- internal/k8s/client/client.go | 3 + internal/k8s/snapshot/client/client.go | 98 ------------------- internal/k8s/snapshot/client/option.go | 29 ------ .../job/readreplica/rotate/service/rotator.go | 26 +---- .../job/readreplica/rotate/usecase/rotate.go | 20 ---- 5 files changed, 8 insertions(+), 168 deletions(-) delete mode 100644 internal/k8s/snapshot/client/client.go delete mode 100644 internal/k8s/snapshot/client/option.go diff --git a/internal/k8s/client/client.go b/internal/k8s/client/client.go index 8a4e801412..5b13de36da 100644 --- a/internal/k8s/client/client.go +++ b/internal/k8s/client/client.go @@ -16,6 +16,7 @@ package client import ( "context" + snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" @@ -36,6 +37,7 @@ type ( UpdateOptions = cli.UpdateOptions MatchingLabels = cli.MatchingLabels InNamespace = cli.InNamespace + VolumeSnapshot = snapshotv1.VolumeSnapshot ) const ( @@ -63,6 +65,7 @@ type Client interface { // struct pointer so that obj can be updated with the content returned by the Server. Update(ctx context.Context, obj Object, opts ...cli.UpdateOption) error + // Watch watches the given obj for changes and takes the appropriate callbacks. Watch(ctx context.Context, obj cli.ObjectList, opts ...ListOption) (watch.Interface, error) } diff --git a/internal/k8s/snapshot/client/client.go b/internal/k8s/snapshot/client/client.go deleted file mode 100644 index e37faac87c..0000000000 --- a/internal/k8s/snapshot/client/client.go +++ /dev/null @@ -1,98 +0,0 @@ -// Copyright (C) 2019-2023 vdaas.org vald team -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// You may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -package client - -import ( - "context" - "fmt" - "os" - "path/filepath" - - snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" - snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - watch "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/tools/clientcmd" -) - -type ( - ListOptions = metav1.ListOptions - CreateOptions = metav1.CreateOptions - DeleteOptions = metav1.DeleteOptions - Lists = snapshotv1.VolumeSnapshotList - VolumeSnapshot = snapshotv1.VolumeSnapshot - Wacher = watch.Interface -) - -type Client interface { - List(context.Context, ListOptions) (*Lists, error) - Create(context.Context, *VolumeSnapshot, CreateOptions) (*VolumeSnapshot, error) - Watch(context.Context, ListOptions) (watch.Interface, error) - Delete(context.Context, string, DeleteOptions) error -} - -type client struct { - sClientset *snapshotclient.Clientset - namespace string -} - -// check if client implements Client interface -var _ Client = (*client)(nil) - -func New(opts ...Option) (Client, error) { - c := new(client) - for _, opt := range append(defaultOpts, opts...) { - if err := opt(c); err != nil { - return nil, err - } - } - - // Get client - // FIXME: use incluster config - homeDir, err := os.UserHomeDir() - if err != nil { - return nil, fmt.Errorf("failed to get user home dir: %w", err) - } - - kubeconfig := filepath.Join(homeDir, ".kube", "config") - - cfg, err := clientcmd.BuildConfigFromFlags("", kubeconfig) - if err != nil { - return nil, fmt.Errorf("failed to build config from flags: %w", err) - } - - sclient, err := snapshotclient.NewForConfig(cfg) - if err != nil { - return nil, fmt.Errorf("failed to create snapshot client: %w", err) - } - c.sClientset = sclient - - return c, nil -} - -func (c *client) List(ctx context.Context, options ListOptions) (*Lists, error) { - return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).List(ctx, options) -} - -func (c *client) Create(ctx context.Context, snapshot *VolumeSnapshot, options CreateOptions) (*VolumeSnapshot, error) { - return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).Create(ctx, snapshot, options) -} - -func (c *client) Watch(ctx context.Context, options ListOptions) (Wacher, error) { - return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).Watch(ctx, options) -} - -func (c *client) Delete(ctx context.Context, name string, options DeleteOptions) error { - return c.sClientset.SnapshotV1().VolumeSnapshots(c.namespace).Delete(ctx, name, options) -} diff --git a/internal/k8s/snapshot/client/option.go b/internal/k8s/snapshot/client/option.go deleted file mode 100644 index ce1a578f37..0000000000 --- a/internal/k8s/snapshot/client/option.go +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright (C) 2019-2023 vdaas.org vald team -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// You may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -package client - -type Option func(*client) error - -var defaultOpts = []Option{ - WithNamespace("default"), -} - -func WithNamespace(ns string) Option { - return func(c *client) error { - if ns != "" { - c.namespace = ns - } - return nil - } -} diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index e141e23885..afe30b363c 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -23,7 +23,6 @@ import ( snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" "github.com/vdaas/vald/internal/errors" client "github.com/vdaas/vald/internal/k8s/client" - sclient "github.com/vdaas/vald/internal/k8s/snapshot/client" "github.com/vdaas/vald/internal/log" "github.com/vdaas/vald/internal/observability/trace" "github.com/vdaas/vald/internal/sync/errgroup" @@ -33,7 +32,6 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/selection" "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/kubernetes" ) const ( @@ -50,22 +48,14 @@ type rotator struct { volumeName string readReplicaLabelKey string readReplicaId string - // TODO: この辺はconbenchがマージされたあと、GetClientとかで引っ張ってくる - clientset *kubernetes.Clientset - sClient sclient.Client - client client.Client - listOpts client.ListOptions + client client.Client + listOpts client.ListOptions } // New returns Indexer object if no error occurs. -func New(clientset *kubernetes.Clientset, replicaId string, opts ...Option) (Rotator, error) { +func New(replicaId string, opts ...Option) (Rotator, error) { r := new(rotator) - if clientset == nil { - return nil, fmt.Errorf("clientset is nil") - } - r.clientset = clientset - if replicaId == "" { return nil, fmt.Errorf("readreplica id is empty. it should be set via MY_TARGET_REPLICA_ID env var") } @@ -94,12 +84,6 @@ func New(clientset *kubernetes.Clientset, replicaId string, opts ...Option) (Rot } r.client = c - sclient, err := sclient.New(sclient.WithNamespace(r.namespace)) - if err != nil { - return nil, fmt.Errorf("failed to create snapshot client: %w", err) - } - r.sClient = sclient - // Construct list options for the readreplica label req, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) if err != nil { @@ -170,7 +154,7 @@ func (r *rotator) rotate(ctx context.Context) error { return nil } -func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeSnapshot, err error) { +func (r *rotator) createSnapshot(ctx context.Context) (new, old *client.VolumeSnapshot, err error) { list := snapshotv1.VolumeSnapshotList{} if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return nil, nil, fmt.Errorf("failed to get snapshot: %w", err) @@ -182,7 +166,7 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *sclient.VolumeS cur := &list.Items[0] old = cur.DeepCopy() newNameBase := getNewBaseName(cur.GetObjectMeta().GetName()) - new = &sclient.VolumeSnapshot{ + new = &client.VolumeSnapshot{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), Namespace: cur.GetNamespace(), diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index fd6e5ec946..a90983c846 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -15,7 +15,6 @@ package usecase import ( "context" - "fmt" "os" "syscall" @@ -32,8 +31,6 @@ import ( "github.com/vdaas/vald/internal/sync/errgroup" "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/config" "github.com/vdaas/vald/pkg/index/job/readreplica/rotate/service" - "k8s.io/client-go/kubernetes" - ctrl "sigs.k8s.io/controller-runtime" ) type run struct { @@ -44,28 +41,11 @@ type run struct { rotator service.Rotator } -// FIXME: get clients from internal/k8s -func getClients() (*kubernetes.Clientset, error) { - cfg := ctrl.GetConfigOrDie() - client, err := kubernetes.NewForConfig(cfg) - if err != nil { - panic(err) - } - - return client, nil -} - // New returns Runner instance. func New(cfg *config.Data) (_ runner.Runner, err error) { eg := errgroup.Get() - client, err := getClients() - if err != nil { - return nil, fmt.Errorf("failed to get kubernetes client: %w", err) - } - rotator, err := service.New( - client, cfg.ReadreplicaRotate.ReadReplicaId, service.WithNamespace(cfg.ReadreplicaRotate.AgentNamespace), service.WithReadReplicaLabelKey(cfg.ReadreplicaRotate.ReadReplicaLabelKey), From 945fe76500c507b28c3094eebb7126a84c0d0851 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 05:18:43 +0000 Subject: [PATCH 17/51] Move LabelSelector into internal/k8s --- internal/k8s/client/client.go | 27 ++++++++++++++++++- internal/k8s/client/option.go | 8 ------ .../job/readreplica/rotate/service/rotator.go | 19 ++++--------- 3 files changed, 31 insertions(+), 23 deletions(-) diff --git a/internal/k8s/client/client.go b/internal/k8s/client/client.go index 5b13de36da..2f7c56b36d 100644 --- a/internal/k8s/client/client.go +++ b/internal/k8s/client/client.go @@ -15,11 +15,15 @@ package client import ( "context" + "fmt" snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/selection" "k8s.io/apimachinery/pkg/watch" + clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" cli "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/manager" @@ -42,13 +46,15 @@ type ( const ( DeletePropagationBackground = metav1.DeletePropagationBackground + WatchDeletedEvent = watch.Deleted + SelectionOpEquals = selection.Equals ) type Client interface { // Get retrieves an obj for the given object key from the Kubernetes Cluster. // obj must be a struct pointer so that obj can be updated with the response // returned by the Server. - Get(ctx context.Context, name string, namespace string, obj cli.Object, opts ...cli.GetOption) error + Get(ctx context.Context, name string, namespace string, obj Object, opts ...cli.GetOption) error // List retrieves list of objects for a given namespace and list options. On a // successful call, Items field in the list will be populated with the // result returned from the server. @@ -67,6 +73,9 @@ type Client interface { // Watch watches the given obj for changes and takes the appropriate callbacks. Watch(ctx context.Context, obj cli.ObjectList, opts ...ListOption) (watch.Interface, error) + + // LabelSelector creates labels.Selector for Options like ListOptions. + LabelSelector(key string, op selection.Operator, vals []string) (labels.Selector, error) } type client struct { @@ -87,6 +96,14 @@ func New(opts ...Option) (Client, error) { } } + // Add the core schemes + if err := clientgoscheme.AddToScheme(c.scheme); err != nil { + return nil, err + } + if err := snapshotv1.AddToScheme(c.scheme); err != nil { + return nil, err + } + mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), manager.Options{ Scheme: c.scheme, }) @@ -135,3 +152,11 @@ func (c *client) Update(ctx context.Context, obj Object, opts ...cli.UpdateOptio func (c *client) Watch(ctx context.Context, obj cli.ObjectList, opts ...ListOption) (watch.Interface, error) { return c.withWatch.Watch(ctx, obj, opts...) } + +func (c *client) LabelSelector(key string, op selection.Operator, vals []string) (labels.Selector, error) { + requirements, err := labels.NewRequirement(key, op, vals) + if err != nil { + return nil, fmt.Errorf("failed to create requirement on creating label selector: %w", err) + } + return labels.NewSelector().Add(*requirements), nil +} diff --git a/internal/k8s/client/option.go b/internal/k8s/client/option.go index db1f995046..b5eaf30c98 100644 --- a/internal/k8s/client/option.go +++ b/internal/k8s/client/option.go @@ -18,7 +18,6 @@ package client import ( - "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/scheme" ) @@ -30,10 +29,3 @@ func WithSchemeBuilder(sb scheme.Builder) Option { return nil } } - -func WithRuntimeSchemeBuilder(sb runtime.SchemeBuilder) Option { - return func(c *client) error { - sb.AddToScheme(c.scheme) - return nil - } -} diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index afe30b363c..8a63ecbb5f 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -29,9 +29,6 @@ import ( appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/selection" - "k8s.io/apimachinery/pkg/watch" ) const ( @@ -73,25 +70,19 @@ func New(replicaId string, opts ...Option) (Rotator, error) { } } - c, err := client.New( - // TODO: この辺のscheme定義はinternal/k8sに押し込んでaliasとして参照する - client.WithRuntimeSchemeBuilder(v1.SchemeBuilder), - client.WithRuntimeSchemeBuilder(appsv1.SchemeBuilder), - client.WithRuntimeSchemeBuilder(snapshotv1.SchemeBuilder), - ) + c, err := client.New() if err != nil { return nil, fmt.Errorf("failed to create kubernetes client: %w", err) } r.client = c - // Construct list options for the readreplica label - req, err := labels.NewRequirement(r.readReplicaLabelKey, selection.Equals, []string{r.readReplicaId}) + selector, err := c.LabelSelector(r.readReplicaLabelKey, client.SelectionOpEquals, []string{r.readReplicaId}) if err != nil { return nil, err } r.listOpts = client.ListOptions{ Namespace: r.namespace, - LabelSelector: labels.NewSelector().Add(*req), + LabelSelector: selector, } return r, nil @@ -269,7 +260,7 @@ func (r *rotator) deleteSnapshot(ctx context.Context, snapshot *snapshotv1.Volum case <-egctx.Done(): return egctx.Err() case event := <-watcher.ResultChan(): - if event.Type == watch.Deleted { + if event.Type == client.WatchDeletedEvent { log.Infof("volume snapshot(%v) deleted", snapshot.GetName()) return nil } else { @@ -305,7 +296,7 @@ func (r *rotator) deletePVC(ctx context.Context, pvc *v1.PersistentVolumeClaim) case <-egctx.Done(): return egctx.Err() case event := <-watcher.ResultChan(): - if event.Type == watch.Deleted { + if event.Type == client.WatchDeletedEvent { log.Infof("PVC(%s) deleted", pvc.GetName()) return nil } else { From 79f7de5fd5671c9752861f91dff2479616c4530f Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 05:26:22 +0000 Subject: [PATCH 18/51] Report error to span --- pkg/index/job/readreplica/rotate/service/rotator.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index 8a63ecbb5f..3708d8534c 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -98,7 +98,10 @@ func (r *rotator) Start(ctx context.Context) error { }() if err := r.rotate(ctx); err != nil { - // TODO: better error handling + if span != nil { + span.RecordError(err) + span.SetStatus(trace.StatusError, err.Error()) + } return err } From 167e704410ed93b7fb6c92da8b0c9418ac81831e Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 05:41:37 +0000 Subject: [PATCH 19/51] Update go modules --- go.mod | 252 ++++++++++++++-------------- go.sum | 515 ++++++++++++++++++++++++++++----------------------------- 2 files changed, 384 insertions(+), 383 deletions(-) diff --git a/go.mod b/go.mod index 8dee173bf2..fcf84e4b1e 100755 --- a/go.mod +++ b/go.mod @@ -3,28 +3,28 @@ module github.com/vdaas/vald go 1.21 replace ( - cloud.google.com/go => cloud.google.com/go v0.110.8 - cloud.google.com/go/bigquery => cloud.google.com/go/bigquery v1.56.0 - cloud.google.com/go/compute => cloud.google.com/go/compute v1.23.1 + cloud.google.com/go => cloud.google.com/go v0.110.10 + cloud.google.com/go/bigquery => cloud.google.com/go/bigquery v1.57.1 + cloud.google.com/go/compute => cloud.google.com/go/compute v1.23.3 cloud.google.com/go/datastore => cloud.google.com/go/datastore v1.15.0 - cloud.google.com/go/firestore => cloud.google.com/go/firestore v1.13.0 - cloud.google.com/go/iam => cloud.google.com/go/iam v1.1.3 - cloud.google.com/go/kms => cloud.google.com/go/kms v1.15.3 - cloud.google.com/go/monitoring => cloud.google.com/go/monitoring v1.16.1 + cloud.google.com/go/firestore => cloud.google.com/go/firestore v1.14.0 + cloud.google.com/go/iam => cloud.google.com/go/iam v1.1.5 + cloud.google.com/go/kms => cloud.google.com/go/kms v1.15.5 + cloud.google.com/go/monitoring => cloud.google.com/go/monitoring v1.16.3 cloud.google.com/go/pubsub => cloud.google.com/go/pubsub v1.33.0 - cloud.google.com/go/secretmanager => cloud.google.com/go/secretmanager v1.11.2 - cloud.google.com/go/storage => cloud.google.com/go/storage v1.33.0 - cloud.google.com/go/trace => cloud.google.com/go/trace v1.10.2 - code.cloudfoundry.org/bytefmt => code.cloudfoundry.org/bytefmt v0.0.0-20230612151507-41ef4d1f67a4 + cloud.google.com/go/secretmanager => cloud.google.com/go/secretmanager v1.11.4 + cloud.google.com/go/storage => cloud.google.com/go/storage v1.35.1 + cloud.google.com/go/trace => cloud.google.com/go/trace v1.10.4 + code.cloudfoundry.org/bytefmt => code.cloudfoundry.org/bytefmt v0.0.0-20231017140541-3b893ed0421b contrib.go.opencensus.io/exporter/aws => contrib.go.opencensus.io/exporter/aws v0.0.0-20230502192102-15967c811cec contrib.go.opencensus.io/exporter/prometheus => contrib.go.opencensus.io/exporter/prometheus v0.4.2 contrib.go.opencensus.io/integrations/ocsql => contrib.go.opencensus.io/integrations/ocsql v0.1.7 git.sr.ht/~sbinet/gg => git.sr.ht/~sbinet/gg v0.5.0 github.com/Azure/azure-amqp-common-go/v3 => github.com/Azure/azure-amqp-common-go/v3 v3.2.3 github.com/Azure/azure-sdk-for-go => github.com/Azure/azure-sdk-for-go v68.0.0+incompatible - github.com/Azure/azure-sdk-for-go/sdk/azcore => github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0 + github.com/Azure/azure-sdk-for-go/sdk/azcore => github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 github.com/Azure/azure-sdk-for-go/sdk/azidentity => github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 - github.com/Azure/azure-sdk-for-go/sdk/internal => github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 + github.com/Azure/azure-sdk-for-go/sdk/internal => github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 github.com/Azure/go-amqp => github.com/Azure/go-amqp v1.0.2 github.com/Azure/go-autorest => github.com/Azure/go-autorest v14.2.1-0.20230905222633-df94ce56f001+incompatible github.com/Azure/go-autorest/autorest => github.com/Azure/go-autorest/autorest v0.11.30-0.20230905222633-df94ce56f001 @@ -36,36 +36,36 @@ replace ( github.com/Azure/go-autorest/tracing => github.com/Azure/go-autorest/tracing v0.6.1-0.20230905222633-df94ce56f001 github.com/BurntSushi/toml => github.com/BurntSushi/toml v1.3.2 github.com/DATA-DOG/go-sqlmock => github.com/DATA-DOG/go-sqlmock v1.5.0 - github.com/GoogleCloudPlatform/cloudsql-proxy => github.com/GoogleCloudPlatform/cloudsql-proxy v1.33.11 + github.com/GoogleCloudPlatform/cloudsql-proxy => github.com/GoogleCloudPlatform/cloudsql-proxy v1.33.14 github.com/Masterminds/semver/v3 => github.com/Masterminds/semver/v3 v3.2.1 github.com/ajstarks/deck => github.com/ajstarks/deck v0.0.0-20231012031509-f833e437b68a github.com/ajstarks/deck/generate => github.com/ajstarks/deck/generate v0.0.0-20231012031509-f833e437b68a github.com/ajstarks/svgo => github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b github.com/antihax/optional => github.com/antihax/optional v1.0.0 github.com/armon/go-socks5 => github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 - github.com/aws/aws-sdk-go => github.com/aws/aws-sdk-go v1.45.26 - github.com/aws/aws-sdk-go-v2 => github.com/aws/aws-sdk-go-v2 v1.21.2 - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream => github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.14 - github.com/aws/aws-sdk-go-v2/config => github.com/aws/aws-sdk-go-v2/config v1.19.0 - github.com/aws/aws-sdk-go-v2/credentials => github.com/aws/aws-sdk-go-v2/credentials v1.13.43 - github.com/aws/aws-sdk-go-v2/feature/ec2/imds => github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.13 - github.com/aws/aws-sdk-go-v2/feature/s3/manager => github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.91 - github.com/aws/aws-sdk-go-v2/internal/configsources => github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.43 - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 => github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.37 - github.com/aws/aws-sdk-go-v2/internal/ini => github.com/aws/aws-sdk-go-v2/internal/ini v1.3.45 - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding => github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.15 - github.com/aws/aws-sdk-go-v2/service/internal/checksum => github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.38 - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url => github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.37 - github.com/aws/aws-sdk-go-v2/service/internal/s3shared => github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.6 - github.com/aws/aws-sdk-go-v2/service/kms => github.com/aws/aws-sdk-go-v2/service/kms v1.24.7 - github.com/aws/aws-sdk-go-v2/service/s3 => github.com/aws/aws-sdk-go-v2/service/s3 v1.40.2 - github.com/aws/aws-sdk-go-v2/service/secretsmanager => github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.21.5 - github.com/aws/aws-sdk-go-v2/service/sns => github.com/aws/aws-sdk-go-v2/service/sns v1.22.2 - github.com/aws/aws-sdk-go-v2/service/sqs => github.com/aws/aws-sdk-go-v2/service/sqs v1.24.7 - github.com/aws/aws-sdk-go-v2/service/ssm => github.com/aws/aws-sdk-go-v2/service/ssm v1.38.2 - github.com/aws/aws-sdk-go-v2/service/sso => github.com/aws/aws-sdk-go-v2/service/sso v1.15.2 - github.com/aws/aws-sdk-go-v2/service/sts => github.com/aws/aws-sdk-go-v2/service/sts v1.23.2 - github.com/aws/smithy-go => github.com/aws/smithy-go v1.15.0 + github.com/aws/aws-sdk-go => github.com/aws/aws-sdk-go v1.48.3 + github.com/aws/aws-sdk-go-v2 => github.com/aws/aws-sdk-go-v2 v1.23.1 + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream => github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.1 + github.com/aws/aws-sdk-go-v2/config => github.com/aws/aws-sdk-go-v2/config v1.25.5 + github.com/aws/aws-sdk-go-v2/credentials => github.com/aws/aws-sdk-go-v2/credentials v1.16.4 + github.com/aws/aws-sdk-go-v2/feature/ec2/imds => github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5 + github.com/aws/aws-sdk-go-v2/feature/s3/manager => github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.14.2 + github.com/aws/aws-sdk-go-v2/internal/configsources => github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.4 + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 => github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.4 + github.com/aws/aws-sdk-go-v2/internal/ini => github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding => github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 + github.com/aws/aws-sdk-go-v2/service/internal/checksum => github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.4 + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url => github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.4 + github.com/aws/aws-sdk-go-v2/service/internal/s3shared => github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.4 + github.com/aws/aws-sdk-go-v2/service/kms => github.com/aws/aws-sdk-go-v2/service/kms v1.26.3 + github.com/aws/aws-sdk-go-v2/service/s3 => github.com/aws/aws-sdk-go-v2/service/s3 v1.44.0 + github.com/aws/aws-sdk-go-v2/service/secretsmanager => github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.23.3 + github.com/aws/aws-sdk-go-v2/service/sns => github.com/aws/aws-sdk-go-v2/service/sns v1.25.3 + github.com/aws/aws-sdk-go-v2/service/sqs => github.com/aws/aws-sdk-go-v2/service/sqs v1.28.2 + github.com/aws/aws-sdk-go-v2/service/ssm => github.com/aws/aws-sdk-go-v2/service/ssm v1.43.1 + github.com/aws/aws-sdk-go-v2/service/sso => github.com/aws/aws-sdk-go-v2/service/sso v1.17.3 + github.com/aws/aws-sdk-go-v2/service/sts => github.com/aws/aws-sdk-go-v2/service/sts v1.25.4 + github.com/aws/smithy-go => github.com/aws/smithy-go v1.17.0 github.com/benbjohnson/clock => github.com/benbjohnson/clock v1.3.5 github.com/beorn7/perks => github.com/beorn7/perks v1.0.1 github.com/bmizerany/assert => github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 @@ -78,11 +78,11 @@ replace ( github.com/chzyer/readline => github.com/chzyer/readline v1.5.1 github.com/chzyer/test => github.com/chzyer/test v1.0.0 github.com/cncf/udpa/go => github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe - github.com/cncf/xds/go => github.com/cncf/xds/go v0.0.0-20231016030527-8bd2eac9fb4a + github.com/cncf/xds/go => github.com/cncf/xds/go v0.0.0-20231121184454-5b9bca5544b3 github.com/cockroachdb/apd => github.com/cockroachdb/apd v1.1.0 github.com/coreos/go-systemd/v22 => github.com/coreos/go-systemd/v22 v22.5.0 github.com/cpuguy83/go-md2man/v2 => github.com/cpuguy83/go-md2man/v2 v2.0.3 - github.com/creack/pty => github.com/creack/pty v1.1.18 + github.com/creack/pty => github.com/creack/pty v1.1.21 github.com/davecgh/go-spew => github.com/davecgh/go-spew v1.1.1 github.com/denisenkom/go-mssqldb => github.com/denisenkom/go-mssqldb v0.12.3 github.com/devigned/tab => github.com/devigned/tab v0.1.1 @@ -97,22 +97,22 @@ replace ( github.com/fogleman/gg => github.com/fogleman/gg v1.3.0 github.com/fortytw2/leaktest => github.com/fortytw2/leaktest v1.3.0 github.com/frankban/quicktest => github.com/frankban/quicktest v1.14.6 - github.com/fsnotify/fsnotify => github.com/fsnotify/fsnotify v1.6.0 + github.com/fsnotify/fsnotify => github.com/fsnotify/fsnotify v1.7.0 github.com/gin-contrib/sse => github.com/gin-contrib/sse v0.1.0 github.com/gin-gonic/gin => github.com/gin-gonic/gin v1.9.1 github.com/go-errors/errors => github.com/go-errors/errors v1.5.1 - github.com/go-fonts/dejavu => github.com/go-fonts/dejavu v0.2.0 - github.com/go-fonts/latin-modern => github.com/go-fonts/latin-modern v0.3.1 - github.com/go-fonts/liberation => github.com/go-fonts/liberation v0.3.1 - github.com/go-fonts/stix => github.com/go-fonts/stix v0.2.1 - github.com/go-gl/gl => github.com/go-gl/gl v0.0.0-20211210172815-726fda9656d6 - github.com/go-gl/glfw/v3.3/glfw => github.com/go-gl/glfw/v3.3/glfw v0.0.0-20221017161538-93cebf72946b + github.com/go-fonts/dejavu => github.com/go-fonts/dejavu v0.3.2 + github.com/go-fonts/latin-modern => github.com/go-fonts/latin-modern v0.3.2 + github.com/go-fonts/liberation => github.com/go-fonts/liberation v0.3.2 + github.com/go-fonts/stix => github.com/go-fonts/stix v0.2.2 + github.com/go-gl/gl => github.com/go-gl/gl v0.0.0-20231021071112-07e5d0ea2e71 + github.com/go-gl/glfw/v3.3/glfw => github.com/go-gl/glfw/v3.3/glfw v0.0.0-20231117230948-b8b00452e321 github.com/go-kit/log => github.com/go-kit/log v0.2.1 - github.com/go-latex/latex => github.com/go-latex/latex v0.0.0-20230307184459-12ec69307ad9 + github.com/go-latex/latex => github.com/go-latex/latex v0.0.0-20231108140139-5c1ce85aa4ea github.com/go-logfmt/logfmt => github.com/go-logfmt/logfmt v0.6.0 - github.com/go-logr/logr => github.com/go-logr/logr v1.2.4 + github.com/go-logr/logr => github.com/go-logr/logr v1.3.0 github.com/go-logr/stdr => github.com/go-logr/stdr v1.2.2 - github.com/go-logr/zapr => github.com/go-logr/zapr v1.2.4 + github.com/go-logr/zapr => github.com/go-logr/zapr v1.3.0 github.com/go-openapi/jsonpointer => github.com/go-openapi/jsonpointer v0.20.0 github.com/go-openapi/jsonreference => github.com/go-openapi/jsonreference v0.20.2 github.com/go-openapi/swag => github.com/go-openapi/swag v0.22.4 @@ -120,7 +120,7 @@ replace ( github.com/go-playground/assert/v2 => github.com/go-playground/assert/v2 v2.2.0 github.com/go-playground/locales => github.com/go-playground/locales v0.14.1 github.com/go-playground/universal-translator => github.com/go-playground/universal-translator v0.18.1 - github.com/go-playground/validator/v10 => github.com/go-playground/validator/v10 v10.15.5 + github.com/go-playground/validator/v10 => github.com/go-playground/validator/v10 v10.16.0 github.com/go-redis/redis/v8 => github.com/go-redis/redis/v8 v8.11.5 github.com/go-sql-driver/mysql => github.com/go-sql-driver/mysql v1.7.1 github.com/go-task/slim-sprig => github.com/go-task/slim-sprig v2.20.0+incompatible @@ -129,7 +129,7 @@ replace ( github.com/go-toolsmith/strparse => github.com/go-toolsmith/strparse v1.1.0 github.com/gobwas/httphead => github.com/gobwas/httphead v0.1.0 github.com/gobwas/pool => github.com/gobwas/pool v0.2.1 - github.com/gobwas/ws => github.com/gobwas/ws v1.3.0 + github.com/gobwas/ws => github.com/gobwas/ws v1.3.1 github.com/goccy/go-json => github.com/goccy/go-json v0.10.2 github.com/gocql/gocql => github.com/gocql/gocql v1.6.0 github.com/gocraft/dbr/v2 => github.com/gocraft/dbr/v2 v2.7.6 @@ -140,7 +140,7 @@ replace ( github.com/golang-sql/civil => github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 github.com/golang-sql/sqlexp => github.com/golang-sql/sqlexp v0.1.0 github.com/golang/freetype => github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 - github.com/golang/glog => github.com/golang/glog v1.1.2 + github.com/golang/glog => github.com/golang/glog v1.2.0 github.com/golang/groupcache => github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da github.com/golang/mock => github.com/golang/mock v1.6.0 github.com/golang/protobuf => github.com/golang/protobuf v1.5.3 @@ -153,22 +153,22 @@ replace ( github.com/google/gofuzz => github.com/google/gofuzz v1.2.0 github.com/google/martian => github.com/google/martian v2.1.0+incompatible github.com/google/martian/v3 => github.com/google/martian/v3 v3.3.2 - github.com/google/pprof => github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98 + github.com/google/pprof => github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a github.com/google/shlex => github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 github.com/google/subcommands => github.com/google/subcommands v1.2.0 - github.com/google/uuid => github.com/google/uuid v1.3.1 + github.com/google/uuid => github.com/google/uuid v1.4.0 github.com/google/wire => github.com/google/wire v0.5.0 github.com/googleapis/gax-go/v2 => github.com/googleapis/gax-go/v2 v2.12.0 - github.com/gorilla/mux => github.com/gorilla/mux v1.8.0 - github.com/gorilla/websocket => github.com/gorilla/websocket v1.5.0 + github.com/gorilla/mux => github.com/gorilla/mux v1.8.1 + github.com/gorilla/websocket => github.com/gorilla/websocket v1.5.1 github.com/gregjones/httpcache => github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 - github.com/grpc-ecosystem/grpc-gateway/v2 => github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.0 + github.com/grpc-ecosystem/grpc-gateway/v2 => github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.1 github.com/hailocab/go-hostpool => github.com/kpango/go-hostpool v0.0.0-20210303030322-aab80263dcd0 - github.com/hanwen/go-fuse/v2 => github.com/hanwen/go-fuse/v2 v2.4.0 + github.com/hanwen/go-fuse/v2 => github.com/hanwen/go-fuse/v2 v2.4.2 github.com/hashicorp/go-uuid => github.com/hashicorp/go-uuid v1.0.3 github.com/hashicorp/go-version => github.com/hashicorp/go-version v1.6.0 github.com/iancoleman/strcase => github.com/iancoleman/strcase v0.3.0 - github.com/ianlancetaylor/demangle => github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab + github.com/ianlancetaylor/demangle => github.com/ianlancetaylor/demangle v0.0.0-20231023195312-e2daf7ba7156 github.com/inconshreveable/mousetrap => github.com/inconshreveable/mousetrap v1.1.0 github.com/jackc/chunkreader/v2 => github.com/jackc/chunkreader/v2 v2.0.1 github.com/jackc/pgconn => github.com/jackc/pgconn v1.14.1 @@ -190,8 +190,8 @@ replace ( github.com/jstemmer/go-junit-report => github.com/jstemmer/go-junit-report v1.0.0 github.com/kisielk/errcheck => github.com/kisielk/errcheck v1.6.3 github.com/kisielk/gotool => github.com/kisielk/gotool v1.0.0 - github.com/klauspost/compress => github.com/klauspost/compress v1.17.1 - github.com/klauspost/cpuid/v2 => github.com/klauspost/cpuid/v2 v2.2.5 + github.com/klauspost/compress => github.com/klauspost/compress v1.17.3 + github.com/klauspost/cpuid/v2 => github.com/klauspost/cpuid/v2 v2.2.6 github.com/kpango/fastime => github.com/kpango/fastime v1.1.9 github.com/kpango/fuid => github.com/kpango/fuid v0.0.0-20221203053508-503b5ad89aa1 github.com/kpango/gache/v2 => github.com/kpango/gache/v2 v2.0.9 @@ -199,6 +199,7 @@ replace ( github.com/kr/fs => github.com/kr/fs v0.1.0 github.com/kr/pretty => github.com/kr/pretty v0.3.1 github.com/kr/text => github.com/kr/text v0.2.0 + github.com/kubernetes-csi/external-snapshotter/client/v6 => github.com/kubernetes-csi/external-snapshotter/client/v6 v6.3.0 github.com/kylelemons/godebug => github.com/kylelemons/godebug v1.1.0 github.com/leanovate/gopter => github.com/leanovate/gopter v0.2.9 github.com/leodido/go-urn => github.com/leodido/go-urn v1.2.4 @@ -207,12 +208,12 @@ replace ( github.com/lucasb-eyer/go-colorful => github.com/lucasb-eyer/go-colorful v1.2.0 github.com/mailru/easyjson => github.com/mailru/easyjson v0.7.7 github.com/mattn/go-colorable => github.com/mattn/go-colorable v0.1.13 - github.com/mattn/go-isatty => github.com/mattn/go-isatty v0.0.19 - github.com/mattn/go-sqlite3 => github.com/mattn/go-sqlite3 v1.14.17 + github.com/mattn/go-isatty => github.com/mattn/go-isatty v0.0.20 + github.com/mattn/go-sqlite3 => github.com/mattn/go-sqlite3 v1.14.18 github.com/matttproud/golang_protobuf_extensions => github.com/matttproud/golang_protobuf_extensions v1.0.4 github.com/mitchellh/colorstring => github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db github.com/moby/spdystream => github.com/moby/spdystream v0.2.0 - github.com/moby/sys/mountinfo => github.com/moby/sys/mountinfo v0.6.2 + github.com/moby/sys/mountinfo => github.com/moby/sys/mountinfo v0.7.1 github.com/modern-go/concurrent => github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd github.com/modern-go/reflect2 => github.com/modern-go/reflect2 v1.0.2 github.com/modocache/gover => github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5 @@ -222,8 +223,8 @@ replace ( github.com/niemeyer/pretty => github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e github.com/nxadm/tail => github.com/nxadm/tail v1.4.11 github.com/onsi/ginkgo => github.com/onsi/ginkgo v1.16.5 - github.com/onsi/ginkgo/v2 => github.com/onsi/ginkgo/v2 v2.13.0 - github.com/onsi/gomega => github.com/onsi/gomega v1.28.0 + github.com/onsi/ginkgo/v2 => github.com/onsi/ginkgo/v2 v2.13.1 + github.com/onsi/gomega => github.com/onsi/gomega v1.30.0 github.com/peterbourgon/diskv => github.com/peterbourgon/diskv v2.0.1+incompatible github.com/phpdave11/gofpdf => github.com/phpdave11/gofpdf v1.4.2 github.com/phpdave11/gofpdi => github.com/phpdave11/gofpdi v1.0.13 @@ -236,7 +237,7 @@ replace ( github.com/prashantv/gostub => github.com/prashantv/gostub v1.1.0 github.com/prometheus/client_golang => github.com/prometheus/client_golang v1.17.0 github.com/prometheus/client_model => github.com/prometheus/client_model v0.5.0 - github.com/prometheus/common => github.com/prometheus/common v0.44.0 + github.com/prometheus/common => github.com/prometheus/common v0.45.0 github.com/prometheus/procfs => github.com/prometheus/procfs v0.12.0 github.com/prometheus/prometheus => github.com/prometheus/prometheus v1.99.0 github.com/quasilyte/go-ruleguard => github.com/quasilyte/go-ruleguard v0.4.0 @@ -258,7 +259,7 @@ replace ( github.com/shurcooL/vfsgen => github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92 github.com/sirupsen/logrus => github.com/sirupsen/logrus v1.9.3 github.com/spf13/afero => github.com/spf13/afero v1.10.0 - github.com/spf13/cobra => github.com/spf13/cobra v1.7.0 + github.com/spf13/cobra => github.com/spf13/cobra v1.8.0 github.com/spf13/pflag => github.com/spf13/pflag v1.0.5 github.com/stoewer/go-strcase => github.com/stoewer/go-strcase v1.3.0 github.com/stretchr/objx => github.com/stretchr/objx v0.5.1 @@ -270,7 +271,7 @@ replace ( github.com/xlab/treeprint => github.com/xlab/treeprint v1.2.0 github.com/zeebo/assert => github.com/zeebo/assert v1.3.1 github.com/zeebo/xxh3 => github.com/zeebo/xxh3 v1.0.2 - go.etcd.io/bbolt => go.etcd.io/bbolt v1.3.7 + go.etcd.io/bbolt => go.etcd.io/bbolt v1.3.8 go.opencensus.io => go.opencensus.io v0.24.0 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.37.0 go.opentelemetry.io/otel => go.opentelemetry.io/otel v1.11.1 @@ -284,39 +285,39 @@ replace ( go.opentelemetry.io/otel/sdk/metric => go.opentelemetry.io/otel/sdk/metric v0.33.0 go.opentelemetry.io/otel/trace => go.opentelemetry.io/otel/trace v1.11.1 go.opentelemetry.io/proto/otlp => go.opentelemetry.io/proto/otlp v1.0.0 - go.starlark.net => go.starlark.net v0.0.0-20231016134836-22325403fcb3 + go.starlark.net => go.starlark.net v0.0.0-20231121155337-90ade8b19d09 go.uber.org/atomic => go.uber.org/atomic v1.11.0 go.uber.org/automaxprocs => go.uber.org/automaxprocs v1.5.3 - go.uber.org/goleak => go.uber.org/goleak v1.2.1 + go.uber.org/goleak => go.uber.org/goleak v1.3.0 go.uber.org/multierr => go.uber.org/multierr v1.11.0 go.uber.org/zap => go.uber.org/zap v1.26.0 gocloud.dev => gocloud.dev v0.34.0 - golang.org/x/crypto => golang.org/x/crypto v0.14.0 - golang.org/x/exp => golang.org/x/exp v0.0.0-20231006140011-7918f672742d - golang.org/x/exp/typeparams => golang.org/x/exp/typeparams v0.0.0-20231006140011-7918f672742d - golang.org/x/image => golang.org/x/image v0.13.0 + golang.org/x/crypto => golang.org/x/crypto v0.15.0 + golang.org/x/exp => golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa + golang.org/x/exp/typeparams => golang.org/x/exp/typeparams v0.0.0-20231110203233-9a3e6036ecaa + golang.org/x/image => golang.org/x/image v0.14.0 golang.org/x/lint => golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 - golang.org/x/mobile => golang.org/x/mobile v0.0.0-20231006135142-2b44d11868fe - golang.org/x/mod => golang.org/x/mod v0.13.0 - golang.org/x/net => golang.org/x/net v0.17.0 - golang.org/x/oauth2 => golang.org/x/oauth2 v0.13.0 - golang.org/x/sync => golang.org/x/sync v0.4.0 - golang.org/x/sys => golang.org/x/sys v0.13.0 - golang.org/x/term => golang.org/x/term v0.13.0 - golang.org/x/text => golang.org/x/text v0.13.0 - golang.org/x/time => golang.org/x/time v0.3.0 - golang.org/x/tools => golang.org/x/tools v0.14.0 + golang.org/x/mobile => golang.org/x/mobile v0.0.0-20231108233038-35478a0c49da + golang.org/x/mod => golang.org/x/mod v0.14.0 + golang.org/x/net => golang.org/x/net v0.18.0 + golang.org/x/oauth2 => golang.org/x/oauth2 v0.14.0 + golang.org/x/sync => golang.org/x/sync v0.5.0 + golang.org/x/sys => golang.org/x/sys v0.14.0 + golang.org/x/term => golang.org/x/term v0.14.0 + golang.org/x/text => golang.org/x/text v0.14.0 + golang.org/x/time => golang.org/x/time v0.4.0 + golang.org/x/tools => golang.org/x/tools v0.15.0 golang.org/x/xerrors => golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 gomodules.xyz/jsonpatch/v2 => gomodules.xyz/jsonpatch/v2 v2.4.0 gonum.org/v1/gonum => gonum.org/v1/gonum v0.14.0 gonum.org/v1/hdf5 => gonum.org/v1/hdf5 v0.0.0-20210714002203-8c5d23bc6946 gonum.org/v1/plot => gonum.org/v1/plot v0.14.0 - google.golang.org/api => google.golang.org/api v0.147.0 + google.golang.org/api => google.golang.org/api v0.151.0 google.golang.org/appengine => google.golang.org/appengine v1.6.8 - google.golang.org/genproto => google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b - google.golang.org/genproto/googleapis/api => google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b - google.golang.org/genproto/googleapis/rpc => google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b - google.golang.org/grpc => google.golang.org/grpc v1.58.3 + google.golang.org/genproto => google.golang.org/genproto v0.0.0-20231120223509-83a465c0220f + google.golang.org/genproto/googleapis/api => google.golang.org/genproto/googleapis/api v0.0.0-20231120223509-83a465c0220f + google.golang.org/genproto/googleapis/rpc => google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f + google.golang.org/grpc => google.golang.org/grpc v1.59.0 google.golang.org/grpc/cmd/protoc-gen-go-grpc => google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0 google.golang.org/protobuf => google.golang.org/protobuf v1.31.0 gopkg.in/check.v1 => gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c @@ -332,17 +333,17 @@ replace ( k8s.io/cli-runtime => k8s.io/cli-runtime v0.27.3 k8s.io/client-go => k8s.io/client-go v0.27.3 k8s.io/component-base => k8s.io/component-base v0.27.3 - k8s.io/klog/v2 => k8s.io/klog/v2 v2.100.1 + k8s.io/klog/v2 => k8s.io/klog/v2 v2.110.1 k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515 k8s.io/kubernetes => k8s.io/kubernetes v0.27.3 k8s.io/metrics => k8s.io/metrics v0.27.3 - nhooyr.io/websocket => nhooyr.io/websocket v1.8.7 + nhooyr.io/websocket => nhooyr.io/websocket v1.8.10 rsc.io/pdf => rsc.io/pdf v0.1.1 sigs.k8s.io/controller-runtime => sigs.k8s.io/controller-runtime v0.15.0 sigs.k8s.io/json => sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd sigs.k8s.io/kustomize => sigs.k8s.io/kustomize v2.0.3+incompatible - sigs.k8s.io/structured-merge-diff/v4 => sigs.k8s.io/structured-merge-diff/v4 v4.3.0 - sigs.k8s.io/yaml => sigs.k8s.io/yaml v1.3.0 + sigs.k8s.io/structured-merge-diff/v4 => sigs.k8s.io/structured-merge-diff/v4 v4.4.1 + sigs.k8s.io/yaml => sigs.k8s.io/yaml v1.4.0 ) require ( @@ -356,8 +357,8 @@ require ( github.com/goccy/go-json v0.10.2 github.com/gocql/gocql v0.0.0-20200131111108-92af2e088537 github.com/gocraft/dbr/v2 v2.0.0-00010101000000-000000000000 - github.com/google/go-cmp v0.5.9 - github.com/google/uuid v1.3.1 + github.com/google/go-cmp v0.6.0 + github.com/google/uuid v1.4.0 github.com/gorilla/mux v0.0.0-00010101000000-000000000000 github.com/hashicorp/go-version v0.0.0-00010101000000-000000000000 github.com/klauspost/compress v1.15.9 @@ -365,6 +366,7 @@ require ( github.com/kpango/fuid v0.0.0-00010101000000-000000000000 github.com/kpango/gache/v2 v2.0.0-00010101000000-000000000000 github.com/kpango/glg v1.6.15 + github.com/kubernetes-csi/external-snapshotter/client/v6 v6.0.0-00010101000000-000000000000 github.com/leanovate/gopter v0.0.0-00010101000000-000000000000 github.com/lucasb-eyer/go-colorful v0.0.0-00010101000000-000000000000 github.com/pierrec/lz4/v3 v3.0.0-00010101000000-000000000000 @@ -388,32 +390,32 @@ require ( go.uber.org/goleak v1.2.1 go.uber.org/zap v1.24.0 gocloud.dev v0.0.0-00010101000000-000000000000 - golang.org/x/net v0.17.0 + golang.org/x/net v0.18.0 golang.org/x/oauth2 v0.13.0 - golang.org/x/sync v0.4.0 - golang.org/x/sys v0.13.0 - golang.org/x/text v0.13.0 - golang.org/x/tools v0.14.0 + golang.org/x/sync v0.5.0 + golang.org/x/sys v0.14.0 + golang.org/x/text v0.14.0 + golang.org/x/tools v0.15.0 gonum.org/v1/hdf5 v0.0.0-00010101000000-000000000000 gonum.org/v1/plot v0.10.1 - google.golang.org/genproto/googleapis/api v0.0.0-20231012201019-e917dd12ba7a - google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a - google.golang.org/grpc v1.58.3 + google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 + google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 + google.golang.org/grpc v1.59.0 google.golang.org/protobuf v1.31.0 gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v0.27.3 - k8s.io/apimachinery v0.27.3 + k8s.io/api v0.28.0 + k8s.io/apimachinery v0.28.0 k8s.io/cli-runtime v0.0.0-00010101000000-000000000000 - k8s.io/client-go v0.27.3 + k8s.io/client-go v0.28.0 k8s.io/metrics v0.0.0-00010101000000-000000000000 sigs.k8s.io/controller-runtime v0.0.0-00010101000000-000000000000 ) require ( - cloud.google.com/go v0.110.8 // indirect - cloud.google.com/go/compute v1.23.1 // indirect + cloud.google.com/go v0.110.10 // indirect + cloud.google.com/go/compute v1.23.3 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect - cloud.google.com/go/iam v1.1.3 // indirect + cloud.google.com/go/iam v1.1.5 // indirect git.sr.ht/~sbinet/gg v0.5.0 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver v1.5.0 // indirect @@ -424,16 +426,16 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect - github.com/emicklei/go-restful/v3 v3.9.0 // indirect + github.com/emicklei/go-restful/v3 v3.10.1 // indirect github.com/evanphx/json-patch v4.12.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/go-errors/errors v1.4.2 // indirect - github.com/go-fonts/liberation v0.3.1 // indirect + github.com/go-fonts/liberation v0.3.2 // indirect github.com/go-latex/latex v0.0.0-20230307184459-12ec69307ad9 // indirect - github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/logr v1.3.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.1 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/swag v0.22.4 // indirect github.com/go-pdf/fpdf v0.9.0 // indirect github.com/go-toolsmith/astcopy v1.0.2 // indirect @@ -445,13 +447,13 @@ require ( github.com/golang/protobuf v1.5.3 // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/btree v1.0.1 // indirect - github.com/google/gnostic v0.5.7-v3refs // indirect + github.com/google/gnostic v0.6.9 // indirect github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect - github.com/google/gofuzz v1.1.0 // indirect + github.com/google/gofuzz v1.2.0 // indirect github.com/google/s2a-go v0.1.7 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/wire v0.5.0 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.3.1 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect github.com/googleapis/gax-go/v2 v2.12.0 // indirect github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect @@ -465,7 +467,7 @@ require ( github.com/klauspost/cpuid/v2 v2.0.9 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect @@ -474,7 +476,7 @@ require ( github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_golang v1.15.1 // indirect + github.com/prometheus/client_golang v1.17.0 // indirect github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 // indirect github.com/prometheus/common v0.44.0 // indirect github.com/prometheus/procfs v0.11.1 // indirect @@ -491,17 +493,17 @@ require ( go.opentelemetry.io/proto/otlp v0.19.0 // indirect go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/crypto v0.14.0 // indirect + golang.org/x/crypto v0.15.0 // indirect golang.org/x/exp/typeparams v0.0.0-20230307190834-24139beb5833 // indirect - golang.org/x/image v0.13.0 // indirect - golang.org/x/mod v0.13.0 // indirect - golang.org/x/term v0.13.0 // indirect + golang.org/x/image v0.14.0 // indirect + golang.org/x/mod v0.14.0 // indirect + golang.org/x/term v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect - google.golang.org/api v0.139.0 // indirect + google.golang.org/api v0.150.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20231012201019-e917dd12ba7a // indirect + google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/apiextensions-apiserver v0.27.2 // indirect diff --git a/go.sum b/go.sum index de5cead015..e132eeabd0 100644 --- a/go.sum +++ b/go.sum @@ -1,140 +1,140 @@ -cloud.google.com/go v0.110.8 h1:tyNdfIxjzaWctIiLYOTalaLKZ17SI44SKFW26QbOhME= -cloud.google.com/go v0.110.8/go.mod h1:Iz8AkXJf1qmxC3Oxoep8R1T36w8B92yU29PcBhHO5fk= -cloud.google.com/go/accessapproval v1.7.2/go.mod h1:/gShiq9/kK/h8T/eEn1BTzalDvk0mZxJlhfw0p+Xuc0= -cloud.google.com/go/accesscontextmanager v1.8.0/go.mod h1:uI+AI/r1oyWK99NN8cQ3UK76AMelMzgZCvJfsi2c+ps= +cloud.google.com/go v0.110.10 h1:LXy9GEO+timppncPIAZoOj3l58LIU9k+kn48AN7IO3Y= +cloud.google.com/go v0.110.10/go.mod h1:v1OoFqYxiBkUrruItNM3eT4lLByNjxmJSV/xDKJNnic= +cloud.google.com/go/accessapproval v1.7.4/go.mod h1:/aTEh45LzplQgFYdQdwPMR9YdX0UlhBmvB84uAmQKUc= cloud.google.com/go/accesscontextmanager v1.8.2/go.mod h1:E6/SCRM30elQJ2PKtFMs2YhfJpZSNcJyejhuzoId4Zk= -cloud.google.com/go/aiplatform v1.51.1/go.mod h1:kY3nIMAVQOK2XDqDPHaOuD9e+FdMA6OOpfBjsvaFSOo= -cloud.google.com/go/analytics v0.21.4/go.mod h1:zZgNCxLCy8b2rKKVfC1YkC2vTrpfZmeRCySM3aUbskA= -cloud.google.com/go/apigateway v1.6.2/go.mod h1:CwMC90nnZElorCW63P2pAYm25AtQrHfuOkbRSHj0bT8= -cloud.google.com/go/apigeeconnect v1.6.2/go.mod h1:s6O0CgXT9RgAxlq3DLXvG8riw8PYYbU/v25jqP3Dy18= -cloud.google.com/go/apigeeregistry v0.7.2/go.mod h1:9CA2B2+TGsPKtfi3F7/1ncCCsL62NXBRfM6iPoGSM+8= -cloud.google.com/go/appengine v1.8.2/go.mod h1:WMeJV9oZ51pvclqFN2PqHoGnys7rK0rz6s3Mp6yMvDo= -cloud.google.com/go/area120 v0.8.2/go.mod h1:a5qfo+x77SRLXnCynFWPUZhnZGeSgvQ+Y0v1kSItkh4= -cloud.google.com/go/artifactregistry v1.14.3/go.mod h1:A2/E9GXnsyXl7GUvQ/2CjHA+mVRoWAXC0brg2os+kNI= -cloud.google.com/go/asset v1.15.1/go.mod h1:yX/amTvFWRpp5rcFq6XbCxzKT8RJUam1UoboE179jU4= -cloud.google.com/go/assuredworkloads v1.11.2/go.mod h1:O1dfr+oZJMlE6mw0Bp0P1KZSlj5SghMBvTpZqIcUAW4= -cloud.google.com/go/automl v1.13.2/go.mod h1:gNY/fUmDEN40sP8amAX3MaXkxcqPIn7F1UIIPZpy4Mg= -cloud.google.com/go/baremetalsolution v1.2.1/go.mod h1:3qKpKIw12RPXStwQXcbhfxVj1dqQGEvcmA+SX/mUR88= -cloud.google.com/go/batch v1.5.1/go.mod h1:RpBuIYLkQu8+CWDk3dFD/t/jOCGuUpkpX+Y0n1Xccs8= -cloud.google.com/go/beyondcorp v1.0.1/go.mod h1:zl/rWWAFVeV+kx+X2Javly7o1EIQThU4WlkynffL/lk= -cloud.google.com/go/bigquery v1.56.0/go.mod h1:KDcsploXTEY7XT3fDQzMUZlpQLHzE4itubHrnmhUrZA= -cloud.google.com/go/billing v1.17.2/go.mod h1:u/AdV/3wr3xoRBk5xvUzYMS1IawOAPwQMuHgHMdljDg= -cloud.google.com/go/binaryauthorization v1.7.1/go.mod h1:GTAyfRWYgcbsP3NJogpV3yeunbUIjx2T9xVeYovtURE= -cloud.google.com/go/certificatemanager v1.7.2/go.mod h1:15SYTDQMd00kdoW0+XY5d9e+JbOPjp24AvF48D8BbcQ= -cloud.google.com/go/channel v1.17.1/go.mod h1:xqfzcOZAcP4b/hUDH0GkGg1Sd5to6di1HOJn/pi5uBQ= -cloud.google.com/go/cloudbuild v1.14.1/go.mod h1:K7wGc/3zfvmYWOWwYTgF/d/UVJhS4pu+HAy7PL7mCsU= -cloud.google.com/go/clouddms v1.7.1/go.mod h1:o4SR8U95+P7gZ/TX+YbJxehOCsM+fe6/brlrFquiszk= -cloud.google.com/go/cloudtasks v1.12.2/go.mod h1:A7nYkjNlW2gUoROg1kvJrQGhJP/38UaWwsnuBDOBVUk= -cloud.google.com/go/compute v1.23.1 h1:V97tBoDaZHb6leicZ1G6DLK2BAaZLJ/7+9BB/En3hR0= -cloud.google.com/go/compute v1.23.1/go.mod h1:CqB3xpmPKKt3OJpW2ndFIXnA9A4xAy/F3Xp1ixncW78= +cloud.google.com/go/accesscontextmanager v1.8.4/go.mod h1:ParU+WbMpD34s5JFEnGAnPBYAgUHozaTmDJU7aCU9+M= +cloud.google.com/go/aiplatform v1.54.0/go.mod h1:pwZMGvqe0JRkI1GWSZCtnAfrR4K1bv65IHILGA//VEU= +cloud.google.com/go/analytics v0.21.6/go.mod h1:eiROFQKosh4hMaNhF85Oc9WO97Cpa7RggD40e/RBy8w= +cloud.google.com/go/apigateway v1.6.4/go.mod h1:0EpJlVGH5HwAN4VF4Iec8TAzGN1aQgbxAWGJsnPCGGY= +cloud.google.com/go/apigeeconnect v1.6.4/go.mod h1:CapQCWZ8TCjnU0d7PobxhpOdVz/OVJ2Hr/Zcuu1xFx0= +cloud.google.com/go/apigeeregistry v0.8.2/go.mod h1:h4v11TDGdeXJDJvImtgK2AFVvMIgGWjSb0HRnBSjcX8= +cloud.google.com/go/appengine v1.8.4/go.mod h1:TZ24v+wXBujtkK77CXCpjZbnuTvsFNT41MUaZ28D6vg= +cloud.google.com/go/area120 v0.8.4/go.mod h1:jfawXjxf29wyBXr48+W+GyX/f8fflxp642D/bb9v68M= +cloud.google.com/go/artifactregistry v1.14.6/go.mod h1:np9LSFotNWHcjnOgh8UVK0RFPCTUGbO0ve3384xyHfE= +cloud.google.com/go/asset v1.15.3/go.mod h1:yYLfUD4wL4X589A9tYrv4rFrba0QlDeag0CMcM5ggXU= +cloud.google.com/go/assuredworkloads v1.11.4/go.mod h1:4pwwGNwy1RP0m+y12ef3Q/8PaiWrIDQ6nD2E8kvWI9U= +cloud.google.com/go/automl v1.13.4/go.mod h1:ULqwX/OLZ4hBVfKQaMtxMSTlPx0GqGbWN8uA/1EqCP8= +cloud.google.com/go/baremetalsolution v1.2.3/go.mod h1:/UAQ5xG3faDdy180rCUv47e0jvpp3BFxT+Cl0PFjw5g= +cloud.google.com/go/batch v1.6.3/go.mod h1:J64gD4vsNSA2O5TtDB5AAux3nJ9iV8U3ilg3JDBYejU= +cloud.google.com/go/beyondcorp v1.0.3/go.mod h1:HcBvnEd7eYr+HGDd5ZbuVmBYX019C6CEXBonXbCVwJo= +cloud.google.com/go/bigquery v1.57.1/go.mod h1:iYzC0tGVWt1jqSzBHqCr3lrRn0u13E8e+AqowBsDgug= +cloud.google.com/go/billing v1.17.4/go.mod h1:5DOYQStCxquGprqfuid/7haD7th74kyMBHkjO/OvDtk= +cloud.google.com/go/binaryauthorization v1.7.3/go.mod h1:VQ/nUGRKhrStlGr+8GMS8f6/vznYLkdK5vaKfdCIpvU= +cloud.google.com/go/certificatemanager v1.7.4/go.mod h1:FHAylPe/6IIKuaRmHbjbdLhGhVQ+CWHSD5Jq0k4+cCE= +cloud.google.com/go/channel v1.17.3/go.mod h1:QcEBuZLGGrUMm7kNj9IbU1ZfmJq2apotsV83hbxX7eE= +cloud.google.com/go/cloudbuild v1.15.0/go.mod h1:eIXYWmRt3UtggLnFGx4JvXcMj4kShhVzGndL1LwleEM= +cloud.google.com/go/clouddms v1.7.3/go.mod h1:fkN2HQQNUYInAU3NQ3vRLkV2iWs8lIdmBKOx4nrL6Hc= +cloud.google.com/go/cloudtasks v1.12.4/go.mod h1:BEPu0Gtt2dU6FxZHNqqNdGqIG86qyWKBPGnsb7udGY0= +cloud.google.com/go/compute v1.23.3 h1:6sVlXXBmbd7jNX0Ipq0trII3e4n1/MsADLK6a+aiVlk= +cloud.google.com/go/compute v1.23.3/go.mod h1:VCgBUoMnIVIR0CscqQiPJLAG25E3ZRZMzcFZeQ+h8CI= cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= -cloud.google.com/go/contactcenterinsights v1.11.1/go.mod h1:FeNP3Kg8iteKM80lMwSk3zZZKVxr+PGnAId6soKuXwE= -cloud.google.com/go/container v1.26.1/go.mod h1:5smONjPRUxeEpDG7bMKWfDL4sauswqEtnBK1/KKpR04= -cloud.google.com/go/containeranalysis v0.11.1/go.mod h1:rYlUOM7nem1OJMKwE1SadufX0JP3wnXj844EtZAwWLY= -cloud.google.com/go/datacatalog v1.16.0/go.mod h1:d2CevwTG4yedZilwe+v3E3ZBDRMobQfSG/a6cCCN5R4= +cloud.google.com/go/contactcenterinsights v1.12.0/go.mod h1:HHX5wrz5LHVAwfI2smIotQG9x8Qd6gYilaHcLLLmNis= +cloud.google.com/go/container v1.28.0/go.mod h1:b1A1gJeTBXVLQ6GGw9/9M4FG94BEGsqJ5+t4d/3N7O4= +cloud.google.com/go/containeranalysis v0.11.3/go.mod h1:kMeST7yWFQMGjiG9K7Eov+fPNQcGhb8mXj/UcTiWw9U= cloud.google.com/go/datacatalog v1.18.1/go.mod h1:TzAWaz+ON1tkNr4MOcak8EBHX7wIRX/gZKM+yTVsv+A= -cloud.google.com/go/dataflow v0.9.2/go.mod h1:vBfdBZ/ejlTaYIGB3zB4T08UshH70vbtZeMD+urnUSo= -cloud.google.com/go/dataform v0.8.2/go.mod h1:X9RIqDs6NbGPLR80tnYoPNiO1w0wenKTb8PxxlhTMKM= -cloud.google.com/go/datafusion v1.7.2/go.mod h1:62K2NEC6DRlpNmI43WHMWf9Vg/YvN6QVi8EVwifElI0= -cloud.google.com/go/datalabeling v0.8.2/go.mod h1:cyDvGHuJWu9U/cLDA7d8sb9a0tWLEletStu2sTmg3BE= -cloud.google.com/go/dataplex v1.10.1/go.mod h1:1MzmBv8FvjYfc7vDdxhnLFNskikkB+3vl475/XdCDhs= +cloud.google.com/go/datacatalog v1.19.0/go.mod h1:5FR6ZIF8RZrtml0VUao22FxhdjkoG+a0866rEnObryM= +cloud.google.com/go/dataflow v0.9.4/go.mod h1:4G8vAkHYCSzU8b/kmsoR2lWyHJD85oMJPHMtan40K8w= +cloud.google.com/go/dataform v0.9.1/go.mod h1:pWTg+zGQ7i16pyn0bS1ruqIE91SdL2FDMvEYu/8oQxs= +cloud.google.com/go/datafusion v1.7.4/go.mod h1:BBs78WTOLYkT4GVZIXQCZT3GFpkpDN4aBY4NDX/jVlM= +cloud.google.com/go/datalabeling v0.8.4/go.mod h1:Z1z3E6LHtffBGrNUkKwbwbDxTiXEApLzIgmymj8A3S8= +cloud.google.com/go/dataplex v1.11.2/go.mod h1:mHJYQQ2VEJHsyoC0OdNyy988DvEbPhqFs5OOLffLX0c= cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4= -cloud.google.com/go/dataproc/v2 v2.2.1/go.mod h1:QdAJLaBjh+l4PVlVZcmrmhGccosY/omC1qwfQ61Zv/o= -cloud.google.com/go/dataqna v0.8.2/go.mod h1:KNEqgx8TTmUipnQsScOoDpq/VlXVptUqVMZnt30WAPs= +cloud.google.com/go/dataproc/v2 v2.3.0/go.mod h1:G5R6GBc9r36SXv/RtZIVfB8SipI+xVn0bX5SxUzVYbY= +cloud.google.com/go/dataqna v0.8.4/go.mod h1:mySRKjKg5Lz784P6sCov3p1QD+RZQONRMRjzGNcFd0c= cloud.google.com/go/datastore v1.15.0/go.mod h1:GAeStMBIt9bPS7jMJA85kgkpsMkvseWWXiaHya9Jes8= -cloud.google.com/go/datastream v1.10.1/go.mod h1:7ngSYwnw95YFyTd5tOGBxHlOZiL+OtpjheqU7t2/s/c= -cloud.google.com/go/deploy v1.13.1/go.mod h1:8jeadyLkH9qu9xgO3hVWw8jVr29N1mnW42gRJT8GY6g= -cloud.google.com/go/dialogflow v1.44.1/go.mod h1:n/h+/N2ouKOO+rbe/ZnI186xImpqvCVj2DdsWS/0EAk= -cloud.google.com/go/dlp v1.10.2/go.mod h1:ZbdKIhcnyhILgccwVDzkwqybthh7+MplGC3kZVZsIOQ= -cloud.google.com/go/documentai v1.23.2/go.mod h1:Q/wcRT+qnuXOpjAkvOV4A+IeQl04q2/ReT7SSbytLSo= -cloud.google.com/go/domains v0.9.2/go.mod h1:3YvXGYzZG1Temjbk7EyGCuGGiXHJwVNmwIf+E/cUp5I= -cloud.google.com/go/edgecontainer v1.1.2/go.mod h1:wQRjIzqxEs9e9wrtle4hQPSR1Y51kqN75dgF7UllZZ4= +cloud.google.com/go/datastream v1.10.3/go.mod h1:YR0USzgjhqA/Id0Ycu1VvZe8hEWwrkjuXrGbzeDOSEA= +cloud.google.com/go/deploy v1.15.0/go.mod h1:e5XOUI5D+YGldyLNZ21wbp9S8otJbBE4i88PtO9x/2g= +cloud.google.com/go/dialogflow v1.44.3/go.mod h1:mHly4vU7cPXVweuB5R0zsYKPMzy240aQdAu06SqBbAQ= +cloud.google.com/go/dlp v1.11.1/go.mod h1:/PA2EnioBeXTL/0hInwgj0rfsQb3lpE3R8XUJxqUNKI= +cloud.google.com/go/documentai v1.23.5/go.mod h1:ghzBsyVTiVdkfKaUCum/9bGBEyBjDO4GfooEcYKhN+g= +cloud.google.com/go/domains v0.9.4/go.mod h1:27jmJGShuXYdUNjyDG0SodTfT5RwLi7xmH334Gvi3fY= +cloud.google.com/go/edgecontainer v1.1.4/go.mod h1:AvFdVuZuVGdgaE5YvlL1faAoa1ndRR/5XhXZvPBHbsE= cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU= -cloud.google.com/go/essentialcontacts v1.6.3/go.mod h1:yiPCD7f2TkP82oJEFXFTou8Jl8L6LBRPeBEkTaO0Ggo= -cloud.google.com/go/eventarc v1.13.1/go.mod h1:EqBxmGHFrruIara4FUQ3RHlgfCn7yo1HYsu2Hpt/C3Y= -cloud.google.com/go/filestore v1.7.2/go.mod h1:TYOlyJs25f/omgj+vY7/tIG/E7BX369triSPzE4LdgE= -cloud.google.com/go/firestore v1.13.0/go.mod h1:QojqqOh8IntInDUSTAh0c8ZsPYAr68Ma8c5DWOy8xb8= -cloud.google.com/go/functions v1.15.2/go.mod h1:CHAjtcR6OU4XF2HuiVeriEdELNcnvRZSk1Q8RMqy4lE= -cloud.google.com/go/gkebackup v1.3.2/go.mod h1:OMZbXzEJloyXMC7gqdSB+EOEQ1AKcpGYvO3s1ec5ixk= -cloud.google.com/go/gkeconnect v0.8.2/go.mod h1:6nAVhwchBJYgQCXD2pHBFQNiJNyAd/wyxljpaa6ZPrY= -cloud.google.com/go/gkehub v0.14.2/go.mod h1:iyjYH23XzAxSdhrbmfoQdePnlMj2EWcvnR+tHdBQsCY= -cloud.google.com/go/gkemulticloud v1.0.1/go.mod h1:AcrGoin6VLKT/fwZEYuqvVominLriQBCKmbjtnbMjG8= +cloud.google.com/go/essentialcontacts v1.6.5/go.mod h1:jjYbPzw0x+yglXC890l6ECJWdYeZ5dlYACTFL0U/VuM= +cloud.google.com/go/eventarc v1.13.3/go.mod h1:RWH10IAZIRcj1s/vClXkBgMHwh59ts7hSWcqD3kaclg= +cloud.google.com/go/filestore v1.8.0/go.mod h1:S5JCxIbFjeBhWMTfIYH2Jx24J6BqjwpkkPl+nBA5DlI= +cloud.google.com/go/firestore v1.14.0/go.mod h1:96MVaHLsEhbvkBEdZgfN+AS/GIkco1LRpH9Xp9YZfzQ= +cloud.google.com/go/functions v1.15.4/go.mod h1:CAsTc3VlRMVvx+XqXxKqVevguqJpnVip4DdonFsX28I= +cloud.google.com/go/gkebackup v1.3.4/go.mod h1:gLVlbM8h/nHIs09ns1qx3q3eaXcGSELgNu1DWXYz1HI= +cloud.google.com/go/gkeconnect v0.8.4/go.mod h1:84hZz4UMlDCKl8ifVW8layK4WHlMAFeq8vbzjU0yJkw= +cloud.google.com/go/gkehub v0.14.4/go.mod h1:Xispfu2MqnnFt8rV/2/3o73SK1snL8s9dYJ9G2oQMfc= +cloud.google.com/go/gkemulticloud v1.0.3/go.mod h1:7NpJBN94U6DY1xHIbsDqB2+TFZUfjLUKLjUX8NGLor0= cloud.google.com/go/grafeas v0.3.0/go.mod h1:P7hgN24EyONOTMyeJH6DxG4zD7fwiYa5Q6GUgyFSOU8= -cloud.google.com/go/gsuiteaddons v1.6.2/go.mod h1:K65m9XSgs8hTF3X9nNTPi8IQueljSdYo9F+Mi+s4MyU= -cloud.google.com/go/iam v1.1.3 h1:18tKG7DzydKWUnLjonWcJO6wjSCAtzh4GcRKlH/Hrzc= -cloud.google.com/go/iam v1.1.3/go.mod h1:3khUlaBXfPKKe7huYgEpDn6FtgRyMEqbkvBxrQyY5SE= -cloud.google.com/go/iap v1.9.1/go.mod h1:SIAkY7cGMLohLSdBR25BuIxO+I4fXJiL06IBL7cy/5Q= -cloud.google.com/go/ids v1.4.2/go.mod h1:3vw8DX6YddRu9BncxuzMyWn0g8+ooUjI2gslJ7FH3vk= -cloud.google.com/go/iot v1.7.2/go.mod h1:q+0P5zr1wRFpw7/MOgDXrG/HVA+l+cSwdObffkrpnSg= -cloud.google.com/go/kms v1.15.3/go.mod h1:AJdXqHxS2GlPyduM99s9iGqi2nwbviBbhV/hdmt4iOQ= -cloud.google.com/go/language v1.11.1/go.mod h1:Xyid9MG9WOX3utvDbpX7j3tXDmmDooMyMDqgUVpH17U= -cloud.google.com/go/lifesciences v0.9.2/go.mod h1:QHEOO4tDzcSAzeJg7s2qwnLM2ji8IRpQl4p6m5Z9yTA= +cloud.google.com/go/gsuiteaddons v1.6.4/go.mod h1:rxtstw7Fx22uLOXBpsvb9DUbC+fiXs7rF4U29KHM/pE= +cloud.google.com/go/iam v1.1.5 h1:1jTsCu4bcsNsE4iiqNT5SHwrDRCfRmIaaaVFhRveTJI= +cloud.google.com/go/iam v1.1.5/go.mod h1:rB6P/Ic3mykPbFio+vo7403drjlgvoWfYpJhMXEbzv8= +cloud.google.com/go/iap v1.9.3/go.mod h1:DTdutSZBqkkOm2HEOTBzhZxh2mwwxshfD/h3yofAiCw= +cloud.google.com/go/ids v1.4.4/go.mod h1:z+WUc2eEl6S/1aZWzwtVNWoSZslgzPxAboS0lZX0HjI= +cloud.google.com/go/iot v1.7.4/go.mod h1:3TWqDVvsddYBG++nHSZmluoCAVGr1hAcabbWZNKEZLk= +cloud.google.com/go/kms v1.15.5/go.mod h1:cU2H5jnp6G2TDpUGZyqTCoy1n16fbubHZjmVXSMtwDI= +cloud.google.com/go/language v1.12.2/go.mod h1:9idWapzr/JKXBBQ4lWqVX/hcadxB194ry20m/bTrhWc= +cloud.google.com/go/lifesciences v0.9.4/go.mod h1:bhm64duKhMi7s9jR9WYJYvjAFJwRqNj+Nia7hF0Z7JA= cloud.google.com/go/logging v1.8.1/go.mod h1:TJjR+SimHwuC8MZ9cjByQulAMgni+RkXeI3wwctHJEI= cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc= cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= -cloud.google.com/go/longrunning v0.4.2/go.mod h1:OHrnaYyLUV6oqwh0xiS7e5sLQhP1m0QU9R+WhGDMgIQ= cloud.google.com/go/longrunning v0.5.0/go.mod h1:0JNuqRShmscVAhIACGtskSAWtqtOoPkwP0YF1oVEchc= cloud.google.com/go/longrunning v0.5.1/go.mod h1:spvimkwdz6SPWKEt/XBij79E9fiTkHSQl/fRUUQJYJc= cloud.google.com/go/longrunning v0.5.2/go.mod h1:nqo6DQbNV2pXhGDbDMoN2bWz68MjZUzqv2YttZiveCs= -cloud.google.com/go/managedidentities v1.6.2/go.mod h1:5c2VG66eCa0WIq6IylRk3TBW83l161zkFvCj28X7jn8= -cloud.google.com/go/maps v1.4.1/go.mod h1:BxSa0BnW1g2U2gNdbq5zikLlHUuHW0GFWh7sgML2kIY= -cloud.google.com/go/mediatranslation v0.8.2/go.mod h1:c9pUaDRLkgHRx3irYE5ZC8tfXGrMYwNZdmDqKMSfFp8= -cloud.google.com/go/memcache v1.10.2/go.mod h1:f9ZzJHLBrmd4BkguIAa/l/Vle6uTHzHokdnzSWOdQ6A= -cloud.google.com/go/metastore v1.13.1/go.mod h1:IbF62JLxuZmhItCppcIfzBBfUFq0DIB9HPDoLgWrVOU= -cloud.google.com/go/monitoring v1.16.1/go.mod h1:6HsxddR+3y9j+o/cMJH6q/KJ/CBTvM/38L/1m7bTRJ4= -cloud.google.com/go/networkconnectivity v1.14.1/go.mod h1:LyGPXR742uQcDxZ/wv4EI0Vu5N6NKJ77ZYVnDe69Zug= -cloud.google.com/go/networkmanagement v1.9.1/go.mod h1:CCSYgrQQvW73EJawO2QamemYcOb57LvrDdDU51F0mcI= -cloud.google.com/go/networksecurity v0.9.2/go.mod h1:jG0SeAttWzPMUILEHDUvFYdQTl8L/E/KC8iZDj85lEI= -cloud.google.com/go/notebooks v1.10.1/go.mod h1:5PdJc2SgAybE76kFQCWrTfJolCOUQXF97e+gteUUA6A= -cloud.google.com/go/optimization v1.5.1/go.mod h1:NC0gnUD5MWVAF7XLdoYVPmYYVth93Q6BUzqAq3ZwtV8= -cloud.google.com/go/orchestration v1.8.2/go.mod h1:T1cP+6WyTmh6LSZzeUhvGf0uZVmJyTx7t8z7Vg87+A0= -cloud.google.com/go/orgpolicy v1.11.0/go.mod h1:2RK748+FtVvnfuynxBzdnyu7sygtoZa1za/0ZfpOs1M= +cloud.google.com/go/longrunning v0.5.4/go.mod h1:zqNVncI0BOP8ST6XQD1+VcvuShMmq7+xFSzOL++V0dI= +cloud.google.com/go/managedidentities v1.6.4/go.mod h1:WgyaECfHmF00t/1Uk8Oun3CQ2PGUtjc3e9Alh79wyiM= +cloud.google.com/go/maps v1.6.1/go.mod h1:4+buOHhYXFBp58Zj/K+Lc1rCmJssxxF4pJ5CJnhdz18= +cloud.google.com/go/mediatranslation v0.8.4/go.mod h1:9WstgtNVAdN53m6TQa5GjIjLqKQPXe74hwSCxUP6nj4= +cloud.google.com/go/memcache v1.10.4/go.mod h1:v/d8PuC8d1gD6Yn5+I3INzLR01IDn0N4Ym56RgikSI0= +cloud.google.com/go/metastore v1.13.3/go.mod h1:K+wdjXdtkdk7AQg4+sXS8bRrQa9gcOr+foOMF2tqINE= +cloud.google.com/go/monitoring v1.16.3/go.mod h1:KwSsX5+8PnXv5NJnICZzW2R8pWTis8ypC4zmdRD63Tw= +cloud.google.com/go/networkconnectivity v1.14.3/go.mod h1:4aoeFdrJpYEXNvrnfyD5kIzs8YtHg945Og4koAjHQek= +cloud.google.com/go/networkmanagement v1.9.3/go.mod h1:y7WMO1bRLaP5h3Obm4tey+NquUvB93Co1oh4wpL+XcU= +cloud.google.com/go/networksecurity v0.9.4/go.mod h1:E9CeMZ2zDsNBkr8axKSYm8XyTqNhiCHf1JO/Vb8mD1w= +cloud.google.com/go/notebooks v1.11.2/go.mod h1:z0tlHI/lREXC8BS2mIsUeR3agM1AkgLiS+Isov3SS70= +cloud.google.com/go/optimization v1.6.2/go.mod h1:mWNZ7B9/EyMCcwNl1frUGEuY6CPijSkz88Fz2vwKPOY= +cloud.google.com/go/orchestration v1.8.4/go.mod h1:d0lywZSVYtIoSZXb0iFjv9SaL13PGyVOKDxqGxEf/qI= cloud.google.com/go/orgpolicy v1.11.2/go.mod h1:biRDpNwfyytYnmCRWZWxrKF22Nkz9eNVj9zyaBdpm1o= -cloud.google.com/go/osconfig v1.12.0/go.mod h1:8f/PaYzoS3JMVfdfTubkowZYGmAhUCjjwnjqWI7NVBc= +cloud.google.com/go/orgpolicy v1.11.4/go.mod h1:0+aNV/nrfoTQ4Mytv+Aw+stBDBjNf4d8fYRA9herfJI= cloud.google.com/go/osconfig v1.12.2/go.mod h1:eh9GPaMZpI6mEJEuhEjUJmaxvQ3gav+fFEJon1Y8Iw0= -cloud.google.com/go/oslogin v1.11.1/go.mod h1:OhD2icArCVNUxKqtK0mcSmKL7lgr0LVlQz+v9s1ujTg= -cloud.google.com/go/phishingprotection v0.8.2/go.mod h1:LhJ91uyVHEYKSKcMGhOa14zMMWfbEdxG032oT6ECbC8= -cloud.google.com/go/policytroubleshooter v1.9.1/go.mod h1:MYI8i0bCrL8cW+VHN1PoiBTyNZTstCg2WUw2eVC4c4U= -cloud.google.com/go/privatecatalog v0.9.2/go.mod h1:RMA4ATa8IXfzvjrhhK8J6H4wwcztab+oZph3c6WmtFc= +cloud.google.com/go/osconfig v1.12.4/go.mod h1:B1qEwJ/jzqSRslvdOCI8Kdnp0gSng0xW4LOnIebQomA= +cloud.google.com/go/oslogin v1.12.2/go.mod h1:CQ3V8Jvw4Qo4WRhNPF0o+HAM4DiLuE27Ul9CX9g2QdY= +cloud.google.com/go/phishingprotection v0.8.4/go.mod h1:6b3kNPAc2AQ6jZfFHioZKg9MQNybDg4ixFd4RPZZ2nE= +cloud.google.com/go/policytroubleshooter v1.10.2/go.mod h1:m4uF3f6LseVEnMV6nknlN2vYGRb+75ylQwJdnOXfnv0= +cloud.google.com/go/privatecatalog v0.9.4/go.mod h1:SOjm93f+5hp/U3PqMZAHTtBtluqLygrDrVO8X8tYtG0= cloud.google.com/go/pubsub v1.33.0/go.mod h1:f+w71I33OMyxf9VpMVcZbnG5KSUkCOUHYpFd5U1GdRc= cloud.google.com/go/pubsublite v1.8.1/go.mod h1:fOLdU4f5xldK4RGJrBMm+J7zMWNj/k4PxwEZXy39QS0= -cloud.google.com/go/recaptchaenterprise/v2 v2.8.1/go.mod h1:JZYZJOeZjgSSTGP4uz7NlQ4/d1w5hGmksVgM0lbEij0= -cloud.google.com/go/recommendationengine v0.8.2/go.mod h1:QIybYHPK58qir9CV2ix/re/M//Ty10OxjnnhWdaKS1Y= -cloud.google.com/go/recommender v1.11.1/go.mod h1:sGwFFAyI57v2Hc5LbIj+lTwXipGu9NW015rkaEM5B18= -cloud.google.com/go/redis v1.13.2/go.mod h1:0Hg7pCMXS9uz02q+LoEVl5dNHUkIQv+C/3L76fandSA= -cloud.google.com/go/resourcemanager v1.9.2/go.mod h1:OujkBg1UZg5lX2yIyMo5Vz9O5hf7XQOSV7WxqxxMtQE= -cloud.google.com/go/resourcesettings v1.6.2/go.mod h1:mJIEDd9MobzunWMeniaMp6tzg4I2GvD3TTmPkc8vBXk= -cloud.google.com/go/retail v1.14.2/go.mod h1:W7rrNRChAEChX336QF7bnMxbsjugcOCPU44i5kbLiL8= -cloud.google.com/go/run v1.3.1/go.mod h1:cymddtZOzdwLIAsmS6s+Asl4JoXIDm/K1cpZTxV4Q5s= -cloud.google.com/go/scheduler v1.10.2/go.mod h1:O3jX6HRH5eKCA3FutMw375XHZJudNIKVonSCHv7ropY= -cloud.google.com/go/secretmanager v1.11.2/go.mod h1:MQm4t3deoSub7+WNwiC4/tRYgDBHJgJPvswqQVB1Vss= -cloud.google.com/go/security v1.15.2/go.mod h1:2GVE/v1oixIRHDaClVbHuPcZwAqFM28mXuAKCfMgYIg= -cloud.google.com/go/securitycenter v1.23.1/go.mod h1:w2HV3Mv/yKhbXKwOCu2i8bCuLtNP1IMHuiYQn4HJq5s= -cloud.google.com/go/servicedirectory v1.11.1/go.mod h1:tJywXimEWzNzw9FvtNjsQxxJ3/41jseeILgwU/QLrGI= -cloud.google.com/go/shell v1.7.2/go.mod h1:KqRPKwBV0UyLickMn0+BY1qIyE98kKyI216sH/TuHmc= -cloud.google.com/go/spanner v1.50.0/go.mod h1:eGj9mQGK8+hkgSVbHNQ06pQ4oS+cyc4tXXd6Dif1KoM= -cloud.google.com/go/speech v1.19.1/go.mod h1:WcuaWz/3hOlzPFOVo9DUsblMIHwxP589y6ZMtaG+iAA= -cloud.google.com/go/storage v1.33.0 h1:PVrDOkIC8qQVa1P3SXGpQvfuJhN2LHOoyZvWs8D2X5M= -cloud.google.com/go/storage v1.33.0/go.mod h1:Hhh/dogNRGca7IWv1RC2YqEn0c0G77ctA/OxflYkiD8= -cloud.google.com/go/storagetransfer v1.10.1/go.mod h1:rS7Sy0BtPviWYTTJVWCSV4QrbBitgPeuK4/FKa4IdLs= -cloud.google.com/go/talent v1.6.3/go.mod h1:xoDO97Qd4AK43rGjJvyBHMskiEf3KulgYzcH6YWOVoo= -cloud.google.com/go/texttospeech v1.7.2/go.mod h1:VYPT6aTOEl3herQjFHYErTlSZJ4vB00Q2ZTmuVgluD4= -cloud.google.com/go/tpu v1.6.2/go.mod h1:NXh3NDwt71TsPZdtGWgAG5ThDfGd32X1mJ2cMaRlVgU= -cloud.google.com/go/trace v1.10.2/go.mod h1:NPXemMi6MToRFcSxRl2uDnu/qAlAQ3oULUphcHGh1vA= -cloud.google.com/go/translate v1.9.1/go.mod h1:TWIgDZknq2+JD4iRcojgeDtqGEp154HN/uL6hMvylS8= -cloud.google.com/go/video v1.20.1/go.mod h1:3gJS+iDprnj8SY6pe0SwLeC5BUW80NjhwX7INWEuWGU= -cloud.google.com/go/videointelligence v1.11.2/go.mod h1:ocfIGYtIVmIcWk1DsSGOoDiXca4vaZQII1C85qtoplc= -cloud.google.com/go/vision/v2 v2.7.3/go.mod h1:V0IcLCY7W+hpMKXK1JYE0LV5llEqVmj+UJChjvA1WsM= -cloud.google.com/go/vmmigration v1.7.2/go.mod h1:iA2hVj22sm2LLYXGPT1pB63mXHhrH1m/ruux9TwWLd8= -cloud.google.com/go/vmwareengine v1.0.1/go.mod h1:aT3Xsm5sNx0QShk1Jc1B8OddrxAScYLwzVoaiXfdzzk= -cloud.google.com/go/vpcaccess v1.7.2/go.mod h1:mmg/MnRHv+3e8FJUjeSibVFvQF1cCy2MsFaFqxeY1HU= -cloud.google.com/go/webrisk v1.9.2/go.mod h1:pY9kfDgAqxUpDBOrG4w8deLfhvJmejKB0qd/5uQIPBc= -cloud.google.com/go/websecurityscanner v1.6.2/go.mod h1:7YgjuU5tun7Eg2kpKgGnDuEOXWIrh8x8lWrJT4zfmas= -cloud.google.com/go/workflows v1.12.1/go.mod h1:5A95OhD/edtOhQd/O741NSfIMezNTbCwLM1P1tBRGHM= -code.cloudfoundry.org/bytefmt v0.0.0-20230612151507-41ef4d1f67a4 h1:9G5F8zgma5v0GdDvNz6iZwwJp3RS/z0SY/aHGfVwvTo= -code.cloudfoundry.org/bytefmt v0.0.0-20230612151507-41ef4d1f67a4/go.mod h1:wYHCXH/gI19ujoFVuMkY48qPpPCoHLKBKXPkn67h/Yc= +cloud.google.com/go/recaptchaenterprise/v2 v2.8.4/go.mod h1:Dak54rw6lC2gBY8FBznpOCAR58wKf+R+ZSJRoeJok4w= +cloud.google.com/go/recommendationengine v0.8.4/go.mod h1:GEteCf1PATl5v5ZsQ60sTClUE0phbWmo3rQ1Js8louU= +cloud.google.com/go/recommender v1.11.3/go.mod h1:+FJosKKJSId1MBFeJ/TTyoGQZiEelQQIZMKYYD8ruK4= +cloud.google.com/go/redis v1.14.1/go.mod h1:MbmBxN8bEnQI4doZPC1BzADU4HGocHBk2de3SbgOkqs= +cloud.google.com/go/resourcemanager v1.9.4/go.mod h1:N1dhP9RFvo3lUfwtfLWVxfUWq8+KUQ+XLlHLH3BoFJ0= +cloud.google.com/go/resourcesettings v1.6.4/go.mod h1:pYTTkWdv2lmQcjsthbZLNBP4QW140cs7wqA3DuqErVI= +cloud.google.com/go/retail v1.14.4/go.mod h1:l/N7cMtY78yRnJqp5JW8emy7MB1nz8E4t2yfOmklYfg= +cloud.google.com/go/run v1.3.3/go.mod h1:WSM5pGyJ7cfYyYbONVQBN4buz42zFqwG67Q3ch07iK4= +cloud.google.com/go/scheduler v1.10.5/go.mod h1:MTuXcrJC9tqOHhixdbHDFSIuh7xZF2IysiINDuiq6NI= +cloud.google.com/go/secretmanager v1.11.4/go.mod h1:wreJlbS9Zdq21lMzWmJ0XhWW2ZxgPeahsqeV/vZoJ3w= +cloud.google.com/go/security v1.15.4/go.mod h1:oN7C2uIZKhxCLiAAijKUCuHLZbIt/ghYEo8MqwD/Ty4= +cloud.google.com/go/securitycenter v1.24.2/go.mod h1:l1XejOngggzqwr4Fa2Cn+iWZGf+aBLTXtB/vXjy5vXM= +cloud.google.com/go/servicedirectory v1.11.3/go.mod h1:LV+cHkomRLr67YoQy3Xq2tUXBGOs5z5bPofdq7qtiAw= +cloud.google.com/go/shell v1.7.4/go.mod h1:yLeXB8eKLxw0dpEmXQ/FjriYrBijNsONpwnWsdPqlKM= +cloud.google.com/go/spanner v1.53.0/go.mod h1:liG4iCeLqm5L3fFLU5whFITqP0e0orsAW1uUSrd4rws= +cloud.google.com/go/speech v1.21.0/go.mod h1:wwolycgONvfz2EDU8rKuHRW3+wc9ILPsAWoikBEWavY= +cloud.google.com/go/storage v1.35.1 h1:B59ahL//eDfx2IIKFBeT5Atm9wnNmj3+8xG/W4WB//w= +cloud.google.com/go/storage v1.35.1/go.mod h1:M6M/3V/D3KpzMTJyPOR/HU6n2Si5QdaXYEsng2xgOs8= +cloud.google.com/go/storagetransfer v1.10.3/go.mod h1:Up8LY2p6X68SZ+WToswpQbQHnJpOty/ACcMafuey8gc= +cloud.google.com/go/talent v1.6.5/go.mod h1:Mf5cma696HmE+P2BWJ/ZwYqeJXEeU0UqjHFXVLadEDI= +cloud.google.com/go/texttospeech v1.7.4/go.mod h1:vgv0002WvR4liGuSd5BJbWy4nDn5Ozco0uJymY5+U74= +cloud.google.com/go/tpu v1.6.4/go.mod h1:NAm9q3Rq2wIlGnOhpYICNI7+bpBebMJbh0yyp3aNw1Y= +cloud.google.com/go/trace v1.10.4/go.mod h1:Nso99EDIK8Mj5/zmB+iGr9dosS/bzWCJ8wGmE6TXNWY= +cloud.google.com/go/translate v1.9.3/go.mod h1:Kbq9RggWsbqZ9W5YpM94Q1Xv4dshw/gr/SHfsl5yCZ0= +cloud.google.com/go/video v1.20.3/go.mod h1:TnH/mNZKVHeNtpamsSPygSR0iHtvrR/cW1/GDjN5+GU= +cloud.google.com/go/videointelligence v1.11.4/go.mod h1:kPBMAYsTPFiQxMLmmjpcZUMklJp3nC9+ipJJtprccD8= +cloud.google.com/go/vision/v2 v2.7.5/go.mod h1:GcviprJLFfK9OLf0z8Gm6lQb6ZFUulvpZws+mm6yPLM= +cloud.google.com/go/vmmigration v1.7.4/go.mod h1:yBXCmiLaB99hEl/G9ZooNx2GyzgsjKnw5fWcINRgD70= +cloud.google.com/go/vmwareengine v1.0.3/go.mod h1:QSpdZ1stlbfKtyt6Iu19M6XRxjmXO+vb5a/R6Fvy2y4= +cloud.google.com/go/vpcaccess v1.7.4/go.mod h1:lA0KTvhtEOb/VOdnH/gwPuOzGgM+CWsmGu6bb4IoMKk= +cloud.google.com/go/webrisk v1.9.4/go.mod h1:w7m4Ib4C+OseSr2GL66m0zMBywdrVNTDKsdEsfMl7X0= +cloud.google.com/go/websecurityscanner v1.6.4/go.mod h1:mUiyMQ+dGpPPRkHgknIZeCzSHJ45+fY4F52nZFDHm2o= +cloud.google.com/go/workflows v1.12.3/go.mod h1:fmOUeeqEwPzIU81foMjTRQIdwQHADi/vEr1cx9R1m5g= +code.cloudfoundry.org/bytefmt v0.0.0-20231017140541-3b893ed0421b h1:/2OEIBwZAaJ8n8iTXrM4v/+bdyLDTLwcW6RZtkO4+r0= +code.cloudfoundry.org/bytefmt v0.0.0-20231017140541-3b893ed0421b/go.mod h1:CKNYSQxmKcMCNIKoRG5rRR4AIgJMIoK65ya+Z5xHnk4= dmitri.shuralyov.com/gpu/mtl v0.0.0-20201218220906-28db891af037/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= dmitri.shuralyov.com/gpu/mtl v0.0.0-20221208032759-85de2813cf6b/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= eliasnaur.com/font v0.0.0-20230308162249-dd43949cb42d/go.mod h1:OYVuxibdk9OSLX8vAqydtRPP87PyTFcT9uH3MlEGBQA= @@ -177,46 +177,46 @@ github.com/apache/arrow/go/v12 v12.0.0/go.mod h1:d+tV/eHZZ7Dz7RPrFKtPK02tpr+c9/P github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/aws/aws-sdk-go v1.45.26 h1:PJ2NJNY5N/yeobLYe1Y+xLdavBi67ZI8gvph6ftwVCg= -github.com/aws/aws-sdk-go v1.45.26/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= -github.com/aws/aws-sdk-go-v2 v1.21.2 h1:+LXZ0sgo8quN9UOKXXzAWRT3FWd4NxeXWOZom9pE7GA= -github.com/aws/aws-sdk-go-v2 v1.21.2/go.mod h1:ErQhvNuEMhJjweavOYhxVkn2RUx7kQXVATHrjKtxIpM= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.14 h1:Sc82v7tDQ/vdU1WtuSyzZ1I7y/68j//HJ6uozND1IDs= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.14/go.mod h1:9NCTOURS8OpxvoAVHq79LK81/zC78hfRWFn+aL0SPcY= -github.com/aws/aws-sdk-go-v2/config v1.19.0 h1:AdzDvwH6dWuVARCl3RTLGRc4Ogy+N7yLFxVxXe1ClQ0= -github.com/aws/aws-sdk-go-v2/config v1.19.0/go.mod h1:ZwDUgFnQgsazQTnWfeLWk5GjeqTQTL8lMkoE1UXzxdE= -github.com/aws/aws-sdk-go-v2/credentials v1.13.43 h1:LU8vo40zBlo3R7bAvBVy/ku4nxGEyZe9N8MqAeFTzF8= -github.com/aws/aws-sdk-go-v2/credentials v1.13.43/go.mod h1:zWJBz1Yf1ZtX5NGax9ZdNjhhI4rgjfgsyk6vTY1yfVg= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.13 h1:PIktER+hwIG286DqXyvVENjgLTAwGgoeriLDD5C+YlQ= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.13/go.mod h1:f/Ib/qYjhV2/qdsf79H3QP/eRE4AkVyEf6sk7XfZ1tg= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.91 h1:haAyxKHwoE+y/TJt+qHcPQf1dCViyyGbWcKjjYUllTE= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.91/go.mod h1:ACQ6ta5YFlfSOz2c9A+EVYawLxFMZ0rI3Q0A0tGieKo= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.43 h1:nFBQlGtkbPzp/NjZLuFxRqmT91rLJkgvsEQs68h962Y= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.43/go.mod h1:auo+PiyLl0n1l8A0e8RIeR8tOzYPfZZH/JNlrJ8igTQ= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.37 h1:JRVhO25+r3ar2mKGP7E0LDl8K9/G36gjlqca5iQbaqc= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.37/go.mod h1:Qe+2KtKml+FEsQF/DHmDV+xjtche/hwoF75EG4UlHW8= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.45 h1:hze8YsjSh8Wl1rYa1CJpRmXP21BvOBuc76YhW0HsuQ4= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.45/go.mod h1:lD5M20o09/LCuQ2mE62Mb/iSdSlCNuj6H5ci7tW7OsE= +github.com/aws/aws-sdk-go v1.48.3 h1:btYjT+opVFxUbRz+qSCjJe07cdX82BHmMX/FXYmoL7g= +github.com/aws/aws-sdk-go v1.48.3/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go-v2 v1.23.1 h1:qXaFsOOMA+HsZtX8WoCa+gJnbyW7qyFFBlPqvTSzbaI= +github.com/aws/aws-sdk-go-v2 v1.23.1/go.mod h1:i1XDttT4rnf6vxc9AuskLc6s7XBee8rlLilKlc03uAA= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.1 h1:ZY3108YtBNq96jNZTICHxN1gSBSbnvIdYwwqnvCV4Mc= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.1/go.mod h1:t8PYl/6LzdAqsU4/9tz28V/kU+asFePvpOMkdul0gEQ= +github.com/aws/aws-sdk-go-v2/config v1.25.5 h1:UGKm9hpQS2hoK8CEJ1BzAW8NbUpvwDJJ4lyqXSzu8bk= +github.com/aws/aws-sdk-go-v2/config v1.25.5/go.mod h1:Bf4gDvy4ZcFIK0rqDu1wp9wrubNba2DojiPB2rt6nvI= +github.com/aws/aws-sdk-go-v2/credentials v1.16.4 h1:i7UQYYDSJrtc30RSwJwfBKwLFNnBTiICqAJ0pPdum8E= +github.com/aws/aws-sdk-go-v2/credentials v1.16.4/go.mod h1:Kdh/okh+//vQ/AjEt81CjvkTo64+/zIE4OewP7RpfXk= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5 h1:KehRNiVzIfAcj6gw98zotVbb/K67taJE0fkfgM6vzqU= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5/go.mod h1:VhnExhw6uXy9QzetvpXDolo1/hjhx4u9qukBGkuUwjs= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.14.2 h1:3q7vcLhq6JXqTLPpPuDJgw3f+DFqd4p+BWL2DlplRPc= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.14.2/go.mod h1:9aqZoo/OeMBK/Nf3wzQzTlM92u7Bip256GHpY0oQbX4= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.4 h1:LAm3Ycm9HJfbSCd5I+wqC2S9Ej7FPrgr5CQoOljJZcE= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.4/go.mod h1:xEhvbJcyUf/31yfGSQBe01fukXwXJ0gxDp7rLfymWE0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.4 h1:4GV0kKZzUxiWxSVpn/9gwR0g21NF1Jsyduzo9rHgC/Q= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.4/go.mod h1:dYvTNAggxDZy6y1AF7YDwXsPuHFy/VNEpEI/2dWK9IU= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 h1:uR9lXYjdPX0xY+NhvaJ4dD8rpSRz5VY81ccIIoNG+lw= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.0 h1:U5yySdwt2HPo/pnQec04DImLzWORbeWML1fJiLkKruI= github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.0/go.mod h1:EhC/83j8/hL/UB1WmExo3gkElaja/KlmZM/gl1rTfjM= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.15 h1:7R8uRYyXzdD71KWVCL78lJZltah6VVznXBazvKjfH58= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.15/go.mod h1:26SQUPcTNgV1Tapwdt4a1rOsYRsnBsJHLMPoxK2b0d8= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.38 h1:skaFGzv+3kA+v2BPKhuekeb1Hbb105+44r8ASC+q5SE= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.38/go.mod h1:epIZoRSSbRIwLPJU5F+OldHhwZPBdpDeQkRdCeY3+00= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.37 h1:WWZA/I2K4ptBS1kg0kV1JbBtG/umed0vwHRrmcr9z7k= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.37/go.mod h1:vBmDnwWXWxNPFRMmG2m/3MKOe+xEcMDo1tanpaWCcck= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.6 h1:9ulSU5ClouoPIYhDQdg9tpl83d5Yb91PXTKK+17q+ow= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.6/go.mod h1:lnc2taBsR9nTlz9meD+lhFZZ9EWY712QHrRflWpTcOA= -github.com/aws/aws-sdk-go-v2/service/s3 v1.40.2 h1:Ll5/YVCOzRB+gxPqs2uD0R7/MyATC0w85626glSKmp4= -github.com/aws/aws-sdk-go-v2/service/s3 v1.40.2/go.mod h1:Zjfqt7KhQK+PO1bbOsFNzKgaq7TcxzmEoDWN8lM0qzQ= -github.com/aws/aws-sdk-go-v2/service/sso v1.15.2 h1:JuPGc7IkOP4AaqcZSIcyqLpFSqBWK32rM9+a1g6u73k= -github.com/aws/aws-sdk-go-v2/service/sso v1.15.2/go.mod h1:gsL4keucRCgW+xA85ALBpRFfdSLH4kHOVSnLMSuBECo= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 h1:rpkF4n0CyFcrJUG/rNNohoTmhtWlFTRI4BsZOh9PvLs= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1/go.mod h1:l9ymW25HOqymeU2m1gbUQ3rUIsTwKs8gYHXkqDQUhiI= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.4 h1:6DRKQc+9cChgzL5gplRGusI5dBGeiEod4m/pmGbcX48= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.4/go.mod h1:s8ORvrW4g4v7IvYKIAoBg17w3GQ+XuwXDXYrQ5SkzU0= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.4 h1:rdovz3rEu0vZKbzoMYPTehp0E8veoE9AyfzqCr5Eeao= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.4/go.mod h1:aYCGNjyUCUelhofxlZyj63srdxWUSsBSGg5l6MCuXuE= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.4 h1:o3DcfCxGDIT20pTbVKVhp3vWXOj/VvgazNJvumWeYW0= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.4/go.mod h1:Uy0KVOxuTK2ne+/PKQ+VvEeWmjMMksE17k/2RK/r5oM= +github.com/aws/aws-sdk-go-v2/service/s3 v1.44.0 h1:FJTWR2nP1ddLIbk4n7Glw8wGbeWGHaViUwADPzE/EBo= +github.com/aws/aws-sdk-go-v2/service/s3 v1.44.0/go.mod h1:dqJ5JBL0clzgHriH35Amx3LRFY6wNIPUX7QO/BerSBo= +github.com/aws/aws-sdk-go-v2/service/sso v1.17.3 h1:CdsSOGlFF3Pn+koXOIpTtvX7st0IuGsZ8kJqcWMlX54= +github.com/aws/aws-sdk-go-v2/service/sso v1.17.3/go.mod h1:oA6VjNsLll2eVuUoF2D+CMyORgNzPEW/3PyUdq6WQjI= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.1 h1:hd0SKLMdOL/Sl6Z0np1PX9LeH2gqNtBe0MhTedA8MGI= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.1/go.mod h1:XO/VcyoQ8nKyKfFW/3DMsRQXsfh/052tHTWmg3xBXRg= -github.com/aws/aws-sdk-go-v2/service/sts v1.23.2 h1:0BkLfgeDjfZnZ+MhB3ONb01u9pwFYTCZVhlsSSBvlbU= -github.com/aws/aws-sdk-go-v2/service/sts v1.23.2/go.mod h1:Eows6e1uQEsc4ZaHANmsPRzAKcVDrcmjjWiih2+HUUQ= -github.com/aws/smithy-go v1.15.0 h1:PS/durmlzvAFpQHDs4wi4sNNP9ExsqZh6IlfdHXgKK8= -github.com/aws/smithy-go v1.15.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aws/aws-sdk-go-v2/service/sts v1.25.4 h1:yEvZ4neOQ/KpUqyR+X0ycUTW/kVRNR4nDZ38wStHGAA= +github.com/aws/aws-sdk-go-v2/service/sts v1.25.4/go.mod h1:feTnm2Tk/pJxdX+eooEsxvlvTWBvDm6CasRZ+JOs2IY= +github.com/aws/smithy-go v1.17.0 h1:wWJD7LX6PBV6etBUwO0zElG0nWN9rUhp0WdYeHSHAaI= +github.com/aws/smithy-go v1.17.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k= @@ -237,10 +237,10 @@ github.com/chzyer/logex v1.2.1/go.mod h1:JLbx6lG2kDbNRFnfkgvh4eRJRPX1QCoOIWomwys github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk= github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8= github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20231016030527-8bd2eac9fb4a h1:SZL0tarhuhoN0kvo5pfO4i6vxYghwzXUo9w0WHIjI4k= -github.com/cncf/xds/go v0.0.0-20231016030527-8bd2eac9fb4a/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20231121184454-5b9bca5544b3 h1:f5ezUV6bRcZA6QqXbnjdgyqotOZyL9cdPKimTSsYjgA= +github.com/cncf/xds/go v0.0.0-20231121184454-5b9bca5544b3/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= +github.com/creack/pty v1.1.21/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/denisenkom/go-mssqldb v0.12.3 h1:pBSGx9Tq67pBOTLmxNuirNTeB8Vjmf886Kx+8Y+8shw= @@ -265,31 +265,31 @@ github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzP github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fredbi/uri v0.1.0/go.mod h1:1xC40RnIOGCaQzswaOvrzvG/3M3F0hyDVb3aO/1iGy0= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/fyne-io/gl-js v0.0.0-20220119005834-d2da28d9ccfe/go.mod h1:d4clgH0/GrRwWjRzJJQXxT/h1TyuNSfF/X64zb/3Ggg= github.com/fyne-io/glfw-js v0.0.0-20220120001248-ee7290d23504/go.mod h1:gLRWYfYnMA9TONeppRSikMdXlHQ97xVsPojddUv3b/E= github.com/fyne-io/image v0.0.0-20220602074514-4956b0afb3d2/go.mod h1:eO7W361vmlPOrykIg+Rsh1SZ3tQBaOsfzZhsIOb/Lm0= github.com/fyne-io/mobile v0.1.2/go.mod h1:/kOrWrZB6sasLbEy2JIvr4arEzQTXBTZGb3Y96yWbHY= github.com/go-errors/errors v1.5.1 h1:ZwEMSLRCapFLflTpT7NKaAc7ukJ8ZPEjzlxt8rPN8bk= github.com/go-errors/errors v1.5.1/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-fonts/dejavu v0.2.0 h1:F3lhaCFgvvovt9UzD/AIPnOACYoAddop/uZwIdsJ4hs= -github.com/go-fonts/dejavu v0.2.0/go.mod h1:m+TzKY7ZEl09/a17t1593E4VYW8L1VaBXHzFZOIjGEY= -github.com/go-fonts/latin-modern v0.3.1 h1:/cT8A7uavYKvglYXvrdDw4oS5ZLkcOU22fa2HJ1/JVM= -github.com/go-fonts/latin-modern v0.3.1/go.mod h1:ysEQXnuT/sCDOAONxC7ImeEDVINbltClhasMAqEtRK0= -github.com/go-fonts/liberation v0.3.1 h1:9RPT2NhUpxQ7ukUvz3jeUckmN42T9D9TpjtQcqK/ceM= -github.com/go-fonts/liberation v0.3.1/go.mod h1:jdJ+cqF+F4SUL2V+qxBth8fvBpBDS7yloUL5Fi8GTGY= -github.com/go-fonts/stix v0.2.1/go.mod h1:9h7HeKC7I39zxk+g/jNftDNNMqIlCmVfKcq4LoA05Yo= -github.com/go-gl/gl v0.0.0-20211210172815-726fda9656d6/go.mod h1:9YTyiznxEY1fVinfM7RvRcjRHbw2xLBJ3AAGIT0I4Nw= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20221017161538-93cebf72946b/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-latex/latex v0.0.0-20230307184459-12ec69307ad9 h1:NxXI5pTAtpEaU49bpLpQoDsu1zrteW/vxzTz8Cd2UAs= -github.com/go-latex/latex v0.0.0-20230307184459-12ec69307ad9/go.mod h1:gWuR/CrFDDeVRFQwHPvsv9soJVB/iqymhuZQuJ3a9OM= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-fonts/dejavu v0.3.2 h1:3XlHi0JBYX+Cp8n98c6qSoHrxPa4AUKDMKdrh/0sUdk= +github.com/go-fonts/dejavu v0.3.2/go.mod h1:m+TzKY7ZEl09/a17t1593E4VYW8L1VaBXHzFZOIjGEY= +github.com/go-fonts/latin-modern v0.3.2 h1:M+Sq24Dp0ZRPf3TctPnG1MZxRblqyWC/cRUL9WmdaFc= +github.com/go-fonts/latin-modern v0.3.2/go.mod h1:9odJt4NbRrbdj4UAMuLVd4zEukf6aAEKnDaQga0whqQ= +github.com/go-fonts/liberation v0.3.2 h1:XuwG0vGHFBPRRI8Qwbi5tIvR3cku9LUfZGq/Ar16wlQ= +github.com/go-fonts/liberation v0.3.2/go.mod h1:N0QsDLVUQPy3UYg9XAc3Uh3UDMp2Z7M1o4+X98dXkmI= +github.com/go-fonts/stix v0.2.2/go.mod h1:SUxggC9dxd/Q+rb5PkJuvfvTbOPtNc2Qaua00fIp9iU= +github.com/go-gl/gl v0.0.0-20231021071112-07e5d0ea2e71/go.mod h1:9YTyiznxEY1fVinfM7RvRcjRHbw2xLBJ3AAGIT0I4Nw= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20231117230948-b8b00452e321/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-latex/latex v0.0.0-20231108140139-5c1ce85aa4ea h1:DfZQkvEbdmOe+JK2TMtBM+0I9GSdzE2y/L1/AmD8xKc= +github.com/go-latex/latex v0.0.0-20231108140139-5c1ce85aa4ea/go.mod h1:Y7Vld91/HRbTBm7JwoI7HejdDB0u+e9AUBO9MB7yuZk= +github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= @@ -317,7 +317,7 @@ github.com/go-toolsmith/strparse v1.1.0 h1:GAioeZUK9TGxnLS+qfdqNbA4z0SSm5zVNtCQi github.com/go-toolsmith/strparse v1.1.0/go.mod h1:7ksGy58fsaQkGQlY8WVoBFNyEPMGuJin1rfoPS4lBSQ= github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM= github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= -github.com/gobwas/ws v1.3.0/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY= +github.com/gobwas/ws v1.3.1/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY= github.com/goccmack/gocc v0.0.0-20230228185258-2292f9e40198/go.mod h1:DTh/Y2+NbnOVVoypCCQrovMPDKUGp4yZpSbWg5D0XIM= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= @@ -336,8 +336,7 @@ github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF08vX0COfcOBJRhZ8lUbR+ZWIs0Y5g= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= -github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= -github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= +github.com/golang/glog v1.2.0/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= @@ -354,7 +353,6 @@ github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 h1:0VpGH+c github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49/go.mod h1:BkkQ4L1KS1xMt2aWSPStnn55ChGC0DPOn2FQYj+f25M= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-pkcs11 v0.2.0/go.mod h1:6eQoGcuNJpa7jnd5pMGdkSaQpNDYvPlXWMcjXXThLlY= github.com/google/go-pkcs11 v0.2.1-0.20230907215043-c6f79328ddf9/go.mod h1:6eQoGcuNJpa7jnd5pMGdkSaQpNDYvPlXWMcjXXThLlY= github.com/google/go-replayers/grpcreplay v1.1.0 h1:S5+I3zYyZ+GQz68OfbURDdt/+cSMqCK1wrvNx7WBzTE= github.com/google/go-replayers/grpcreplay v1.1.0/go.mod h1:qzAvJ8/wi57zq7gWqaE6AwLM6miiXUQwP1S+I9icmhk= @@ -364,8 +362,8 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw= github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= -github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98 h1:pUa4ghanp6q4IJHwE9RwLgmVFfReJN+KbQ8ExNEUUoQ= -github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a h1:fEBsGL/sjAuJrgah5XqmmYsTLzJp/TO9Lhy39gkverk= +github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= github.com/google/s2a-go v0.1.0/go.mod h1:OJpEgntRZo8ugHpF9hkoLJbS5dSI20XZeXJ9JVywLlM= github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= @@ -373,37 +371,36 @@ github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/subcommands v1.2.0/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/wire v0.5.0 h1:I7ELFeVBr3yfPIcc8+MWvrjk+3VjbcSzoXm3JVa+jD8= github.com/google/wire v0.5.0/go.mod h1:ngWDr9Qvq3yZA10YrxfyGELY/AFWGVpy9c1LTRi1EoU= github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= github.com/googleapis/enterprise-certificate-proxy v0.2.4/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= -github.com/googleapis/enterprise-certificate-proxy v0.2.5/go.mod h1:RxW0N9901Cko1VOCW3SXCpWP+mlIEkk2tP7jnHy9a3w= -github.com/googleapis/enterprise-certificate-proxy v0.3.1 h1:SBWmZhjUDRorQxrN0nwzf+AHBxnbFjViHQS4P0yVpmQ= -github.com/googleapis/enterprise-certificate-proxy v0.3.1/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= +github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfFxPRy3Bf7vr3h0cechB90XaQs= +github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas= github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopherjs/gopherjs v0.0.0-20211219123610-ec9572f70e60/go.mod h1:cz9oNYuRUWGdHmLF2IodMLkAhcPtXeULvcBNagUrxTI= github.com/gopherjs/gopherjs v1.17.2/go.mod h1:pRRIvn/QzFLrKfvEz3qUuEhtE/zLCWfreZ6J5gM2i+k= -github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= -github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= +github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/goxjs/gl v0.0.0-20210104184919-e3fafc6f8f2a/go.mod h1:dy/f2gjY09hwVfIyATps4G2ai7/hLwLkc5TrPqONuXY= github.com/goxjs/glfw v0.0.0-20191126052801-d2efb5f20838/go.mod h1:oS8P8gVOT4ywTcjV6wZlOU4GuVFQ8F5328KY3MJ79CY= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.0 h1:RtRsiaGvWxcwd8y3BiRZxsylPT8hLWZ5SPcfI+3IDNk= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.0/go.mod h1:TzP6duP4Py2pHLVPPQp42aoYI92+PCrVotyR5e8Vqlk= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.1 h1:6UKoz5ujsI55KNpsJH3UwCq3T8kKbZwNZBNPuTTje8U= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.1/go.mod h1:YvJ2f6MplWDhfxiUC3KpyTy76kYUZA4W3pTv/wdKQ9Y= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/iancoleman/strcase v0.3.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= -github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw= +github.com/ianlancetaylor/demangle v0.0.0-20231023195312-e2daf7ba7156/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw= github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= @@ -430,10 +427,10 @@ github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:C github.com/kisielk/errcheck v1.6.3/go.mod h1:nXw/i/MfnvRHqXa7XXmQMUB0oNFGuBrNI8d8NLy0LPw= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE= -github.com/klauspost/compress v1.17.1 h1:NE3C767s2ak2bweCZo3+rdP4U/HoyVXLv/X9f2gPS5g= -github.com/klauspost/compress v1.17.1/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= -github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= -github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/klauspost/compress v1.17.3 h1:qkRjuerhUU1EmXLYGkSH6EZL+vPSxIrYjLNAK4slzwA= +github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= +github.com/klauspost/cpuid/v2 v2.2.6 h1:ndNyv040zDGIDh8thGkXYjnFtiN02M1PVVF+JE/48xc= +github.com/klauspost/cpuid/v2 v2.2.6/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/kpango/fastime v1.1.9 h1:xVQHcqyPt5M69DyFH7g1EPRns1YQNap9d5eLhl/Jy84= github.com/kpango/fastime v1.1.9/go.mod h1:vyD7FnUn08zxY4b/QFBZVG+9EWMYsNl+QF0uE46urD4= github.com/kpango/fuid v0.0.0-20221203053508-503b5ad89aa1 h1:rxyM+7uaZQ35P9fbixdnld/h4AgEhODoubuy6A4nDdk= @@ -449,6 +446,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kubernetes-csi/external-snapshotter/client/v6 v6.3.0 h1:qS4r4ljINLWKJ9m9Ge3Q3sGZ/eIoDVDT2RhAdQFHb1k= +github.com/kubernetes-csi/external-snapshotter/client/v6 v6.3.0/go.mod h1:oGXx2XTEzs9ikW2V6IC1dD8trgjRsS/Mvc2JRiC618Y= github.com/leanovate/gopter v0.2.9 h1:fQjYxZaynp97ozCzfOyOuAGOU4aU/z37zf/tOujFk7c= github.com/leanovate/gopter v0.2.9/go.mod h1:U2L/78B+KVFIx2VmW6onHJQzXtFb+p5y3y2Sh+Jxxv8= github.com/ledongthuc/pdf v0.0.0-20220302134840-0c2507a12d80/go.mod h1:imJHygn/1yfhB7XSJJKlFZKl/J+dCPAknuiaGOshXAs= @@ -464,11 +463,11 @@ github.com/lyft/protoc-gen-star/v2 v2.0.3/go.mod h1:amey7yeodaJhXSbf/TlLvWiqQfLO github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mandolyte/mdtopdf v1.3.2/go.mod h1:c28Ldk+tVc/y7QQcEcILStS/OFlerdXGGdBUzJQBgEo= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM= -github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-sqlite3 v1.14.18 h1:JL0eqdCOq6DJVNPSvArO/bIV9/P7fbGrV00LZHc+5aI= +github.com/mattn/go-sqlite3 v1.14.18/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/mcuadros/go-version v0.0.0-20190830083331-035f6764e8d2/go.mod h1:76rfSfYPWj01Z85hUf/ituArm797mNKcvINh1OlsZKo= github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE= @@ -491,10 +490,10 @@ github.com/nxadm/tail v1.4.11 h1:8feyoE3OzPrcshW5/MJ4sGESc5cqmGkGCWlco4l0bqY= github.com/nxadm/tail v1.4.11/go.mod h1:OTaG3NK980DZzxbRq6lEuzgU+mug70nY11sMd4JXXHc= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= -github.com/onsi/gomega v1.28.0 h1:i2rg/p9n/UqIDAMFUJ6qIUUMcsqOuUHgbpbu235Vr1c= -github.com/onsi/gomega v1.28.0/go.mod h1:A1H2JE76sI14WIP57LMKj7FVfCHx3g3BcZVjJG8bjX8= +github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= +github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde/go.mod h1:nZgzbfBr3hhjoZnS66nKrHmduYNpc34ny7RK4z5/HM0= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= @@ -517,8 +516,8 @@ github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1 github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= +github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= +github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/quasilyte/go-ruleguard v0.4.0 h1:DyM6r+TKL+xbKB4Nm7Afd1IQh9kEUKQs2pboWGKtvQo= @@ -549,8 +548,8 @@ github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92/go.mod h1:7/OT02F6 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= -github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/srwiley/oksvg v0.0.0-20200311192757-870daf9aa564/go.mod h1:afMbS0qvv1m5tfENCwnOdZGOF8RGR/FsZ7bvBxQGZG4= @@ -575,8 +574,8 @@ github.com/zeebo/assert v1.3.1 h1:vukIABvugfNMZMQO1ABsyQDJDTVQbn+LWSMy1ol1h6A= github.com/zeebo/assert v1.3.1/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= github.com/zeebo/xxh3 v1.0.2 h1:xZmwmqxHZA8AI603jOQ0tMqmBr9lPeFwGg6d+xy9DC0= github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA= -go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ= -go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= +go.etcd.io/bbolt v1.3.8 h1:xs88BrvEv273UsB79e0hcVrlUWmS0a8upikMFhSyAtA= +go.etcd.io/bbolt v1.3.8/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.37.0 h1:+uFejS4DCfNH6d3xODVIGsdhzgzhh45p9gpbHQMbdZI= @@ -603,49 +602,49 @@ go.opentelemetry.io/otel/trace v1.11.1 h1:ofxdnzsNrGBYXbP7t7zpUK281+go5rF7dvdIZX go.opentelemetry.io/otel/trace v1.11.1/go.mod h1:f/Q9G7vzk5u91PhbmKbg1Qn0rzH1LJ4vbPHFGkTPtOk= go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= -go.starlark.net v0.0.0-20231016134836-22325403fcb3 h1:CKbpFNZNfaNyEWd6C+F1vLZ0WJjukoU45zDErBmRKPs= -go.starlark.net v0.0.0-20231016134836-22325403fcb3/go.mod h1:LcLNIzVOMp4oV+uusnpk+VU+SzXaJakUuBjoCSWH5dM= +go.starlark.net v0.0.0-20231121155337-90ade8b19d09 h1:hzy3LFnSN8kuQK8h9tHl4ndF6UruMj47OqwqsS+/Ai4= +go.starlark.net v0.0.0-20231121155337-90ade8b19d09/go.mod h1:LcLNIzVOMp4oV+uusnpk+VU+SzXaJakUuBjoCSWH5dM= go.uber.org/automaxprocs v1.5.3 h1:kWazyxZUrS3Gs4qUpbwo5kEIMGe/DAvi5Z4tl2NW4j8= go.uber.org/automaxprocs v1.5.3/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnwa1WM0= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= gocloud.dev v0.34.0 h1:LzlQY+4l2cMtuNfwT2ht4+fiXwWf/NmPTnXUlLmGif4= gocloud.dev v0.34.0/go.mod h1:psKOachbnvY3DAOPbsFVmLIErwsbWPUG2H5i65D38vE= -golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= +golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= +golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= golang.org/x/exp/shiny v0.0.0-20220827204233-334a2380cb91/go.mod h1:VjAR7z0ngyATZTELrBSkxOOHhhlnVUxDye4mcjx5h/8= golang.org/x/exp/shiny v0.0.0-20230801115018-d63ba01acd4b/go.mod h1:UH99kUObWAZkDnWqppdQe5ZhPYESUw8I0zVV1uWBR+0= golang.org/x/exp/shiny v0.0.0-20230817173708-d852ddb80c63/go.mod h1:UH99kUObWAZkDnWqppdQe5ZhPYESUw8I0zVV1uWBR+0= -golang.org/x/exp/typeparams v0.0.0-20231006140011-7918f672742d h1:NRn/Afz91uVUyEsxMp4lGGxpr5y1qz+Iko60dbkfvLQ= -golang.org/x/exp/typeparams v0.0.0-20231006140011-7918f672742d/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= -golang.org/x/image v0.13.0 h1:3cge/F/QTkNLauhf2QoE9zp+7sr+ZcL4HnoZmdwg9sg= -golang.org/x/image v0.13.0/go.mod h1:6mmbMOeV28HuMTgA6OSRkdXKYw/t5W9Uwn2Yv1r3Yxk= +golang.org/x/exp/typeparams v0.0.0-20231110203233-9a3e6036ecaa h1:wJBD77KpXKOckDJT0rqU5EwZDmxcmTh6aXVpU6s6GBg= +golang.org/x/exp/typeparams v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= +golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4= +golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20231006135142-2b44d11868fe/go.mod h1:BrnXpEObnFxpaT75Jo9hsCazwOWcp7nVIa8NNuH5cuA= -golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= -golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= -golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= -golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= -golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/mobile v0.0.0-20231108233038-35478a0c49da/go.mod h1:IEceR0jfVklLJXrbUe90rfdAFAYDW0SQwKl4qvO1GBQ= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= +golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= +golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0= +golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8= +golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/time v0.4.0 h1:Z81tqI5ddIoXDPvVQ7/7CC9TnLM7ubaFG2qXYd5BbYY= +golang.org/x/time v0.4.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= +golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSmiC7MMxXNOb3PU/VUEz+EhU= golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= @@ -656,19 +655,19 @@ gonum.org/v1/hdf5 v0.0.0-20210714002203-8c5d23bc6946 h1:vJpL69PeUullhJyKtTjHjENE gonum.org/v1/hdf5 v0.0.0-20210714002203-8c5d23bc6946/go.mod h1:BQUWDHIAygjdt1HnUPQ0eWqLN2n5FwJycrpYUVUOx2I= gonum.org/v1/plot v0.14.0 h1:+LBDVFYwFe4LHhdP8coW6296MBEY4nQ+Y4vuUpJopcE= gonum.org/v1/plot v0.14.0/go.mod h1:MLdR9424SJed+5VqC6MsouEpig9pZX2VZ57H9ko2bXU= -google.golang.org/api v0.147.0 h1:Can3FaQo9LlVqxJCodNmeZW/ib3/qKAY3rFeXiHo5gc= -google.golang.org/api v0.147.0/go.mod h1:pQ/9j83DcmPd/5C9e2nFOdjjNkDZ1G+zkbK2uvdkJMs= +google.golang.org/api v0.151.0 h1:FhfXLO/NFdJIzQtCqjpysWwqKk8AzGWBUhMIx67cVDU= +google.golang.org/api v0.151.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg= google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b h1:+YaDE2r2OG8t/z5qmsh7Y+XXwCbvadxxZ0YY6mTdrVA= -google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:CgAqfJo+Xmu0GwA0411Ht3OU3OntXwsGmrmjI8ioGXI= -google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b h1:CIC2YMXmIhYw6evmhPxBKJ4fmLbOFtXQN/GV3XOZR8k= -google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:IBQ646DjkDkvUIsVq/cc03FUFQ9wbZu7yE396YcL870= -google.golang.org/genproto/googleapis/bytestream v0.0.0-20231009173412-8bfb1ae86b6c/go.mod h1:itlFWGBbEyD32PUeJsTG8h8Wz7iJXfVK4gt1EJ+pAG0= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b h1:ZlWIi1wSK56/8hn4QcBp/j9M7Gt3U/3hZw3mC7vDICo= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:swOH3j0KzcDDgGUWr+SNpyTen5YrXjS3eyPzFYKc6lc= -google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= -google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/genproto v0.0.0-20231120223509-83a465c0220f h1:Vn+VyHU5guc9KjB5KrjI2q0wCOWEOIh0OEsleqakHJg= +google.golang.org/genproto v0.0.0-20231120223509-83a465c0220f/go.mod h1:nWSwAFPb+qfNJXsoeO3Io7zf4tMSfN8EA8RlDA04GhY= +google.golang.org/genproto/googleapis/api v0.0.0-20231120223509-83a465c0220f h1:2yNACc1O40tTnrsbk9Cv6oxiW8pxI/pXj0wRtdlYmgY= +google.golang.org/genproto/googleapis/api v0.0.0-20231120223509-83a465c0220f/go.mod h1:Uy9bTZJqmfrw2rIBxgGLnamc78euZULUBrLZ9XTITKI= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20231030173426-d783a09b4405/go.mod h1:GRUCuLdzVqZte8+Dl/D4N25yLzcGqqWaYkeVOwulFqw= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f h1:ultW7fxlIvee4HYrtnaRPon9HpEgFk5zYpmfMgtKB5I= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f/go.mod h1:L9KNLi232K1/xB6f7AlSX692koaRnKaWSR0stBki0Yc= +google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= +google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0/go.mod h1:Dk1tviKTvMCz5tvh7t+fh94dhmQVHuCt2OzJB3CTW9Y= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= @@ -696,8 +695,8 @@ k8s.io/client-go v0.27.3 h1:7dnEGHZEJld3lYwxvLl7WoehK6lAq7GvgjxpA3nv1E8= k8s.io/client-go v0.27.3/go.mod h1:2MBEKuTo6V1lbKy3z1euEGnhPfGZLKTS9tiJ2xodM48= k8s.io/component-base v0.27.3 h1:g078YmdcdTfrCE4fFobt7qmVXwS8J/3cI1XxRi/2+6k= k8s.io/component-base v0.27.3/go.mod h1:JNiKYcGImpQ44iwSYs6dysxzR9SxIIgQalk4HaCNVUY= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= +k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515 h1:OmK1d0WrkD3IPfkskvroRykOulHVHf0s0ZIFRjyt+UI= k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515/go.mod h1:kzo02I3kQ4BTtEfVLaPbjvCkX97YqGve33wzlb3fofQ= k8s.io/metrics v0.27.3 h1:pBVKgQjfui8xzfTidIxiOmLHwcCk3KbeuWowo/Oh0t0= @@ -760,7 +759,7 @@ sigs.k8s.io/kustomize/api v0.13.2 h1:kejWfLeJhUsTGioDoFNJET5LQe/ajzXhJGYoU+pJsiA sigs.k8s.io/kustomize/api v0.13.2/go.mod h1:DUp325VVMFVcQSq+ZxyDisA8wtldwHxLZbr1g94UHsw= sigs.k8s.io/kustomize/kyaml v0.14.1 h1:c8iibius7l24G2wVAGZn/Va2wNys03GXLjYVIcFVxKA= sigs.k8s.io/kustomize/kyaml v0.14.1/go.mod h1:AN1/IpawKilWD7V+YvQwRGUvuUOOWpjsHu6uHwonSF4= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= From b4051aeaf96fcfed040e52d24650526cc758f055 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 05:45:23 +0000 Subject: [PATCH 20/51] Remove old example --- example/readreplica/cmd/main.go | 289 -------------------------------- 1 file changed, 289 deletions(-) delete mode 100644 example/readreplica/cmd/main.go diff --git a/example/readreplica/cmd/main.go b/example/readreplica/cmd/main.go deleted file mode 100644 index 5ee5c4866c..0000000000 --- a/example/readreplica/cmd/main.go +++ /dev/null @@ -1,289 +0,0 @@ -// Copyright (C) 2019-2023 vdaas.org vald team -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// You may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -package main - -import ( - "context" - "fmt" - "os" - "path/filepath" - "strings" - "time" - - snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" - snapshotclient "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" - "github.com/vdaas/vald/internal/sync/errgroup" - v1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/tools/clientcmd" -) - -const ( - namespace = "default" - replicaid = 0 - deploymentPrefix = "vald-agent-ngt-readreplica" - snapshotPrefix = "vald-agent-ngt-snapshot" - pvcPrefix = "vald-agent-ngt-readreplica-pvc" -) - -func main() { - homeDir, err := os.UserHomeDir() - if err != nil { - panic(err) - } - - kubeconfig := filepath.Join(homeDir, ".kube", "config") - - cfg, err := clientcmd.BuildConfigFromFlags("", kubeconfig) - if err != nil { - panic(err) - } - - client, err := kubernetes.NewForConfig(cfg) - if err != nil { - panic(err) - } - - sclient, err := snapshotclient.NewForConfig(cfg) - if err != nil { - panic(err) - } - - updater := New(replicaid, client, sclient) - - ctx := context.Background() - if err := updater.Start(ctx); err != nil { - panic(err) - } -} - -type readreplicaUpdater struct { - replicaid int - namespace string - deploymentPrefix string - snapshotPrefix string - pvcPrefix string - clientset *kubernetes.Clientset - sClientset *snapshotclient.Clientset -} - -func New(replicaid int, client *kubernetes.Clientset, sclient *snapshotclient.Clientset) *readreplicaUpdater { - return &readreplicaUpdater{ - replicaid: replicaid, - namespace: namespace, - deploymentPrefix: fmt.Sprintf("%s-%d", deploymentPrefix, replicaid), - snapshotPrefix: fmt.Sprintf("%s-%d", snapshotPrefix, replicaid), - pvcPrefix: fmt.Sprintf("%s-%d", pvcPrefix, replicaid), - clientset: client, - sClientset: sclient, - } -} - -func (r *readreplicaUpdater) Start(ctx context.Context) error { - newSnapShot, oldSnapShot, err := r.createSnapshot(ctx) - if err != nil { - return err - } - - newPvc, oldPvc, err := r.createPVC(ctx, newSnapShot.Name) - if err != nil { - return err - } - - err = r.updateDeployment(ctx, newPvc.Name) - if err != nil { - return err - } - - err = r.deleteSnapshot(ctx, oldSnapShot.Name) - if err != nil { - return err - } - err = r.deletePVC(ctx, oldPvc.Name) - if err != nil { - return err - } - - return nil -} - -func (r *readreplicaUpdater) createSnapshot(ctx context.Context) (new, old *snapshotv1.VolumeSnapshot, err error) { - snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(namespace) - - list, err := snapshotInterface.List(ctx, metav1.ListOptions{}) - if err != nil { - return nil, nil, err - } - - for _, snap := range list.Items { - if strings.HasPrefix(snap.Name, r.snapshotPrefix) { - old = &snap - break - } - } - if old == nil { - return nil, nil, fmt.Errorf("old snapshot not found") - } - - new = &snapshotv1.VolumeSnapshot{ - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf(r.snapshotPrefix+"-%d", time.Now().Unix()), - Namespace: old.Namespace, - }, - Spec: old.Spec, - } - - new, err = snapshotInterface.Create(ctx, new, metav1.CreateOptions{}) - if err != nil { - return nil, nil, fmt.Errorf("failed to create snapshot: %w", err) - } - return new, old, nil -} - -func (r *readreplicaUpdater) createPVC(ctx context.Context, newSnapShot string) (new, old *v1.PersistentVolumeClaim, err error) { - pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(namespace) - list, err := pvcInterface.List(ctx, metav1.ListOptions{}) - if err != nil { - return nil, nil, err - } - - for _, pvc := range list.Items { - if strings.HasPrefix(pvc.Name, r.pvcPrefix) { - old = &pvc - break - } - } - if old == nil { - return nil, nil, fmt.Errorf("old pvc not found") - } - - new = &v1.PersistentVolumeClaim{ - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf(r.pvcPrefix+"-%d", time.Now().Unix()), - Namespace: old.Namespace, - }, - Spec: v1.PersistentVolumeClaimSpec{ - AccessModes: old.Spec.AccessModes, - Resources: old.Spec.Resources, - DataSource: &v1.TypedLocalObjectReference{ - Name: newSnapShot, - Kind: old.Spec.DataSource.Kind, - APIGroup: old.Spec.DataSource.APIGroup, - }, - }, - } - - new, err = pvcInterface.Create(ctx, new, metav1.CreateOptions{}) - if err != nil { - return nil, nil, fmt.Errorf("failed to create pvc: %w", err) - } - return new, old, nil -} - -func (r *readreplicaUpdater) updateDeployment(ctx context.Context, newPVC string) error { - deploymentInterface := r.clientset.AppsV1().Deployments(namespace) - - deployment, err := deploymentInterface.Get(ctx, r.deploymentPrefix, metav1.GetOptions{}) - if err != nil { - return err - } - - if deployment.Spec.Template.ObjectMeta.Annotations == nil { - deployment.Spec.Template.ObjectMeta.Annotations = map[string]string{} - } - deployment.Spec.Template.ObjectMeta.Annotations["kubectl.kubernetes.io/restartedAt"] = time.Now().Format(time.RFC3339) - - for _, vol := range deployment.Spec.Template.Spec.Volumes { - if vol.Name == fmt.Sprintf("%s-clone", r.deploymentPrefix) { - vol.PersistentVolumeClaim.ClaimName = newPVC - } - } - - _, err = deploymentInterface.Update(ctx, deployment, metav1.UpdateOptions{}) - if err != nil { - return err - } - - return nil -} - -func (r *readreplicaUpdater) deleteSnapshot(ctx context.Context, snapshot string) error { - snapshotInterface := r.sClientset.SnapshotV1().VolumeSnapshots(namespace) - - watcher, err := snapshotInterface.Watch(ctx, metav1.ListOptions{}) - if err != nil { - return fmt.Errorf("failed to watch snapshot: %w", err) - } - defer watcher.Stop() - - eg, egctx := errgroup.New(ctx) - eg.Go(func() error { - for { - select { - case <-egctx.Done(): - return egctx.Err() - case event := <-watcher.ResultChan(): - if event.Type == watch.Deleted { - fmt.Println("old volume snapshot deleted.") - return nil - } else { - fmt.Println("event: ", event.Type) - } - } - } - }) - - err = snapshotInterface.Delete(ctx, snapshot, metav1.DeleteOptions{}) - if err != nil { - return fmt.Errorf("failed to delete snapshot: %w", err) - } - - return eg.Wait() -} - -func (r *readreplicaUpdater) deletePVC(ctx context.Context, pvc string) error { - pvcInterface := r.clientset.CoreV1().PersistentVolumeClaims(namespace) - - watcher, err := pvcInterface.Watch(ctx, metav1.ListOptions{}) - if err != nil { - return fmt.Errorf("failed to watch PVC: %w", err) - } - defer watcher.Stop() - - eg, egctx := errgroup.New(ctx) - eg.Go(func() error { - for { - select { - case <-egctx.Done(): - return egctx.Err() - case event := <-watcher.ResultChan(): - if event.Type == watch.Deleted { - fmt.Println("old PVC deleted.") - return nil - } else { - fmt.Println("event: ", event.Type) - } - } - } - }) - - err = pvcInterface.Delete(ctx, pvc, metav1.DeleteOptions{}) - if err != nil { - return fmt.Errorf("failed to delete PVC: %w", err) - } - - return eg.Wait() -} From 2a5d358a2be5ac9afc9e75a8a7086f8f11395360 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 06:01:26 +0000 Subject: [PATCH 21/51] Refactor --- pkg/index/job/readreplica/rotate/service/rotator.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index 3708d8534c..9bc1a1fe0d 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -169,7 +169,7 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *client.VolumeSn Spec: cur.Spec, } - err = r.client.Create(ctx, new, &client.CreateOptions{}) + err = r.client.Create(ctx, new) if err != nil { return nil, nil, fmt.Errorf("failed to create snapshot: %w", err) } @@ -208,7 +208,7 @@ func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old * }, } - if err := r.client.Create(ctx, new, &client.CreateOptions{}); err != nil { + if err := r.client.Create(ctx, new); err != nil { return nil, nil, fmt.Errorf("failed to create PVC(%s): %w", new.GetName(), err) } @@ -236,7 +236,7 @@ func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { } } - if err := r.client.Update(ctx, &deployment, &client.UpdateOptions{}); err != nil { + if err := r.client.Update(ctx, &deployment); err != nil { return fmt.Errorf("failed to update deployment: %w", err) } @@ -273,7 +273,7 @@ func (r *rotator) deleteSnapshot(ctx context.Context, snapshot *snapshotv1.Volum } }) - if err := r.client.Delete(ctx, snapshot, &client.DeleteOptions{}); err != nil { + if err := r.client.Delete(ctx, snapshot); err != nil { return fmt.Errorf("failed to delete snapshot: %w", err) } return eg.Wait() From 7b3f42886db6d3b51f578642241498a971277728 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 06:09:01 +0000 Subject: [PATCH 22/51] Disable exhaustruct for now --- .golangci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.golangci.yml b/.golangci.yml index 065e2b5550..338c8214dd 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -42,7 +42,6 @@ linters: - errorlint - execinquery - exhaustive - - exhaustruct - exportloopref - forcetypeassert - ginkgolinter @@ -92,6 +91,7 @@ linters: # Disabled by your configuration linters # - cyclop # - errcheck + # - exhaustruct # - forbidigo # - funlen # - gci From 55e9b6a647f4a3cc17f933130fbb05cef48ed747 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 06:09:25 +0000 Subject: [PATCH 23/51] Fix predeclared --- .../job/readreplica/rotate/service/rotator.go | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index 9bc1a1fe0d..f2920caebd 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -148,7 +148,7 @@ func (r *rotator) rotate(ctx context.Context) error { return nil } -func (r *rotator) createSnapshot(ctx context.Context) (new, old *client.VolumeSnapshot, err error) { +func (r *rotator) createSnapshot(ctx context.Context) (newSnap, oldSnap *client.VolumeSnapshot, err error) { list := snapshotv1.VolumeSnapshotList{} if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return nil, nil, fmt.Errorf("failed to get snapshot: %w", err) @@ -158,9 +158,9 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *client.VolumeSn } cur := &list.Items[0] - old = cur.DeepCopy() + oldSnap = cur.DeepCopy() newNameBase := getNewBaseName(cur.GetObjectMeta().GetName()) - new = &client.VolumeSnapshot{ + newSnap = &client.VolumeSnapshot{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), Namespace: cur.GetNamespace(), @@ -169,15 +169,15 @@ func (r *rotator) createSnapshot(ctx context.Context) (new, old *client.VolumeSn Spec: cur.Spec, } - err = r.client.Create(ctx, new) + err = r.client.Create(ctx, newSnap) if err != nil { return nil, nil, fmt.Errorf("failed to create snapshot: %w", err) } - return new, old, nil + return newSnap, oldSnap, nil } -func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old *v1.PersistentVolumeClaim, err error) { +func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (newPvc, oldPvc *v1.PersistentVolumeClaim, err error) { list := v1.PersistentVolumeClaimList{} if err := r.client.List(ctx, &list, &r.listOpts); err != nil { return nil, nil, fmt.Errorf("failed to get PVC: %w", err) @@ -187,11 +187,11 @@ func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old * } cur := &list.Items[0] - old = cur.DeepCopy() + oldPvc = cur.DeepCopy() newNameBase := getNewBaseName(cur.GetObjectMeta().GetName()) // remove timestamp from old pvc name - new = &v1.PersistentVolumeClaim{ + newPvc = &v1.PersistentVolumeClaim{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), Namespace: cur.GetNamespace(), @@ -208,11 +208,11 @@ func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (new, old * }, } - if err := r.client.Create(ctx, new); err != nil { - return nil, nil, fmt.Errorf("failed to create PVC(%s): %w", new.GetName(), err) + if err := r.client.Create(ctx, newPvc); err != nil { + return nil, nil, fmt.Errorf("failed to create PVC(%s): %w", newPvc.GetName(), err) } - return new, old, nil + return newPvc, oldPvc, nil } func (r *rotator) updateDeployment(ctx context.Context, newPVC string) error { From bebb04c2e8a9fc10d6491729dfed144b45277711 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 06:10:46 +0000 Subject: [PATCH 24/51] Fix stylecheck --- internal/config/readreplica_rotate.go | 4 ++-- pkg/index/job/readreplica/rotate/service/rotator.go | 10 +++++----- pkg/index/job/readreplica/rotate/usecase/rotate.go | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/internal/config/readreplica_rotate.go b/internal/config/readreplica_rotate.go index 6975428120..d3b4cf0614 100644 --- a/internal/config/readreplica_rotate.go +++ b/internal/config/readreplica_rotate.go @@ -16,14 +16,14 @@ package config type ReadreplicaRotate struct { AgentNamespace string `json:"agent_namespace" yaml:"agent_namespace"` ReadReplicaLabelKey string `json:"read_replica_label_key" yaml:"read_replica_label_key"` - ReadReplicaId string `json:"read_replica_id" yaml:"read_replica_id"` + ReadReplicaID string `json:"read_replica_id" yaml:"read_replica_id"` VolumeName string `json:"volume_name" yaml:"volume_name"` } func (r *ReadreplicaRotate) Bind() *ReadreplicaRotate { r.AgentNamespace = GetActualValue(r.AgentNamespace) r.ReadReplicaLabelKey = GetActualValue(r.ReadReplicaLabelKey) - r.ReadReplicaId = GetActualValue(r.ReadReplicaId) + r.ReadReplicaID = GetActualValue(r.ReadReplicaID) r.VolumeName = GetActualValue(r.VolumeName) return r diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index f2920caebd..6a750a98ea 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -44,19 +44,19 @@ type rotator struct { namespace string volumeName string readReplicaLabelKey string - readReplicaId string + readReplicaID string client client.Client listOpts client.ListOptions } // New returns Indexer object if no error occurs. -func New(replicaId string, opts ...Option) (Rotator, error) { +func New(replicaID string, opts ...Option) (Rotator, error) { r := new(rotator) - if replicaId == "" { + if replicaID == "" { return nil, fmt.Errorf("readreplica id is empty. it should be set via MY_TARGET_REPLICA_ID env var") } - r.readReplicaId = replicaId + r.readReplicaID = replicaID for _, opt := range append(defaultOpts, opts...) { if err := opt(r); err != nil { @@ -76,7 +76,7 @@ func New(replicaId string, opts ...Option) (Rotator, error) { } r.client = c - selector, err := c.LabelSelector(r.readReplicaLabelKey, client.SelectionOpEquals, []string{r.readReplicaId}) + selector, err := c.LabelSelector(r.readReplicaLabelKey, client.SelectionOpEquals, []string{r.readReplicaID}) if err != nil { return nil, err } diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index a90983c846..91486f14f0 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -46,7 +46,7 @@ func New(cfg *config.Data) (_ runner.Runner, err error) { eg := errgroup.Get() rotator, err := service.New( - cfg.ReadreplicaRotate.ReadReplicaId, + cfg.ReadreplicaRotate.ReadReplicaID, service.WithNamespace(cfg.ReadreplicaRotate.AgentNamespace), service.WithReadReplicaLabelKey(cfg.ReadreplicaRotate.ReadReplicaLabelKey), service.WithVolumeName(cfg.ReadreplicaRotate.VolumeName), From 3e6f1791a1800a4b9e9cd88bb2a19ade68ab6afa Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 06:11:39 +0000 Subject: [PATCH 25/51] nolint:gomnd --- pkg/index/job/readreplica/rotate/usecase/rotate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/index/job/readreplica/rotate/usecase/rotate.go b/pkg/index/job/readreplica/rotate/usecase/rotate.go index 91486f14f0..6cdf7f0f60 100644 --- a/pkg/index/job/readreplica/rotate/usecase/rotate.go +++ b/pkg/index/job/readreplica/rotate/usecase/rotate.go @@ -100,7 +100,7 @@ func (r *run) PreStart(ctx context.Context) error { // Start is a method used to initiate an operation in the run, and it returns a channel for receiving errors // during the operation and an error representing any initialization errors. func (r *run) Start(ctx context.Context) (<-chan error, error) { - ech := make(chan error, 4) + ech := make(chan error, 4) //nolint:gomnd var sech, oech <-chan error if r.observability != nil { oech = r.observability.Start(ctx) From f21282441b0714f0688484fa0e5a93286bca6152 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 08:12:38 +0000 Subject: [PATCH 26/51] Add test template --- internal/config/readreplica_rotate_test.go | 104 +++++++ .../readreplica/rotate/config/config_test.go | 93 +++++++ .../rotate/service/options_test.go | 261 ++++++++++++++++++ .../rotate/service/rotator_test.go | 215 +++++++++++++++ 4 files changed, 673 insertions(+) create mode 100644 internal/config/readreplica_rotate_test.go create mode 100644 pkg/index/job/readreplica/rotate/config/config_test.go create mode 100644 pkg/index/job/readreplica/rotate/service/options_test.go create mode 100644 pkg/index/job/readreplica/rotate/service/rotator_test.go diff --git a/internal/config/readreplica_rotate_test.go b/internal/config/readreplica_rotate_test.go new file mode 100644 index 0000000000..84c9e09808 --- /dev/null +++ b/internal/config/readreplica_rotate_test.go @@ -0,0 +1,104 @@ +package config + +// NOT IMPLEMENTED BELOW +// +// func TestReadreplicaRotate_Bind(t *testing.T) { +// type fields struct { +// AgentNamespace string +// ReadReplicaLabelKey string +// ReadReplicaID string +// VolumeName string +// } +// type want struct { +// want *ReadreplicaRotate +// } +// type test struct { +// name string +// fields fields +// want want +// checkFunc func(want, *ReadreplicaRotate) error +// beforeFunc func(*testing.T) +// afterFunc func(*testing.T) +// } +// defaultCheckFunc := func(w want, got *ReadreplicaRotate) error { +// if !reflect.DeepEqual(got, w.want) { +// return errors.Errorf("got: \"%#v\",\n\t\t\t\twant: \"%#v\"", got, w.want) +// } +// return nil +// } +// tests := []test{ +// // TODO test cases +// /* +// { +// name: "test_case_1", +// fields: fields { +// AgentNamespace:"", +// ReadReplicaLabelKey:"", +// ReadReplicaID:"", +// VolumeName:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T,) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T,) { +// t.Helper() +// }, +// }, +// */ +// +// // TODO test cases +// /* +// func() test { +// return test { +// name: "test_case_2", +// fields: fields { +// AgentNamespace:"", +// ReadReplicaLabelKey:"", +// ReadReplicaID:"", +// VolumeName:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T,) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T,) { +// t.Helper() +// }, +// } +// }(), +// */ +// } +// +// for _, tc := range tests { +// test := tc +// t.Run(test.name, func(tt *testing.T) { +// tt.Parallel() +// defer goleak.VerifyNone(tt, goleak.IgnoreCurrent()) +// if test.beforeFunc != nil { +// test.beforeFunc(tt) +// } +// if test.afterFunc != nil { +// defer test.afterFunc(tt) +// } +// checkFunc := test.checkFunc +// if test.checkFunc == nil { +// checkFunc = defaultCheckFunc +// } +// r := &ReadreplicaRotate{ +// AgentNamespace: test.fields.AgentNamespace, +// ReadReplicaLabelKey: test.fields.ReadReplicaLabelKey, +// ReadReplicaID: test.fields.ReadReplicaID, +// VolumeName: test.fields.VolumeName, +// } +// +// got := r.Bind() +// if err := checkFunc(test.want, got); err != nil { +// tt.Errorf("error = %v", err) +// } +// +// }) +// } +// } diff --git a/pkg/index/job/readreplica/rotate/config/config_test.go b/pkg/index/job/readreplica/rotate/config/config_test.go new file mode 100644 index 0000000000..ac346d089c --- /dev/null +++ b/pkg/index/job/readreplica/rotate/config/config_test.go @@ -0,0 +1,93 @@ +package config + +// NOT IMPLEMENTED BELOW +// +// func TestNewConfig(t *testing.T) { +// type args struct { +// path string +// } +// type want struct { +// wantCfg *Data +// err error +// } +// type test struct { +// name string +// args args +// want want +// checkFunc func(want, *Data, error) error +// beforeFunc func(*testing.T, args) +// afterFunc func(*testing.T, args) +// } +// defaultCheckFunc := func(w want, gotCfg *Data, err error) error { +// if !errors.Is(err, w.err) { +// return errors.Errorf("got_error: \"%#v\",\n\t\t\t\twant: \"%#v\"", err, w.err) +// } +// if !reflect.DeepEqual(gotCfg, w.wantCfg) { +// return errors.Errorf("got: \"%#v\",\n\t\t\t\twant: \"%#v\"", gotCfg, w.wantCfg) +// } +// return nil +// } +// tests := []test{ +// // TODO test cases +// /* +// { +// name: "test_case_1", +// args: args { +// path:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// }, +// */ +// +// // TODO test cases +// /* +// func() test { +// return test { +// name: "test_case_2", +// args: args { +// path:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// } +// }(), +// */ +// } +// +// for _, tc := range tests { +// test := tc +// t.Run(test.name, func(tt *testing.T) { +// tt.Parallel() +// defer goleak.VerifyNone(tt, goleak.IgnoreCurrent()) +// if test.beforeFunc != nil { +// test.beforeFunc(tt, test.args) +// } +// if test.afterFunc != nil { +// defer test.afterFunc(tt, test.args) +// } +// checkFunc := test.checkFunc +// if test.checkFunc == nil { +// checkFunc = defaultCheckFunc +// } +// +// gotCfg, err := NewConfig(test.args.path) +// if err := checkFunc(test.want, gotCfg, err); err != nil { +// tt.Errorf("error = %v", err) +// } +// +// }) +// } +// } diff --git a/pkg/index/job/readreplica/rotate/service/options_test.go b/pkg/index/job/readreplica/rotate/service/options_test.go new file mode 100644 index 0000000000..36777118cd --- /dev/null +++ b/pkg/index/job/readreplica/rotate/service/options_test.go @@ -0,0 +1,261 @@ +package service + +// NOT IMPLEMENTED BELOW +// +// func TestWithNamespace(t *testing.T) { +// type args struct { +// ns string +// } +// type want struct { +// want Option +// } +// type test struct { +// name string +// args args +// want want +// checkFunc func(want, Option) error +// beforeFunc func(*testing.T, args) +// afterFunc func(*testing.T, args) +// } +// defaultCheckFunc := func(w want, got Option) error { +// if !reflect.DeepEqual(got, w.want) { +// return errors.Errorf("got: \"%#v\",\n\t\t\t\twant: \"%#v\"", got, w.want) +// } +// return nil +// } +// tests := []test{ +// // TODO test cases +// /* +// { +// name: "test_case_1", +// args: args { +// ns:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// }, +// */ +// +// // TODO test cases +// /* +// func() test { +// return test { +// name: "test_case_2", +// args: args { +// ns:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// } +// }(), +// */ +// } +// +// for _, tc := range tests { +// test := tc +// t.Run(test.name, func(tt *testing.T) { +// tt.Parallel() +// defer goleak.VerifyNone(tt, goleak.IgnoreCurrent()) +// if test.beforeFunc != nil { +// test.beforeFunc(tt, test.args) +// } +// if test.afterFunc != nil { +// defer test.afterFunc(tt, test.args) +// } +// checkFunc := test.checkFunc +// if test.checkFunc == nil { +// checkFunc = defaultCheckFunc +// } +// +// got := WithNamespace(test.args.ns) +// if err := checkFunc(test.want, got); err != nil { +// tt.Errorf("error = %v", err) +// } +// +// }) +// } +// } +// +// func TestWithVolumeName(t *testing.T) { +// type args struct { +// vn string +// } +// type want struct { +// want Option +// } +// type test struct { +// name string +// args args +// want want +// checkFunc func(want, Option) error +// beforeFunc func(*testing.T, args) +// afterFunc func(*testing.T, args) +// } +// defaultCheckFunc := func(w want, got Option) error { +// if !reflect.DeepEqual(got, w.want) { +// return errors.Errorf("got: \"%#v\",\n\t\t\t\twant: \"%#v\"", got, w.want) +// } +// return nil +// } +// tests := []test{ +// // TODO test cases +// /* +// { +// name: "test_case_1", +// args: args { +// vn:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// }, +// */ +// +// // TODO test cases +// /* +// func() test { +// return test { +// name: "test_case_2", +// args: args { +// vn:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// } +// }(), +// */ +// } +// +// for _, tc := range tests { +// test := tc +// t.Run(test.name, func(tt *testing.T) { +// tt.Parallel() +// defer goleak.VerifyNone(tt, goleak.IgnoreCurrent()) +// if test.beforeFunc != nil { +// test.beforeFunc(tt, test.args) +// } +// if test.afterFunc != nil { +// defer test.afterFunc(tt, test.args) +// } +// checkFunc := test.checkFunc +// if test.checkFunc == nil { +// checkFunc = defaultCheckFunc +// } +// +// got := WithVolumeName(test.args.vn) +// if err := checkFunc(test.want, got); err != nil { +// tt.Errorf("error = %v", err) +// } +// +// }) +// } +// } +// +// func TestWithReadReplicaLabelKey(t *testing.T) { +// type args struct { +// key string +// } +// type want struct { +// want Option +// } +// type test struct { +// name string +// args args +// want want +// checkFunc func(want, Option) error +// beforeFunc func(*testing.T, args) +// afterFunc func(*testing.T, args) +// } +// defaultCheckFunc := func(w want, got Option) error { +// if !reflect.DeepEqual(got, w.want) { +// return errors.Errorf("got: \"%#v\",\n\t\t\t\twant: \"%#v\"", got, w.want) +// } +// return nil +// } +// tests := []test{ +// // TODO test cases +// /* +// { +// name: "test_case_1", +// args: args { +// key:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// }, +// */ +// +// // TODO test cases +// /* +// func() test { +// return test { +// name: "test_case_2", +// args: args { +// key:"", +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// } +// }(), +// */ +// } +// +// for _, tc := range tests { +// test := tc +// t.Run(test.name, func(tt *testing.T) { +// tt.Parallel() +// defer goleak.VerifyNone(tt, goleak.IgnoreCurrent()) +// if test.beforeFunc != nil { +// test.beforeFunc(tt, test.args) +// } +// if test.afterFunc != nil { +// defer test.afterFunc(tt, test.args) +// } +// checkFunc := test.checkFunc +// if test.checkFunc == nil { +// checkFunc = defaultCheckFunc +// } +// +// got := WithReadReplicaLabelKey(test.args.key) +// if err := checkFunc(test.want, got); err != nil { +// tt.Errorf("error = %v", err) +// } +// +// }) +// } +// } diff --git a/pkg/index/job/readreplica/rotate/service/rotator_test.go b/pkg/index/job/readreplica/rotate/service/rotator_test.go new file mode 100644 index 0000000000..88ee159e5c --- /dev/null +++ b/pkg/index/job/readreplica/rotate/service/rotator_test.go @@ -0,0 +1,215 @@ +package service + +// NOT IMPLEMENTED BELOW +// +// func TestNew(t *testing.T) { +// type args struct { +// replicaID string +// opts []Option +// } +// type want struct { +// want Rotator +// err error +// } +// type test struct { +// name string +// args args +// want want +// checkFunc func(want, Rotator, error) error +// beforeFunc func(*testing.T, args) +// afterFunc func(*testing.T, args) +// } +// defaultCheckFunc := func(w want, got Rotator, err error) error { +// if !errors.Is(err, w.err) { +// return errors.Errorf("got_error: \"%#v\",\n\t\t\t\twant: \"%#v\"", err, w.err) +// } +// if !reflect.DeepEqual(got, w.want) { +// return errors.Errorf("got: \"%#v\",\n\t\t\t\twant: \"%#v\"", got, w.want) +// } +// return nil +// } +// tests := []test{ +// // TODO test cases +// /* +// { +// name: "test_case_1", +// args: args { +// replicaID:"", +// opts:nil, +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// }, +// */ +// +// // TODO test cases +// /* +// func() test { +// return test { +// name: "test_case_2", +// args: args { +// replicaID:"", +// opts:nil, +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// } +// }(), +// */ +// } +// +// for _, tc := range tests { +// test := tc +// t.Run(test.name, func(tt *testing.T) { +// tt.Parallel() +// defer goleak.VerifyNone(tt, goleak.IgnoreCurrent()) +// if test.beforeFunc != nil { +// test.beforeFunc(tt, test.args) +// } +// if test.afterFunc != nil { +// defer test.afterFunc(tt, test.args) +// } +// checkFunc := test.checkFunc +// if test.checkFunc == nil { +// checkFunc = defaultCheckFunc +// } +// +// got, err := New(test.args.replicaID, test.args.opts...) +// if err := checkFunc(test.want, got, err); err != nil { +// tt.Errorf("error = %v", err) +// } +// +// }) +// } +// } +// +// func Test_rotator_Start(t *testing.T) { +// type args struct { +// ctx context.Context +// } +// type fields struct { +// namespace string +// volumeName string +// readReplicaLabelKey string +// readReplicaID string +// client client.Client +// listOpts client.ListOptions +// } +// type want struct { +// err error +// } +// type test struct { +// name string +// args args +// fields fields +// want want +// checkFunc func(want, error) error +// beforeFunc func(*testing.T, args) +// afterFunc func(*testing.T, args) +// } +// defaultCheckFunc := func(w want, err error) error { +// if !errors.Is(err, w.err) { +// return errors.Errorf("got_error: \"%#v\",\n\t\t\t\twant: \"%#v\"", err, w.err) +// } +// return nil +// } +// tests := []test{ +// // TODO test cases +// /* +// { +// name: "test_case_1", +// args: args { +// ctx:nil, +// }, +// fields: fields { +// namespace:"", +// volumeName:"", +// readReplicaLabelKey:"", +// readReplicaID:"", +// client:nil, +// listOpts:nil, +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// }, +// */ +// +// // TODO test cases +// /* +// func() test { +// return test { +// name: "test_case_2", +// args: args { +// ctx:nil, +// }, +// fields: fields { +// namespace:"", +// volumeName:"", +// readReplicaLabelKey:"", +// readReplicaID:"", +// client:nil, +// listOpts:nil, +// }, +// want: want{}, +// checkFunc: defaultCheckFunc, +// beforeFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// afterFunc: func(t *testing.T, args args) { +// t.Helper() +// }, +// } +// }(), +// */ +// } +// +// for _, tc := range tests { +// test := tc +// t.Run(test.name, func(tt *testing.T) { +// tt.Parallel() +// defer goleak.VerifyNone(tt, goleak.IgnoreCurrent()) +// if test.beforeFunc != nil { +// test.beforeFunc(tt, test.args) +// } +// if test.afterFunc != nil { +// defer test.afterFunc(tt, test.args) +// } +// checkFunc := test.checkFunc +// if test.checkFunc == nil { +// checkFunc = defaultCheckFunc +// } +// r := &rotator{ +// namespace: test.fields.namespace, +// volumeName: test.fields.volumeName, +// readReplicaLabelKey: test.fields.readReplicaLabelKey, +// readReplicaID: test.fields.readReplicaID, +// client: test.fields.client, +// listOpts: test.fields.listOpts, +// } +// +// err := r.Start(test.args.ctx) +// if err := checkFunc(test.want, err); err != nil { +// tt.Errorf("error = %v", err) +// } +// +// }) +// } +// } From b5897c219aeb9fca9c2a33ce724e212f023825a2 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 24 Nov 2023 08:13:07 +0000 Subject: [PATCH 27/51] Add test for getNewBaseName --- .../job/readreplica/rotate/service/rotator.go | 6 ++ .../rotate/service/rotator_test.go | 64 +++++++++++++++++++ 2 files changed, 70 insertions(+) diff --git a/pkg/index/job/readreplica/rotate/service/rotator.go b/pkg/index/job/readreplica/rotate/service/rotator.go index 6a750a98ea..07fa72d84d 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator.go +++ b/pkg/index/job/readreplica/rotate/service/rotator.go @@ -160,6 +160,9 @@ func (r *rotator) createSnapshot(ctx context.Context) (newSnap, oldSnap *client. cur := &list.Items[0] oldSnap = cur.DeepCopy() newNameBase := getNewBaseName(cur.GetObjectMeta().GetName()) + if newNameBase == "" { + return nil, nil, fmt.Errorf("the name(%s) doesn't seem to have replicaid", cur.GetObjectMeta().GetName()) + } newSnap = &client.VolumeSnapshot{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s%d", newNameBase, time.Now().Unix()), @@ -189,6 +192,9 @@ func (r *rotator) createPVC(ctx context.Context, newSnapShot string) (newPvc, ol cur := &list.Items[0] oldPvc = cur.DeepCopy() newNameBase := getNewBaseName(cur.GetObjectMeta().GetName()) + if newNameBase == "" { + return nil, nil, fmt.Errorf("the name(%s) doesn't seem to have replicaid", cur.GetObjectMeta().GetName()) + } // remove timestamp from old pvc name newPvc = &v1.PersistentVolumeClaim{ diff --git a/pkg/index/job/readreplica/rotate/service/rotator_test.go b/pkg/index/job/readreplica/rotate/service/rotator_test.go index 88ee159e5c..fa149eea6f 100644 --- a/pkg/index/job/readreplica/rotate/service/rotator_test.go +++ b/pkg/index/job/readreplica/rotate/service/rotator_test.go @@ -1,5 +1,69 @@ package service +import ( + "testing" +) + +func Test_getNewBaseName(t *testing.T) { + type args struct { + old string + } + type want struct { + want string + } + tests := []struct { + name string + args args + want want + }{ + { + name: "fist rotation just returns the name", + args: args{ + old: "vald-agent-ngt-readreplica-0", + }, + want: want{ + want: "vald-agent-ngt-readreplica-0-", + }, + }, + { + name: "succesfully remove timestamp", + args: args{ + old: "vald-agent-ngt-readreplica-0-20220101", + }, + want: want{ + want: "vald-agent-ngt-readreplica-0-", + }, + }, + { + name: "succesfully remove timestamp when the name has no dashes", + args: args{ + old: "vald-1-20220101", + }, + want: want{ + want: "vald-1-", + }, + }, + { + name: "no replica id basename returns empty string", + args: args{ + old: "vald", + }, + want: want{ + want: "", + }, + }, + } + for _, test := range tests { + tt := test + t.Run(tt.name, func(t *testing.T) { + t.Parallel() + if got := getNewBaseName(tt.args.old); got != tt.want.want { + t.Errorf("getNewBaseName() = %v, want %v", got, tt.want.want) + } + }) + } +} + // NOT IMPLEMENTED BELOW // // func TestNew(t *testing.T) { From cebb8c604fa70343522b76849daa8aa8ba61e757 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 27 Nov 2023 02:42:35 +0000 Subject: [PATCH 28/51] Add readreplica-rotate build scripts --- .../workflows/dockers-readreplica-rotate.yml | 78 ++++++++++++++++ Makefile | 1 + Makefile.d/build.mk | 29 ++++++ Makefile.d/docker.mk | 14 +++ Makefile.d/k8s.mk | 8 ++ .../job/readreplica/rotate/configmap.yaml | 52 +++++++++++ .../index/job/readreplica/rotate/cronjob.yaml | 78 ++++++++++++++++ charts/vald/values.yaml | 62 +++++++++++++ .../index/job/readreplica/rotate/Dockerfile | 93 +++++++++++++++++++ 9 files changed, 415 insertions(+) create mode 100644 .github/workflows/dockers-readreplica-rotate.yml create mode 100644 charts/vald/templates/index/job/readreplica/rotate/configmap.yaml create mode 100644 charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml create mode 100644 dockers/index/job/readreplica/rotate/Dockerfile diff --git a/.github/workflows/dockers-readreplica-rotate.yml b/.github/workflows/dockers-readreplica-rotate.yml new file mode 100644 index 0000000000..74eabf441d --- /dev/null +++ b/.github/workflows/dockers-readreplica-rotate.yml @@ -0,0 +1,78 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Build docker image: readreplica-rotate" +on: + push: + branches: + - main + tags: + - "*.*.*" + - "v*.*.*" + - "*.*.*-*" + - "v*.*.*-*" + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/dockers-readreplica-rotate.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "!internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/job/readreplica/rotate/**" + - "cmd/index/job/readreplica/rotate/**" + - "dockers/index/job/readreplica/rotate/Dockerfile" + - "versions/GO_VERSION" + pull_request: + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/_docker-image.yaml" + - ".github/workflows/dockers-readreplica-rotate.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "!internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/job/readreplica/rotate/**" + - "cmd/index/job/readreplica/rotate/**" + - "dockers/index/job/readreplica/rotate/Dockerfile" + - "versions/GO_VERSION" + pull_request_target: + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/_docker-image.yaml" + - ".github/workflows/dockers-readreplica-rotate.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "!internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/job/readreplica/rotate/**" + - "cmd/index/job/readreplica/rotate/**" + - "dockers/index/job/readreplica/rotate/Dockerfile" + - "versions/GO_VERSION" + +jobs: + build: + uses: ./.github/workflows/_docker-image.yaml + with: + target: readreplica-rotate + secrets: inherit diff --git a/Makefile b/Makefile index 4a82f747b6..de6f1b3cce 100644 --- a/Makefile +++ b/Makefile @@ -33,6 +33,7 @@ LOADTEST_IMAGE = $(NAME)-loadtest INDEX_CORRECTION_IMAGE = $(NAME)-index-correction INDEX_CREATION_IMAGE = $(NAME)-index-creation INDEX_SAVE_IMAGE = $(NAME)-index-save +READREPLICA_ROTATE_IMAGE = $(NAME)-readreplica-rotate MANAGER_INDEX_IMAGE = $(NAME)-manager-index MAINTAINER = "$(ORG).org $(NAME) team <$(NAME)@$(ORG).org>" diff --git a/Makefile.d/build.mk b/Makefile.d/build.mk index 8bc4fbb444..0911abaf4f 100644 --- a/Makefile.d/build.mk +++ b/Makefile.d/build.mk @@ -293,6 +293,35 @@ cmd/index/job/save/index-save: \ $(dir $@)main.go $@ -version +cmd/index/job/readreplica/rotate/readreplica-rotate: \ + $(GO_SOURCES_INTERNAL) \ + $(PBGOS) \ + $(shell find $(ROOTDIR)/cmd/index/job/readreplica/rotate -type f -name '*.go' -not -name '*_test.go' -not -name 'doc.go') \ + $(shell find $(ROOTDIR)/pkg/index/job/readreplica/rotate -type f -name '*.go' -not -name '*_test.go' -not -name 'doc.go') + $(eval CGO_ENABLED = 0) + CGO_ENABLED=$(CGO_ENABLED) \ + GO111MODULE=on \ + GOPRIVATE=$(GOPRIVATE) \ + go build \ + --ldflags "-w -extldflags=-static \ + -X '$(GOPKG)/internal/info.Version=$(VERSION)' \ + -X '$(GOPKG)/internal/info.GitCommit=$(GIT_COMMIT)' \ + -X '$(GOPKG)/internal/info.BuildTime=$(DATETIME)' \ + -X '$(GOPKG)/internal/info.GoVersion=$(GO_VERSION)' \ + -X '$(GOPKG)/internal/info.GoOS=$(GOOS)' \ + -X '$(GOPKG)/internal/info.GoArch=$(GOARCH)' \ + -X '$(GOPKG)/internal/info.CGOEnabled=$(CGO_ENABLED)' \ + -X '$(GOPKG)/internal/info.BuildCPUInfoFlags=$(CPU_INFO_FLAGS)' \ + -buildid=" \ + -mod=readonly \ + -modcacherw \ + -a \ + -tags "osusergo netgo static_build" \ + -trimpath \ + -o $@ \ + $(dir $@)main.go + $@ -version + .PHONY: binary/build/zip ## build all binaries and zip them binary/build/zip: \ diff --git a/Makefile.d/docker.mk b/Makefile.d/docker.mk index 7c1bb74e7c..9bf94caf52 100644 --- a/Makefile.d/docker.mk +++ b/Makefile.d/docker.mk @@ -230,3 +230,17 @@ docker/build/index-save: -t $(ORG)/$(INDEX_SAVE_IMAGE):$(TAG) . \ --build-arg MAINTAINER=$(MAINTAINER) \ --build-arg GO_VERSION=$(GO_VERSION) + +.PHONY: docker/name/readreplica-rotate +docker/name/readreplica-rotate: + @echo "$(ORG)/$(INDEX_SAVE_IMAGE)" + +.PHONY: docker/build/readreplica-rotate +## build readreplica-rotate image +docker/build/readreplica-rotate: + $(DOCKER) build \ + $(DOCKER_OPTS) \ + -f dockers/index/job/readreplica/rotate/Dockerfile \ + -t $(ORG)/$(READREPLICA_ROTATE_IMAGE):$(TAG) . \ + --build-arg MAINTAINER=$(MAINTAINER) \ + --build-arg GO_VERSION=$(GO_VERSION) diff --git a/Makefile.d/k8s.mk b/Makefile.d/k8s.mk index 6ee28a3bae..c55c533659 100644 --- a/Makefile.d/k8s.mk +++ b/Makefile.d/k8s.mk @@ -38,6 +38,7 @@ k8s/manifest/update: \ mkdir -p k8s/gateway mkdir -p k8s/manager mkdir -p k8s/index/job + mkdir -p k8s/index/job/readreplica mv $(TEMP_DIR)/vald/templates/agent k8s/agent mv $(TEMP_DIR)/vald/templates/discoverer k8s/discoverer mv $(TEMP_DIR)/vald/templates/gateway/lb k8s/gateway/lb @@ -45,6 +46,7 @@ k8s/manifest/update: \ mv $(TEMP_DIR)/vald/templates/index/job/correction k8s/index/job/correction mv $(TEMP_DIR)/vald/templates/index/job/creation k8s/index/job/creation mv $(TEMP_DIR)/vald/templates/index/job/save k8s/index/job/save + mv $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate k8s/index/job/readreplica/rotate rm -rf $(TEMP_DIR) .PHONY: k8s/manifest/helm-operator/clean @@ -87,6 +89,9 @@ k8s/vald/deploy: kubectl apply -f $(TEMP_DIR)/vald/templates/discoverer || true kubectl apply -f $(TEMP_DIR)/vald/templates/gateway/lb || true kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/correction || true + kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/creation || true + kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/save || true + kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate || true rm -rf $(TEMP_DIR) kubectl get pods -o jsonpath="{.items[*].spec.containers[*].image}" | tr " " "\n" @@ -104,6 +109,9 @@ k8s/vald/delete: --set manager.index.image.repository=$(CRORG)/$(MANAGER_INDEX_IMAGE) \ --output-dir $(TEMP_DIR) \ charts/vald + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/save + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/creation kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/correction kubectl delete -f $(TEMP_DIR)/vald/templates/gateway/lb kubectl delete -f $(TEMP_DIR)/vald/templates/manager/index diff --git a/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml b/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml new file mode 100644 index 0000000000..6402c217b0 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml @@ -0,0 +1,52 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- $gateway := .Values.gateway.lb -}} +{{- $index := .Values.manager.index -}} +{{- $agent := .Values.agent -}} +{{- $discoverer := .Values.discoverer -}} +{{- if $rotator.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $rotator.name }}-config + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: {{ $rotator.name }} +data: + config.yaml: | + --- + version: {{ $rotator.version }} + time_zone: {{ default .Values.defaults.time_zone $rotator.time_zone }} + logging: + {{- $logging := dict "Values" $rotator.logging "default" .Values.defaults.logging }} + {{- include "vald.logging" $logging | nindent 6 }} + server_config: + {{- $servers := dict "Values" $rotator.server_config "default" .Values.defaults.server_config }} + {{- include "vald.servers" $servers | nindent 6 }} + observability: + {{- $observability := dict "Values" $rotator.observability "default" .Values.defaults.observability }} + {{- include "vald.observability" $observability | nindent 6 }} + rotator: + agent_namespace: {{ $rotator.agent_namespace | quote }} + read_replica_label_key: "vald-readreplica-id" + read_replica_id: "_MY_TARGET_REPLICA_ID_" + volume_name: "vald-agent-ngt-readreplica-pvc" +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml new file mode 100644 index 0000000000..21bc441475 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml @@ -0,0 +1,78 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if $rotator.enabled }} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ $rotator.name }} + labels: + app: {{ $rotator.name }} + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} +spec: + schedule: "0 0 31 2 *" # This never happens as February never has 31 days so we can prevent this cronjob from running automatically + concurrencyPolicy: Forbid + suspend: true # This cronjob should only be run manually by index manager + startingDeadlineSeconds: 0 # To prevent being blocked in any case + jobTemplate: + spec: + ttlSecondsAfterFinished: {{ $rotator.ttlSecondsAfterFinished }} + template: + metadata: + labels: + app: {{ $rotator.name }} + app.kubernetes.io/name: {{ include "vald.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: {{ $rotator.name }} + annotations: + {{- $pprof := default .Values.defaults.server_config.metrics.pprof $rotator.server_config.metrics.pprof -}} + {{- if $pprof.enabled }} + pyroscope.io/scrape: "true" + pyroscope.io/application-name: {{ $rotator.name }} + pyroscope.io/profile-cpu-enabled: "true" + pyroscope.io/profile-mem-enabled: "true" + pyroscope.io/port: {{ $pprof.port | quote }} + {{- end }} + spec: + {{- if $rotator.initContainers }} + initContainers: + {{- $initContainers := dict "initContainers" $rotator.initContainers "Values" .Values "namespace" .Release.Namespace -}} + {{- include "vald.initContainers" $initContainers | trim | nindent 12 }} + {{- end }} + containers: + - name: {{ $rotator.name }} + image: "{{ $rotator.image.repository }}:{{ default .Values.defaults.image.tag $rotator.image.tag }}" + imagePullPolicy: {{ $rotator.image.pullPolicy }} + volumeMounts: + - name: {{ $rotator.name }}-config + mountPath: /etc/server/ + {{- $servers := dict "Values" $rotator.server_config "default" .Values.defaults.server_config -}} + {{- include "vald.containerPorts" $servers | trim | nindent 14 }} + {{- if $rotator.env }} + env: + {{- toYaml $rotator.env | nindent 16 }} + {{- end }} + restartPolicy: OnFailure + volumes: + - name: {{ $rotator.name }}-config + configMap: + defaultMode: 420 + name: {{ $rotator.name }}-config +{{- end }} diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index b843b40673..92326f9b1b 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -2946,3 +2946,65 @@ manager: net: dialer: keepalive: 15m #indexer fetches uncommitted index length, which includes huge payload so we need to set keepalive longer than usual + readreplica: + # @schema {"name": "manager.index.readreplica.rotator", "type": "object"} + rotator: + # @schema {"name": "manager.index.readreplica.rotator.name", "type": "string"} + # manager.index.readreplica.rotator.name -- name of index correction job + name: vald-readreplica-rotate + # @schema {"name": "manager.index.readreplica.rotator.image", "alias": "image"} + image: + # manager.index.readreplica.rotator.image.repository -- image repository + repository: vdaas/vald-readreplica-rotate + # manager.index.readreplica.rotator.image.tag -- image tag (overrides defaults.image.tag) + tag: "" + # manager.index.image.pullPolicy -- image pull policy + pullPolicy: Always + # @schema {"name": "manager.index.readreplica.rotator.server_config", "alias": "server_config"} + # manager.index.readreplica.rotator.server_config -- server config (overrides defaults.server_config) + server_config: + servers: + rest: {} + grpc: {} + healths: + liveness: {} + readiness: {} + startup: {} + metrics: + pprof: {} + # @schema {"name": "manager.index.readreplica.rotator.initContainers", "alias": "initContainers"} + # manager.index.readreplica.rotator.initContainers -- init containers + initContainers: [] + # @schema {"name": "manager.index.readreplica.rotator.env", "alias": "env"} + # manager.index.readreplica.rotator.env -- environment variables + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # @schema {"name": "manager.index.readreplica.rotator.observability", "alias": "observability"} + # manager.index.readreplica.rotator.observability -- observability config (overrides defaults.observability) + observability: + otlp: + attribute: + service_name: vald-readreplica-rotation + # @schema {"name": "manager.index.readreplica.rotator.ttlSecondsAfterFinished", "type": "integer"} + # manager.index.readreplica.rotator.ttlSecondsAfterFinished -- ttl setting for K8s completed jobs + ttlSecondsAfterFinished: 86400 + # @schema {"name": "manager.index.readreplica.rotator.version", "alias": "version"} + # manager.index.readreplica.rotator.version -- version of readreplica rotator config + version: v0.0.0 + # @schema {"name": "manager.index.readreplica.rotator.agent_namespace", "type": "string"} + # manager.index.readreplica.rotator.agent_namespace -- namespace of agent pods to manage + agent_namespace: _MY_POD_NAMESPACE_ + # @schema {"name": "manager.index.readreplica.rotator.read_replica_id", "type": "string"} + # manager.index.readreplica.rotator.read_replica_id -- read replica id to perform rotation + read_replica_id: _MY_TARGET_REPLICA_ID_ diff --git a/dockers/index/job/readreplica/rotate/Dockerfile b/dockers/index/job/readreplica/rotate/Dockerfile new file mode 100644 index 0000000000..20531bf974 --- /dev/null +++ b/dockers/index/job/readreplica/rotate/Dockerfile @@ -0,0 +1,93 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +ARG GO_VERSION=latest +ARG DISTROLESS_IMAGE=gcr.io/distroless/static +ARG DISTROLESS_IMAGE_TAG=nonroot +ARG MAINTAINER="vdaas.org vald team " + +FROM golang:${GO_VERSION} AS golang + +FROM ubuntu:devel AS builder + +ENV GO111MODULE on +ENV DEBIAN_FRONTEND noninteractive +ENV INITRD No +ENV LANG en_US.UTF-8 +ENV GOROOT /opt/go +ENV GOPATH /go +ENV PATH ${PATH}:${GOROOT}/bin:${GOPATH}/bin +ENV ORG vdaas +ENV REPO vald +ENV PKG index/job/readreplica/rotate +ENV APP_NAME readreplica-rotate + +# skipcq: DOK-DL3008 +RUN apt-get update && apt-get install -y --no-install-recommends \ + ca-certificates \ + build-essential \ + curl \ + upx \ + git \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +COPY --from=golang /usr/local/go $GOROOT +RUN mkdir -p "$GOPATH/src" + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/Makefile.d +COPY Makefile.d . +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO} +COPY Makefile . +COPY .git . +COPY go.mod . +COPY go.sum . + +RUN make go/download + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/internal +COPY internal . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/apis/grpc +COPY apis/grpc . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/pkg/${PKG} +COPY pkg/${PKG} . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/cmd/${PKG} +COPY cmd/${PKG} . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/versions +COPY versions . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO} +RUN make REPO=${ORG} NAME=${REPO} cmd/${PKG}/${APP_NAME} \ + && mv "cmd/${PKG}/${APP_NAME}" "/usr/bin/${APP_NAME}" + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/cmd/${PKG} +RUN cp sample.yaml /tmp/config.yaml + +FROM ${DISTROLESS_IMAGE}:${DISTROLESS_IMAGE_TAG} +LABEL maintainer="${MAINTAINER}" + +ENV APP_NAME readreplica-rotate + +COPY --from=builder /usr/bin/${APP_NAME} /go/bin/${APP_NAME} +COPY --from=builder /tmp/config.yaml /etc/server/config.yaml + +USER nonroot:nonroot + +ENTRYPOINT ["/go/bin/readreplica-rotate"] From 228a4a576beadeb1cf6b170d0a2703eea94c186b Mon Sep 17 00:00:00 2001 From: ykadowak Date: Tue, 28 Nov 2023 02:08:26 +0000 Subject: [PATCH 29/51] Add service account and clusterroles for read replica rotator --- .../job/readreplica/rotate/clusterrole.yaml | 59 +++++++++++++++++++ .../rotate/clusterrolebinding.yaml | 37 ++++++++++++ .../index/job/readreplica/rotate/cronjob.yaml | 1 + .../readreplica/rotate/serviceaccount.yaml | 29 +++++++++ charts/vald/values.yaml | 24 ++++++++ 5 files changed, 150 insertions(+) create mode 100644 charts/vald/templates/index/job/readreplica/rotate/clusterrole.yaml create mode 100644 charts/vald/templates/index/job/readreplica/rotate/clusterrolebinding.yaml create mode 100644 charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml diff --git a/charts/vald/templates/index/job/readreplica/rotate/clusterrole.yaml b/charts/vald/templates/index/job/readreplica/rotate/clusterrole.yaml new file mode 100644 index 0000000000..921d78f061 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/clusterrole.yaml @@ -0,0 +1,59 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if and $rotator.enabled $rotator.clusterRole.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ $rotator.clusterRole.name }} + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: rotator +rules: + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - "apps" + resources: + - deployments + verbs: + - get + - list + - watch + - update +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/clusterrolebinding.yaml b/charts/vald/templates/index/job/readreplica/rotate/clusterrolebinding.yaml new file mode 100644 index 0000000000..e69382eae5 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/clusterrolebinding.yaml @@ -0,0 +1,37 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if and $rotator.enabled $rotator.clusterRoleBinding.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ $rotator.clusterRoleBinding.name }} + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: rotator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ $rotator.clusterRole.name }} +subjects: + - kind: ServiceAccount + name: {{ $rotator.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml index 21bc441475..3e93b52257 100644 --- a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml +++ b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml @@ -75,4 +75,5 @@ spec: configMap: defaultMode: 420 name: {{ $rotator.name }}-config + serviceAccountName: {{ $rotator.serviceAccount.name }} {{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml b/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml new file mode 100644 index 0000000000..5afae0eeab --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml @@ -0,0 +1,29 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if and $rotator.enabled $rotator.serviceAccount.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ $rotator.serviceAccount.name }} + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: rotator +{{- end }} diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index 92326f9b1b..7597aff990 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -3008,3 +3008,27 @@ manager: # @schema {"name": "manager.index.readreplica.rotator.read_replica_id", "type": "string"} # manager.index.readreplica.rotator.read_replica_id -- read replica id to perform rotation read_replica_id: _MY_TARGET_REPLICA_ID_ + # @schema {"name": "manager.index.readreplica.rotator.serviceAccount", "type": "object"} + serviceAccount: + # @schema {"name": "manager.index.readreplica.rotator.serviceAccount.enabled", "type": "boolean"} + # manager.index.readreplica.rotator.serviceAccount.enabled -- creates service account + enabled: true + # @schema {"name": "manager.index.readreplica.rotator.serviceAccount.name", "type": "string"} + # manager.index.readreplica.rotator.serviceAccount.name -- name of service account + name: vald-readreplica-rotate + # @schema {"name": "manager.index.readreplica.rotator.clusterRole", "type": "object"} + clusterRole: + # @schema {"name": "manager.index.readreplica.rotator.clusterRole.enabled", "type": "boolean"} + # manager.index.readreplica.rotator.clusterRole.enabled -- creates clusterRole resource + enabled: true + # @schema {"name": "manager.index.readreplica.rotator.clusterRole.name", "type": "string"} + # manager.index.readreplica.rotator.clusterRole.name -- name of clusterRole + name: vald-readreplica-rotate + # @schema {"name": "manager.index.readreplica.rotator.clusterRoleBinding", "type": "object"} + clusterRoleBinding: + # @schema {"name": "manager.index.readreplica.rotator.clusterRoleBinding.enabled", "type": "boolean"} + # manager.index.readreplica.rotator.clusterRoleBinding.enabled -- creates clusterRoleBinding resource + enabled: true + # @schema {"name": "manager.index.readreplica.rotator.clusterRoleBinding.name", "type": "string"} + # manager.index.readreplica.rotator.clusterRoleBinding.name -- name of clusterRoleBinding + name: vald-readreplica-rotate From 21e93a2a69c8a485e0c077aa92c30953d421160a Mon Sep 17 00:00:00 2001 From: ykadowak Date: Tue, 28 Nov 2023 02:20:18 +0000 Subject: [PATCH 30/51] Update charts --- .../vald-helm-operator/crds/valdrelease.yaml | 622 ++++++++++ charts/vald/values.schema.json | 1101 +++++++++++++++++ 2 files changed, 1723 insertions(+) diff --git a/charts/vald-helm-operator/crds/valdrelease.yaml b/charts/vald-helm-operator/crds/valdrelease.yaml index 430ae2fcd7..f045c50278 100644 --- a/charts/vald-helm-operator/crds/valdrelease.yaml +++ b/charts/vald-helm-operator/crds/valdrelease.yaml @@ -8533,6 +8533,628 @@ spec: x-kubernetes-preserve-unknown-fields: true progressDeadlineSeconds: type: integer + readreplica: + type: object + properties: + agent_namespace: + type: string + clusterRole: + type: object + properties: + enabled: + type: boolean + name: + type: string + clusterRoleBinding: + type: object + properties: + enabled: + type: boolean + name: + type: string + env: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + image: + type: object + properties: + pullPolicy: + type: string + enum: + - Always + - Never + - IfNotPresent + repository: + type: string + tag: + type: string + initContainers: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + name: + type: string + observability: + type: object + properties: + enabled: + type: boolean + metrics: + type: object + properties: + enable_cgo: + type: boolean + enable_goroutine: + type: boolean + enable_memory: + type: boolean + enable_version_info: + type: boolean + version_info_labels: + type: array + items: + type: string + enum: + - vald_version + - server_name + - git_commit + - build_time + - go_version + - go_os + - go_arch + - cgo_enabled + - ngt_version + - build_cpu_info_flags + otlp: + type: object + properties: + attribute: + type: object + properties: + namespace: + type: string + node_name: + type: string + pod_name: + type: string + service_name: + type: string + collector_endpoint: + type: string + metrics_export_interval: + type: string + metrics_export_timeout: + type: string + trace_batch_timeout: + type: string + trace_export_timeout: + type: string + trace_max_export_batch_size: + type: integer + trace_max_queue_size: + type: integer + trace: + type: object + properties: + enabled: + type: boolean + read_replica_id: + type: string + server_config: + type: object + properties: + full_shutdown_duration: + type: string + healths: + type: object + properties: + liveness: + type: object + properties: + enabled: + type: boolean + host: + type: string + livenessProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + readiness: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + readinessProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + startup: + type: object + properties: + enabled: + type: boolean + port: + type: integer + maximum: 65535 + minimum: 0 + startupProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + metrics: + type: object + properties: + pprof: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + servers: + type: object + properties: + grpc: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + grpc: + type: object + properties: + bidirectional_stream_concurrency: + type: integer + connection_timeout: + type: string + enable_reflection: + type: boolean + header_table_size: + type: integer + initial_conn_window_size: + type: integer + initial_window_size: + type: integer + interceptors: + type: array + items: + type: string + enum: + - RecoverInterceptor + - AccessLogInterceptor + - TraceInterceptor + - MetricInterceptor + keepalive: + type: object + properties: + max_conn_age: + type: string + max_conn_age_grace: + type: string + max_conn_idle: + type: string + min_time: + type: string + permit_without_stream: + type: boolean + time: + type: string + timeout: + type: string + max_header_list_size: + type: integer + max_receive_message_size: + type: integer + max_send_message_size: + type: integer + read_buffer_size: + type: integer + write_buffer_size: + type: integer + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + restart: + type: boolean + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + rest: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + tls: + type: object + properties: + ca: + type: string + cert: + type: string + enabled: + type: boolean + insecure_skip_verify: + type: boolean + key: + type: string + serviceAccount: + type: object + properties: + enabled: + type: boolean + name: + type: string + ttlSecondsAfterFinished: + type: integer + version: + type: string + pattern: ^v[0-9]+\.[0-9]+\.[0-9]$ replicas: type: integer minimum: 0 diff --git a/charts/vald/values.schema.json b/charts/vald/values.schema.json index ea4a748e18..227759c3e1 100644 --- a/charts/vald/values.schema.json +++ b/charts/vald/values.schema.json @@ -14397,6 +14397,1107 @@ "type": "integer", "description": "progress deadline seconds" }, + "readreplica": { + "type": "object", + "properties": { + "agent_namespace": { + "type": "string", + "description": "namespace of agent pods to manage" + }, + "clusterRole": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "creates clusterRole resource" + }, + "name": { + "type": "string", + "description": "name of clusterRole" + } + } + }, + "clusterRoleBinding": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "creates clusterRoleBinding resource" + }, + "name": { + "type": "string", + "description": "name of clusterRoleBinding" + } + } + }, + "env": { + "type": "array", + "description": "environment variables", + "items": { "type": "object" } + }, + "image": { + "type": "object", + "properties": { + "pullPolicy": { + "type": "string", + "description": "image pull policy", + "enum": ["Always", "Never", "IfNotPresent"] + }, + "repository": { + "type": "string", + "description": "image repository" + }, + "tag": { + "type": "string", + "description": "image tag (overrides defaults.image.tag)" + } + } + }, + "initContainers": { + "type": "array", + "description": "init containers", + "items": { "type": "object" } + }, + "name": { + "type": "string", + "description": "name of index correction job" + }, + "observability": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "observability features enabled" + }, + "metrics": { + "type": "object", + "properties": { + "enable_cgo": { + "type": "boolean", + "description": "CGO metrics enabled" + }, + "enable_goroutine": { + "type": "boolean", + "description": "goroutine metrics enabled" + }, + "enable_memory": { + "type": "boolean", + "description": "memory metrics enabled" + }, + "enable_version_info": { + "type": "boolean", + "description": "version info metrics enabled" + }, + "version_info_labels": { + "type": "array", + "description": "enabled label names of version info", + "items": { + "type": "string", + "enum": [ + "vald_version", + "server_name", + "git_commit", + "build_time", + "go_version", + "go_os", + "go_arch", + "cgo_enabled", + "ngt_version", + "build_cpu_info_flags" + ] + } + } + } + }, + "otlp": { + "type": "object", + "properties": { + "attribute": { + "type": "object", + "description": "default resource attribute", + "properties": { + "namespace": { + "type": "string", + "description": "namespace" + }, + "node_name": { + "type": "string", + "description": "node name" + }, + "pod_name": { + "type": "string", + "description": "pod name" + }, + "service_name": { + "type": "string", + "description": "service name" + } + } + }, + "collector_endpoint": { + "type": "string", + "description": "OpenTelemetry Collector endpoint" + }, + "metrics_export_interval": { + "type": "string", + "description": "metrics export interval" + }, + "metrics_export_timeout": { + "type": "string", + "description": "metrics export timeout" + }, + "trace_batch_timeout": { + "type": "string", + "description": "trace batch timeout" + }, + "trace_export_timeout": { + "type": "string", + "description": "trace export timeout" + }, + "trace_max_export_batch_size": { + "type": "integer", + "description": "trace maximum export batch size" + }, + "trace_max_queue_size": { + "type": "integer", + "description": "trace maximum queue size" + } + } + }, + "trace": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "trace enabled" + } + } + } + } + }, + "read_replica_id": { + "type": "string", + "description": "read replica id to perform rotation" + }, + "server_config": { + "type": "object", + "properties": { + "full_shutdown_duration": { + "type": "string", + "description": "server full shutdown duration" + }, + "healths": { + "type": "object", + "properties": { + "liveness": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "liveness server enabled" + }, + "host": { + "type": "string", + "description": "liveness server host" + }, + "livenessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "liveness probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "liveness probe path" + }, + "port": { + "type": "string", + "description": "liveness probe port" + }, + "scheme": { + "type": "string", + "description": "liveness probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "liveness probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "liveness probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "liveness probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "liveness probe timeout seconds" + } + } + }, + "port": { + "type": "integer", + "description": "liveness server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "liveness server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "readiness": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "readiness server enabled" + }, + "host": { + "type": "string", + "description": "readiness server host" + }, + "port": { + "type": "integer", + "description": "readiness server port", + "maximum": 65535, + "minimum": 0 + }, + "readinessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "readiness probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "readiness probe path" + }, + "port": { + "type": "string", + "description": "readiness probe port" + }, + "scheme": { + "type": "string", + "description": "readiness probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "readiness probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "readiness probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "readiness probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "readiness probe timeout seconds" + } + } + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "readiness server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "startup": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "startup server enabled" + }, + "port": { + "type": "integer", + "description": "startup server port", + "maximum": 65535, + "minimum": 0 + }, + "startupProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "startup probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "startup probe path" + }, + "port": { + "type": "string", + "description": "startup probe port" + }, + "scheme": { + "type": "string", + "description": "startup probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "startup probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "startup probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "startup probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "startup probe timeout seconds" + } + } + } + } + } + } + }, + "metrics": { + "type": "object", + "properties": { + "pprof": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "pprof server enabled" + }, + "host": { + "type": "string", + "description": "pprof server host" + }, + "port": { + "type": "integer", + "description": "pprof server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "pprof server service port", + "maximum": 65535, + "minimum": 0 + } + } + } + } + }, + "servers": { + "type": "object", + "properties": { + "grpc": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "gRPC server enabled" + }, + "host": { + "type": "string", + "description": "gRPC server host" + }, + "port": { + "type": "integer", + "description": "gRPC server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "grpc": { + "type": "object", + "properties": { + "bidirectional_stream_concurrency": { + "type": "integer", + "description": "gRPC server bidirectional stream concurrency" + }, + "connection_timeout": { + "type": "string", + "description": "gRPC server connection timeout" + }, + "enable_reflection": { + "type": "boolean", + "description": "gRPC server reflection option" + }, + "header_table_size": { + "type": "integer", + "description": "gRPC server header table size" + }, + "initial_conn_window_size": { + "type": "integer", + "description": "gRPC server initial connection window size" + }, + "initial_window_size": { + "type": "integer", + "description": "gRPC server initial window size" + }, + "interceptors": { + "type": "array", + "description": "gRPC server interceptors", + "items": { + "type": "string", + "enum": [ + "RecoverInterceptor", + "AccessLogInterceptor", + "TraceInterceptor", + "MetricInterceptor" + ] + } + }, + "keepalive": { + "type": "object", + "properties": { + "max_conn_age": { + "type": "string", + "description": "gRPC server keep alive max connection age" + }, + "max_conn_age_grace": { + "type": "string", + "description": "gRPC server keep alive max connection age grace" + }, + "max_conn_idle": { + "type": "string", + "description": "gRPC server keep alive max connection idle" + }, + "min_time": { + "type": "string", + "description": "gRPC server keep alive min_time" + }, + "permit_without_stream": { + "type": "boolean", + "description": "gRPC server keep alive permit_without_stream" + }, + "time": { + "type": "string", + "description": "gRPC server keep alive time" + }, + "timeout": { + "type": "string", + "description": "gRPC server keep alive timeout" + } + } + }, + "max_header_list_size": { + "type": "integer", + "description": "gRPC server max header list size" + }, + "max_receive_message_size": { + "type": "integer", + "description": "gRPC server max receive message size" + }, + "max_send_message_size": { + "type": "integer", + "description": "gRPC server max send message size" + }, + "read_buffer_size": { + "type": "integer", + "description": "gRPC server read buffer size" + }, + "write_buffer_size": { + "type": "integer", + "description": "gRPC server write buffer size" + } + } + }, + "mode": { + "type": "string", + "description": "gRPC server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "gRPC server probe wait time" + }, + "restart": { + "type": "boolean", + "description": "gRPC server restart" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "gRPC server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "rest": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "REST server enabled" + }, + "host": { + "type": "string", + "description": "REST server host" + }, + "port": { + "type": "integer", + "description": "REST server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "REST server service port", + "maximum": 65535, + "minimum": 0 + } + } + } + } + }, + "tls": { + "type": "object", + "properties": { + "ca": { + "type": "string", + "description": "TLS ca path" + }, + "cert": { + "type": "string", + "description": "TLS cert path" + }, + "enabled": { + "type": "boolean", + "description": "TLS enabled" + }, + "insecure_skip_verify": { + "type": "boolean", + "description": "enable/disable skip SSL certificate verification" + }, + "key": { + "type": "string", + "description": "TLS key path" + } + } + } + } + }, + "serviceAccount": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "creates service account" + }, + "name": { + "type": "string", + "description": "name of service account" + } + } + }, + "ttlSecondsAfterFinished": { + "type": "integer", + "description": "ttl setting for K8s completed jobs" + }, + "version": { + "type": "string", + "description": "version of gateway config", + "pattern": "^v[0-9]+\\.[0-9]+\\.[0-9]$" + } + } + }, "replicas": { "type": "integer", "description": "number of replicas", From d967ef62f03f4af3171278258d77f6cd7cdd90dc Mon Sep 17 00:00:00 2001 From: ykadowak Date: Tue, 28 Nov 2023 02:49:51 +0000 Subject: [PATCH 31/51] Update comment --- charts/vald/README.md | 1516 ++++++++++++++++++++------------------- charts/vald/values.yaml | 4 +- 2 files changed, 792 insertions(+), 728 deletions(-) diff --git a/charts/vald/README.md b/charts/vald/README.md index 9cadef374f..9c945f3be7 100644 --- a/charts/vald/README.md +++ b/charts/vald/README.md @@ -44,730 +44,792 @@ Run the following command to install the chart, ### Parameters -| Key | Type | Default | Description | -| ----------------------------------------------------------------------------------------------------- | ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| agent.annotations | object | `{}` | deployment annotations | -| agent.enabled | bool | `true` | agent enabled | -| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.hpa.enabled | bool | `false` | HPA enabled | -| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| agent.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | -| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.initContainers | list | `[]` | init containers | -| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | -| agent.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | -| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | -| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | -| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | -| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | -| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | -| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | -| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | -| agent.ngt.creation_edge_size | int | `20` | creation edge size | -| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | -| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | -| agent.ngt.default_radius | float | `-1` | default radius used for search | -| agent.ngt.dimension | int | `4096` | vector dimension | -| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | -| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | -| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | -| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | -| agent.ngt.index_path | string | `""` | path to index data | -| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | -| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | -| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | -| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | -| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | -| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | -| agent.ngt.search_edge_size | int | `10` | search edge size | -| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | -| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | -| agent.nodeName | string | `""` | node name | -| agent.nodeSelector | object | `{}` | node selector | -| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | -| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | -| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | -| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | -| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | -| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | -| agent.podAnnotations | object | `{}` | pod annotations | -| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | -| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | -| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | -| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | -| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | -| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| agent.service.annotations | object | `{}` | service annotations | -| agent.service.labels | object | `{}` | service labels | -| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | -| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | -| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | -| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | -| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | -| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | -| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | -| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | -| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | -| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | -| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | -| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | -| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | -| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | -| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | -| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | -| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | -| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | -| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | -| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | -| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | -| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | -| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | -| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | -| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | -| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | -| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | -| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | -| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | -| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | -| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | -| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | -| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | -| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | -| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | -| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | -| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | -| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | -| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | -| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | -| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | -| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | -| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | -| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | -| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | -| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | -| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | -| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | -| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | -| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | -| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | -| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | -| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | -| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | -| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | -| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | -| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | -| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | -| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | -| agent.sidecar.enabled | bool | `false` | sidecar enabled | -| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | -| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | -| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | -| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | -| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | -| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | -| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | -| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | -| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | -| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | -| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.time_zone | string | `""` | Time zone | -| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | -| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | -| agent.time_zone | string | `""` | Time zone | -| agent.tolerations | list | `[]` | tolerations | -| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | -| agent.version | string | `"v0.0.0"` | version of agent config | -| agent.volumeMounts | list | `[]` | volume mounts | -| agent.volumes | list | `[]` | volumes | -| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | -| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | -| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | -| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | -| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | -| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | -| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | -| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | -| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | -| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | -| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | -| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | -| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | -| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | -| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | -| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | -| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | -| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | -| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | -| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | -| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | -| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | -| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | -| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | -| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | -| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | -| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | -| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | -| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | -| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | -| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | -| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | -| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | -| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | -| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | -| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | -| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | -| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | -| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | -| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | -| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | -| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | -| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | -| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.image.tag | string | `"v1.7.8"` | docker image tag | -| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | -| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | -| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | -| defaults.networkPolicy.custom | object | `{"egress":{},"ingress":{}}` | custom network policies that a user can add | -| defaults.networkPolicy.custom.egress | object | `{}` | custom egress network policies that a user can add | -| defaults.networkPolicy.custom.ingress | object | `{}` | custom ingress network policies that a user can add | -| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | -| defaults.observability.enabled | bool | `false` | observability features enabled | -| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | -| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | -| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | -| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | -| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | -| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | -| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | -| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | -| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | -| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | -| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | -| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | -| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | -| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | -| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | -| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | -| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | -| defaults.observability.trace.enabled | bool | `false` | trace enabled | -| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | -| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | -| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | -| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | -| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | -| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | -| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | -| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | -| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | -| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | -| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | -| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | -| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | -| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | -| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | -| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | -| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | -| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | -| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | -| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | -| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | -| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | -| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | -| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | -| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | -| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | -| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | -| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | -| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | -| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | -| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | -| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | -| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | -| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | -| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | -| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | -| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | -| defaults.server_config.healths.startup.port | int | `3000` | startup server port | -| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | -| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | -| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | -| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | -| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | -| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | -| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | -| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | -| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | -| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | -| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | -| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | -| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | -| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | -| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | -| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | -| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | -| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | -| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | -| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | -| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | -| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | -| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | -| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | -| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | -| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | -| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | -| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | -| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | -| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | -| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | -| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | -| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | -| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | -| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | -| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | -| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | -| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | -| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | -| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | -| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | -| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | -| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | -| defaults.server_config.servers.rest.port | int | `8080` | REST server port | -| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | -| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | -| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | -| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | -| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | -| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | -| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | -| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | -| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | -| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | -| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.time_zone | string | `"UTC"` | Time zone | -| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| discoverer.annotations | object | `{}` | deployment annotations | -| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | -| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | -| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | -| discoverer.discoverer.name | string | `""` | name to discovery | -| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | -| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | -| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | -| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | -| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | -| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | -| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | -| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | -| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | -| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | -| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | -| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | -| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | -| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | -| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | -| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | -| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | -| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | -| discoverer.enabled | bool | `true` | discoverer enabled | -| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| discoverer.hpa.enabled | bool | `false` | HPA enabled | -| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | -| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | -| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| discoverer.initContainers | list | `[]` | init containers | -| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | -| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | -| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | -| discoverer.nodeName | string | `""` | node name | -| discoverer.nodeSelector | object | `{}` | node selector | -| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | -| discoverer.podAnnotations | object | `{}` | pod annotations | -| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | -| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | -| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | -| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| discoverer.service.annotations | object | `{}` | service annotations | -| discoverer.service.labels | object | `{}` | service labels | -| discoverer.serviceAccount.enabled | bool | `true` | creates service account | -| discoverer.serviceAccount.name | string | `"vald"` | name of service account | -| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| discoverer.time_zone | string | `""` | Time zone | -| discoverer.tolerations | list | `[]` | tolerations | -| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | -| discoverer.version | string | `"v0.0.0"` | version of discoverer config | -| discoverer.volumeMounts | list | `[]` | volume mounts | -| discoverer.volumes | list | `[]` | volumes | -| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.filter.annotations | object | `{}` | deployment annotations | -| gateway.filter.enabled | bool | `false` | gateway enabled | -| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | -| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | -| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | -| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | -| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | -| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | -| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | -| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | -| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | -| gateway.filter.nodeName | string | `""` | node name | -| gateway.filter.nodeSelector | object | `{}` | node selector | -| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.filter.podAnnotations | object | `{}` | pod annotations | -| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.filter.service.annotations | object | `{}` | service annotations | -| gateway.filter.service.labels | object | `{}` | service labels | -| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.filter.time_zone | string | `""` | Time zone | -| gateway.filter.tolerations | list | `[]` | tolerations | -| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | -| gateway.filter.volumeMounts | list | `[]` | volume mounts | -| gateway.filter.volumes | list | `[]` | volumes | -| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.lb.annotations | object | `{}` | deployment annotations | -| gateway.lb.enabled | bool | `true` | gateway enabled | -| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | -| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | -| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | -| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | -| gateway.lb.gateway_config.node_name | string | `""` | node name | -| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | -| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | -| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | -| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | -| gateway.lb.nodeName | string | `""` | node name | -| gateway.lb.nodeSelector | object | `{}` | node selector | -| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.lb.podAnnotations | object | `{}` | pod annotations | -| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.lb.service.annotations | object | `{}` | service annotations | -| gateway.lb.service.labels | object | `{}` | service labels | -| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.lb.time_zone | string | `""` | Time zone | -| gateway.lb.tolerations | list | `[]` | tolerations | -| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | -| gateway.lb.volumeMounts | list | `[]` | volume mounts | -| gateway.lb.volumes | list | `[]` | volumes | -| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | -| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| manager.index.annotations | object | `{}` | deployment annotations | -| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.corrector.bbolt_async_write_concurrency | int | `2048` | concurrency for bbolt async write | -| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | -| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.corrector.image.pullPolicy | string | `"Always"` | | -| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | -| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | -| manager.index.corrector.node_name | string | `""` | node name | -| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | -| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | -| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | -| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | -| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.enabled | bool | `true` | index manager enabled | -| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | -| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | -| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | -| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | -| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | -| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | -| manager.index.indexer.concurrency | int | `1` | concurrency | -| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.indexer.node_name | string | `""` | node name | -| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | -| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | -| manager.index.nodeName | string | `""` | node name | -| manager.index.nodeSelector | object | `{}` | node selector | -| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | -| manager.index.podAnnotations | object | `{}` | pod annotations | -| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | -| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | -| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| manager.index.replicas | int | `1` | number of replicas | -| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | -| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.service.annotations | object | `{}` | service annotations | -| manager.index.service.labels | object | `{}` | service labels | -| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| manager.index.time_zone | string | `""` | Time zone | -| manager.index.tolerations | list | `[]` | tolerations | -| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | -| manager.index.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.volumeMounts | list | `[]` | volume mounts | -| manager.index.volumes | list | `[]` | volumes | +| Key | Type | Default | Description | +| ----------------------------------------------------------------------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| agent.annotations | object | `{}` | deployment annotations | +| agent.enabled | bool | `true` | agent enabled | +| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.hpa.enabled | bool | `false` | HPA enabled | +| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| agent.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | +| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.initContainers | list | `[]` | init containers | +| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | +| agent.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | +| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | +| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | +| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | +| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | +| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | +| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | +| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | +| agent.ngt.creation_edge_size | int | `20` | creation edge size | +| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | +| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | +| agent.ngt.default_radius | float | `-1` | default radius used for search | +| agent.ngt.dimension | int | `4096` | vector dimension | +| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | +| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | +| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | +| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | +| agent.ngt.index_path | string | `""` | path to index data | +| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | +| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | +| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | +| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | +| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | +| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | +| agent.ngt.search_edge_size | int | `10` | search edge size | +| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | +| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | +| agent.nodeName | string | `""` | node name | +| agent.nodeSelector | object | `{}` | node selector | +| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | +| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | +| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | +| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | +| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | +| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | +| agent.podAnnotations | object | `{}` | pod annotations | +| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | +| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | +| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | +| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | +| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | +| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| agent.service.annotations | object | `{}` | service annotations | +| agent.service.labels | object | `{}` | service labels | +| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | +| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | +| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | +| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | +| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | +| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | +| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | +| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | +| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | +| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | +| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | +| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | +| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | +| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | +| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | +| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | +| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | +| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | +| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | +| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | +| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | +| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | +| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | +| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | +| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | +| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | +| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | +| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | +| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | +| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | +| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | +| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | +| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | +| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | +| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | +| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | +| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | +| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | +| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | +| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | +| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | +| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | +| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | +| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | +| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | +| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | +| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | +| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | +| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | +| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | +| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | +| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | +| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | +| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | +| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | +| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | +| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | +| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | +| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | +| agent.sidecar.enabled | bool | `false` | sidecar enabled | +| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | +| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | +| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | +| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | +| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | +| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | +| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | +| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | +| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | +| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | +| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.time_zone | string | `""` | Time zone | +| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | +| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | +| agent.time_zone | string | `""` | Time zone | +| agent.tolerations | list | `[]` | tolerations | +| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | +| agent.version | string | `"v0.0.0"` | version of agent config | +| agent.volumeMounts | list | `[]` | volume mounts | +| agent.volumes | list | `[]` | volumes | +| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | +| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | +| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | +| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | +| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | +| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | +| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | +| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | +| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | +| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | +| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | +| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | +| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | +| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | +| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | +| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | +| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | +| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | +| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | +| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | +| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | +| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | +| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | +| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | +| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | +| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | +| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | +| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | +| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | +| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | +| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | +| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | +| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | +| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | +| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | +| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | +| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | +| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | +| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | +| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | +| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | +| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | +| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | +| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.image.tag | string | `"v1.7.8"` | docker image tag | +| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | +| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | +| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | +| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | +| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | +| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | +| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | +| defaults.observability.enabled | bool | `false` | observability features enabled | +| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | +| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | +| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | +| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | +| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | +| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | +| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | +| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | +| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | +| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | +| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | +| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | +| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | +| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | +| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | +| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | +| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | +| defaults.observability.trace.enabled | bool | `false` | trace enabled | +| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | +| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | +| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | +| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | +| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | +| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | +| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | +| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | +| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | +| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | +| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | +| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | +| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | +| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | +| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | +| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | +| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | +| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | +| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | +| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | +| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | +| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | +| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | +| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | +| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | +| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | +| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | +| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | +| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | +| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | +| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | +| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | +| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | +| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | +| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | +| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | +| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | +| defaults.server_config.healths.startup.port | int | `3000` | startup server port | +| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | +| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | +| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | +| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | +| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | +| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | +| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | +| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | +| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | +| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | +| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | +| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | +| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | +| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | +| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | +| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | +| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | +| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | +| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | +| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | +| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | +| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | +| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | +| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | +| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | +| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | +| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | +| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | +| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | +| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | +| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | +| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | +| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | +| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | +| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | +| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | +| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | +| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | +| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | +| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | +| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | +| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | +| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | +| defaults.server_config.servers.rest.port | int | `8080` | REST server port | +| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | +| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | +| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | +| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | +| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | +| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | +| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | +| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | +| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | +| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | +| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.time_zone | string | `"UTC"` | Time zone | +| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| discoverer.annotations | object | `{}` | deployment annotations | +| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | +| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | +| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | +| discoverer.discoverer.name | string | `""` | name to discovery | +| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | +| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | +| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | +| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | +| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | +| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | +| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | +| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | +| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | +| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | +| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | +| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | +| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | +| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | +| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | +| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | +| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | +| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | +| discoverer.enabled | bool | `true` | discoverer enabled | +| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| discoverer.hpa.enabled | bool | `false` | HPA enabled | +| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | +| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | +| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| discoverer.initContainers | list | `[]` | init containers | +| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | +| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | +| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | +| discoverer.nodeName | string | `""` | node name | +| discoverer.nodeSelector | object | `{}` | node selector | +| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | +| discoverer.podAnnotations | object | `{}` | pod annotations | +| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | +| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | +| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | +| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| discoverer.service.annotations | object | `{}` | service annotations | +| discoverer.service.labels | object | `{}` | service labels | +| discoverer.serviceAccount.enabled | bool | `true` | creates service account | +| discoverer.serviceAccount.name | string | `"vald"` | name of service account | +| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| discoverer.time_zone | string | `""` | Time zone | +| discoverer.tolerations | list | `[]` | tolerations | +| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | +| discoverer.version | string | `"v0.0.0"` | version of discoverer config | +| discoverer.volumeMounts | list | `[]` | volume mounts | +| discoverer.volumes | list | `[]` | volumes | +| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.filter.annotations | object | `{}` | deployment annotations | +| gateway.filter.enabled | bool | `false` | gateway enabled | +| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | +| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | +| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | +| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | +| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | +| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | +| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | +| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | +| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | +| gateway.filter.nodeName | string | `""` | node name | +| gateway.filter.nodeSelector | object | `{}` | node selector | +| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.filter.podAnnotations | object | `{}` | pod annotations | +| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.filter.service.annotations | object | `{}` | service annotations | +| gateway.filter.service.labels | object | `{}` | service labels | +| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.filter.time_zone | string | `""` | Time zone | +| gateway.filter.tolerations | list | `[]` | tolerations | +| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | +| gateway.filter.volumeMounts | list | `[]` | volume mounts | +| gateway.filter.volumes | list | `[]` | volumes | +| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.lb.annotations | object | `{}` | deployment annotations | +| gateway.lb.enabled | bool | `true` | gateway enabled | +| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | +| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | +| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | +| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | +| gateway.lb.gateway_config.node_name | string | `""` | node name | +| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | +| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | +| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | +| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | +| gateway.lb.nodeName | string | `""` | node name | +| gateway.lb.nodeSelector | object | `{}` | node selector | +| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.lb.podAnnotations | object | `{}` | pod annotations | +| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.lb.service.annotations | object | `{}` | service annotations | +| gateway.lb.service.labels | object | `{}` | service labels | +| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.lb.time_zone | string | `""` | Time zone | +| gateway.lb.tolerations | list | `[]` | tolerations | +| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | +| gateway.lb.volumeMounts | list | `[]` | volume mounts | +| gateway.lb.volumes | list | `[]` | volumes | +| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | +| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| manager.index.annotations | object | `{}` | deployment annotations | +| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | +| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.corrector.image.pullPolicy | string | `"Always"` | | +| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | +| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | +| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | +| manager.index.corrector.node_name | string | `""` | node name | +| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | +| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | +| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | +| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | +| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.creator.concurrency | int | `1` | concurrency for indexing | +| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | +| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.creator.image.pullPolicy | string | `"Always"` | | +| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | +| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | +| manager.index.creator.node_name | string | `""` | node name | +| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | +| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | +| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | +| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.enabled | bool | `true` | index manager enabled | +| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | +| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | +| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | +| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | +| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | +| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | +| manager.index.indexer.concurrency | int | `1` | concurrency | +| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.indexer.node_name | string | `""` | node name | +| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | +| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | +| manager.index.nodeName | string | `""` | node name | +| manager.index.nodeSelector | object | `{}` | node selector | +| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | +| manager.index.podAnnotations | object | `{}` | pod annotations | +| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | +| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | +| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| manager.index.readreplica.rotator | object | `{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}},"read_replica_id":"_MY_TARGET_REPLICA_ID_","server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}` | [This feature is work in progress] readreplica agents rotation job | +| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | +| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | +| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | +| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | +| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | +| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}}` | observability config (overrides defaults.observability) | +| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | +| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | +| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | +| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | +| manager.index.replicas | int | `1` | number of replicas | +| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | +| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.saver.concurrency | int | `1` | concurrency for index saving | +| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.saver.enabled | bool | `false` | enable index save CronJob | +| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.saver.image.pullPolicy | string | `"Always"` | | +| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | +| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | +| manager.index.saver.node_name | string | `""` | node name | +| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | +| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | +| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | +| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.service.annotations | object | `{}` | service annotations | +| manager.index.service.labels | object | `{}` | service labels | +| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| manager.index.time_zone | string | `""` | Time zone | +| manager.index.tolerations | list | `[]` | tolerations | +| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | +| manager.index.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.volumeMounts | list | `[]` | volume mounts | +| manager.index.volumes | list | `[]` | volumes | diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index 7597aff990..c325ec1520 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -2946,11 +2946,13 @@ manager: net: dialer: keepalive: 15m #indexer fetches uncommitted index length, which includes huge payload so we need to set keepalive longer than usual + # @schema {"name": "manager.index.readreplica.rotator", "type": "object"} + # manager.index.readreplica.rotator -- [This feature is work in progress] readreplica agents rotation job readreplica: # @schema {"name": "manager.index.readreplica.rotator", "type": "object"} rotator: # @schema {"name": "manager.index.readreplica.rotator.name", "type": "string"} - # manager.index.readreplica.rotator.name -- name of index correction job + # manager.index.readreplica.rotator.name -- name of readreplica rotator job name: vald-readreplica-rotate # @schema {"name": "manager.index.readreplica.rotator.image", "alias": "image"} image: From b1c8eeee3a688e78331c20006788f59a011eb407 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Tue, 28 Nov 2023 06:02:36 +0000 Subject: [PATCH 32/51] Add readreplica deployment templates --- Makefile.d/k8s.mk | 2 + .../agent/readreplica/deployment.yaml | 193 ++++++++++++++++++ .../vald/templates/agent/readreplica/pvc.yaml | 36 ++++ .../templates/agent/readreplica/snapshot.yaml | 30 +++ charts/vald/values.yaml | 9 +- 5 files changed, 269 insertions(+), 1 deletion(-) create mode 100644 charts/vald/templates/agent/readreplica/deployment.yaml create mode 100644 charts/vald/templates/agent/readreplica/pvc.yaml create mode 100644 charts/vald/templates/agent/readreplica/snapshot.yaml diff --git a/Makefile.d/k8s.mk b/Makefile.d/k8s.mk index c55c533659..3f8e67def2 100644 --- a/Makefile.d/k8s.mk +++ b/Makefile.d/k8s.mk @@ -86,6 +86,7 @@ k8s/vald/deploy: @echo "Permitting error because there's some cases nothing to apply" kubectl apply -f $(TEMP_DIR)/vald/templates/manager/index || true kubectl apply -f $(TEMP_DIR)/vald/templates/agent || true + kubectl apply -f $(TEMP_DIR)/vald/templates/agent/readreplica || true kubectl apply -f $(TEMP_DIR)/vald/templates/discoverer || true kubectl apply -f $(TEMP_DIR)/vald/templates/gateway/lb || true kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/correction || true @@ -116,6 +117,7 @@ k8s/vald/delete: kubectl delete -f $(TEMP_DIR)/vald/templates/gateway/lb kubectl delete -f $(TEMP_DIR)/vald/templates/manager/index kubectl delete -f $(TEMP_DIR)/vald/templates/discoverer + kubectl delete -f $(TEMP_DIR)/vald/templates/agent/readreplica || true kubectl delete -f $(TEMP_DIR)/vald/templates/agent rm -rf $(TEMP_DIR) diff --git a/charts/vald/templates/agent/readreplica/deployment.yaml b/charts/vald/templates/agent/readreplica/deployment.yaml new file mode 100644 index 0000000000..48bad23ffe --- /dev/null +++ b/charts/vald/templates/agent/readreplica/deployment.yaml @@ -0,0 +1,193 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $agent := .Values.agent -}} +{{- $readreplica := .Values.agent.readreplica -}} +# if agent.enabled is true and agent.kind is StatefulSet and readreplica.enabled is true +# then create StatefulSet for agent and readreplica +{{- if and $agent.enabled (eq .Values.agent.kind "StatefulSet") $readreplica.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $readreplica.name }}-0 # FIXME: replace this id with loop var + labels: + app: {{ $readreplica.name }}-0 # FIXME: replace this id with loop var + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: agent + {{ $readreplica.label_key }}: "0" # FIXME: replace this id with loop var + {{- if $agent.annotations }} + annotations: + {{- toYaml $agent.annotations | nindent 4 }} + {{- end }} +spec: + {{- if not $agent.hpa.enabled }} + replicas: {{ $readreplica.replica }} + {{- end }} + revisionHistoryLimit: {{ $agent.revisionHistoryLimit }} + selector: + matchLabels: + app: {{ $agent.name }} + template: + metadata: + creationTimestamp: null + labels: + app: {{ $agent.name }} + app.kubernetes.io/name: {{ include "vald.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: agent + {{- $pprof := default .Values.defaults.server_config.metrics.pprof $agent.server_config.metrics.pprof }} + {{- if or $agent.podAnnotations $agent.sidecar.enabled $pprof.enabled }} + annotations: + {{- if $agent.podAnnotations }} + {{- toYaml $agent.podAnnotations | nindent 8 }} + {{- end }} + {{- if $pprof.enabled }} + pyroscope.io/scrape: "true" + pyroscope.io/application-name: {{ $agent.name }} + pyroscope.io/profile-cpu-enabled: "true" + pyroscope.io/profile-mem-enabled: "true" + pyroscope.io/port: "{{ $pprof.port }}" + {{- end }} + {{- if $agent.sidecar.enabled }} + checksum/configmap: {{ include (print $.Template.BasePath "/agent/configmap.yaml") . | sha256sum }} + checksum/sidecar-configmap: {{ include (print $.Template.BasePath "/agent/sidecar-configmap.yaml") . | sha256sum }} + {{- end }} + {{- end }} + spec: + {{- if or $agent.initContainers $agent.sidecar.initContainerEnabled }} + initContainers: + {{- if $agent.initContainers }} + {{- $initContainers := dict "initContainers" $agent.initContainers "Values" .Values "namespace" .Release.Namespace -}} + {{- include "vald.initContainers" $initContainers | trim | nindent 8 }} + {{- end }} + {{- if $agent.sidecar.initContainerEnabled }} + - name: {{ $agent.sidecar.name }}-init + image: "{{ $agent.sidecar.image.repository }}:{{ default .Values.defaults.image.tag $agent.sidecar.image.tag }}" + imagePullPolicy: {{ $agent.sidecar.image.pullPolicy }} + {{- $servers := dict "Values" $agent.sidecar.server_config "default" .Values.defaults.server_config -}} + {{- include "vald.containerPorts" $servers | trim | nindent 10 }} + resources: + {{- toYaml $agent.sidecar.resources | nindent 12 }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + {{- if $agent.securityContext }} + securityContext: + {{- toYaml $agent.securityContext | nindent 12 }} + {{- end }} + env: + - name: VALD_AGENT_SIDECAR_MODE + value: "initcontainer" + {{- if $agent.sidecar.env }} + {{- toYaml $agent.sidecar.env | nindent 12 }} + {{- end }} + volumeMounts: + - name: {{ $agent.sidecar.name }}-config + mountPath: /etc/server/ + {{- if not $agent.ngt.enable_in_memory_mode }} + {{- if $agent.ngt.index_path }} + {{- if $agent.persistentVolume.enabled }} + - name: {{ $agent.name }}-pvc + mountPath: {{ dir $agent.ngt.index_path }} + mountPropagation: {{ $agent.persistentVolume.mountPropagation }} + {{- else }} + - name: {{ $agent.name }}-local + mountPath: {{ dir $agent.ngt.index_path }} + {{- end }} + {{- end }} + {{- end }} + {{- if $agent.volumeMounts }} + {{- toYaml $agent.volumeMounts | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} + affinity: + {{- include "vald.affinity" $agent.affinity | nindent 8 }} + {{- if $agent.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml $agent.topologySpreadConstraints | nindent 8 }} + {{- end }} + containers: + - name: {{ $agent.name }} + image: "{{ $agent.image.repository }}:{{ default .Values.defaults.image.tag $agent.image.tag }}" + imagePullPolicy: {{ $agent.image.pullPolicy }} + {{- $servers := dict "Values" $agent.server_config "default" .Values.defaults.server_config -}} + {{- include "vald.containerPorts" $servers | trim | nindent 10 }} + resources: + {{- toYaml $agent.resources | nindent 12 }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + {{- if $agent.securityContext }} + securityContext: + {{- toYaml $agent.securityContext | nindent 12 }} + {{- end }} + {{- if $agent.env }} + env: + {{- toYaml $agent.env | nindent 12 }} + {{- end }} + volumeMounts: + - name: {{ $agent.name }}-config + mountPath: /etc/server/ + {{- if not $agent.ngt.enable_in_memory_mode }} + {{- if $agent.ngt.index_path }} + {{- if $agent.persistentVolume.enabled }} + - name: {{ $readreplica.volume_name }} + mountPath: {{ dir $agent.ngt.index_path }} + mountPropagation: {{ $agent.persistentVolume.mountPropagation }} + {{- else }} + - name: {{ $agent.name }}-local + mountPath: {{ dir $agent.ngt.index_path }} + {{- end }} + {{- end }} + {{- end }} + {{- if $agent.volumeMounts }} + {{- toYaml $agent.volumeMounts | nindent 12 }} + {{- end }} + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + {{- if $agent.podSecurityContext }} + securityContext: + {{- toYaml $agent.podSecurityContext | nindent 8 }} + {{- end }} + terminationGracePeriodSeconds: {{ $agent.terminationGracePeriodSeconds }} + volumes: + - name: {{ $agent.name }}-config + configMap: + defaultMode: 420 + name: {{ $agent.name }}-config + - name: {{ $readreplica.volume_name }} + persistentVolumeClaim: + claimName: {{ $readreplica.name }}-pvc-0 # FIXME: replace this id with loop var + {{- if $agent.nodeName }} + nodeName: {{ $agent.nodeName }} + {{- end }} + {{- if $agent.nodeSelector }} + nodeSelector: + {{- toYaml $agent.nodeSelector | nindent 8 }} + {{- end }} + {{- if $agent.tolerations }} + tolerations: + {{- toYaml $agent.tolerations | nindent 8 }} + {{- end }} + {{- if $agent.podPriority }} + {{- if $agent.podPriority.enabled }} + priorityClassName: {{ .Release.Namespace }}-{{ $agent.name }}-priority + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/vald/templates/agent/readreplica/pvc.yaml b/charts/vald/templates/agent/readreplica/pvc.yaml new file mode 100644 index 0000000000..1fb0c8d78f --- /dev/null +++ b/charts/vald/templates/agent/readreplica/pvc.yaml @@ -0,0 +1,36 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +{{- $agent := .Values.agent -}} +{{- $readreplica := .Values.agent.readreplica -}} +{{- if $readreplica.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ $readreplica.name }}-pvc-0 + labels: + {{ $readreplica.label_key }}: "0" # FIXME: replace this with loop var +spec: + accessModes: + - ReadOnlyMany + resources: + requests: + storage: 1Gi + dataSource: + name: {{ $readreplica.name }}-snapshot-0 + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io +{{- end }} diff --git a/charts/vald/templates/agent/readreplica/snapshot.yaml b/charts/vald/templates/agent/readreplica/snapshot.yaml new file mode 100644 index 0000000000..74d1331de3 --- /dev/null +++ b/charts/vald/templates/agent/readreplica/snapshot.yaml @@ -0,0 +1,30 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $agent := .Values.agent -}} +{{- $readreplica := .Values.agent.readreplica -}} +{{- if $readreplica.enabled }} +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + labels: + {{ $readreplica.label_key }}: "0" # FIXME: replace this with loop var + name: {{ $readreplica.name }}-snapshot-0 # FIXME: +spec: + volumeSnapshotClassName: csi-hostpath-snapclass + source: + # Specify the PVCs for which you want to take snapshots + persistentVolumeClaimName: {{ $agent.name }}-pvc-{{ $agent.name }}-0 +{{- end }} diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index c325ec1520..355d4fd507 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -1633,6 +1633,13 @@ agent: requests: cpu: 300m memory: 4Gi + readreplica: + enabled: true + name: vald-agent-ngt-readreplica + label_key: vald-readreplica-id + volume_name: vald-agent-ngt-readreplica-pvc + snapshot_classname: "" + replica: 2 # @schema {"name": "agent.ngt", "type": "object"} ngt: # @schema {"name": "agent.ngt.index_path", "type": "string"} @@ -2997,7 +3004,7 @@ manager: observability: otlp: attribute: - service_name: vald-readreplica-rotation + service_name: vald-readreplica-rotate # @schema {"name": "manager.index.readreplica.rotator.ttlSecondsAfterFinished", "type": "integer"} # manager.index.readreplica.rotator.ttlSecondsAfterFinished -- ttl setting for K8s completed jobs ttlSecondsAfterFinished: 86400 From 03a1272f57ea4060cb3a0fb69951b8dd3407ff3a Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 1 Dec 2023 02:52:09 +0000 Subject: [PATCH 33/51] Add readreplica deployment template --- .../agent/readreplica/deployment.yaml | 46 +++++++++++-------- .../vald/templates/agent/readreplica/pvc.yaml | 9 ++-- .../templates/agent/readreplica/snapshot.yaml | 9 ++-- .../index/job/readreplica/rotate/cronjob.yaml | 5 +- 4 files changed, 42 insertions(+), 27 deletions(-) diff --git a/charts/vald/templates/agent/readreplica/deployment.yaml b/charts/vald/templates/agent/readreplica/deployment.yaml index 48bad23ffe..4d7e22088b 100644 --- a/charts/vald/templates/agent/readreplica/deployment.yaml +++ b/charts/vald/templates/agent/readreplica/deployment.yaml @@ -15,22 +15,29 @@ # {{- $agent := .Values.agent -}} {{- $readreplica := .Values.agent.readreplica -}} +{{- $defaults := .Values.defaults -}} +{{- $release := .Release -}} +{{- $chart := .Chart -}} +{{- $valdname := include "vald.name" . -}} +{{- $valdchart := include "vald.chart" . -}} # if agent.enabled is true and agent.kind is StatefulSet and readreplica.enabled is true # then create StatefulSet for agent and readreplica {{- if and $agent.enabled (eq .Values.agent.kind "StatefulSet") $readreplica.enabled }} +{{ range $id := until (int $agent.minReplicas) }} +--- apiVersion: apps/v1 kind: Deployment metadata: - name: {{ $readreplica.name }}-0 # FIXME: replace this id with loop var + name: {{ $readreplica.name }}-{{ $id }} labels: - app: {{ $readreplica.name }}-0 # FIXME: replace this id with loop var - app.kubernetes.io/name: {{ include "vald.name" . }} - helm.sh/chart: {{ include "vald.chart" . }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.Version }} + app: {{ $readreplica.name }}-{{ $id }} + app.kubernetes.io/name: {{ $valdname }} + helm.sh/chart: {{ $valdchart }} + app.kubernetes.io/managed-by: {{ $release.Service }} + app.kubernetes.io/instance: {{ $release.Name }} + app.kubernetes.io/version: {{ $chart.Version }} app.kubernetes.io/component: agent - {{ $readreplica.label_key }}: "0" # FIXME: replace this id with loop var + {{ $readreplica.label_key }}: "{{ $id }}" {{- if $agent.annotations }} annotations: {{- toYaml $agent.annotations | nindent 4 }} @@ -42,16 +49,16 @@ spec: revisionHistoryLimit: {{ $agent.revisionHistoryLimit }} selector: matchLabels: - app: {{ $agent.name }} + app: {{ $readreplica.name }}-{{ $id }} template: metadata: creationTimestamp: null labels: - app: {{ $agent.name }} - app.kubernetes.io/name: {{ include "vald.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} + app: {{ $readreplica.name }}-{{ $id }} + app.kubernetes.io/name: {{ $valdname }} + app.kubernetes.io/instance: {{ $release.Name }} app.kubernetes.io/component: agent - {{- $pprof := default .Values.defaults.server_config.metrics.pprof $agent.server_config.metrics.pprof }} + {{- $pprof := default $defaults.server_config.metrics.pprof $agent.server_config.metrics.pprof }} {{- if or $agent.podAnnotations $agent.sidecar.enabled $pprof.enabled }} annotations: {{- if $agent.podAnnotations }} @@ -78,9 +85,9 @@ spec: {{- end }} {{- if $agent.sidecar.initContainerEnabled }} - name: {{ $agent.sidecar.name }}-init - image: "{{ $agent.sidecar.image.repository }}:{{ default .Values.defaults.image.tag $agent.sidecar.image.tag }}" + image: "{{ $agent.sidecar.image.repository }}:{{ default $defaults.image.tag $agent.sidecar.image.tag }}" imagePullPolicy: {{ $agent.sidecar.image.pullPolicy }} - {{- $servers := dict "Values" $agent.sidecar.server_config "default" .Values.defaults.server_config -}} + {{- $servers := dict "Values" $agent.sidecar.server_config "default" $defaults.server_config -}} {{- include "vald.containerPorts" $servers | trim | nindent 10 }} resources: {{- toYaml $agent.sidecar.resources | nindent 12 }} @@ -124,9 +131,9 @@ spec: {{- end }} containers: - name: {{ $agent.name }} - image: "{{ $agent.image.repository }}:{{ default .Values.defaults.image.tag $agent.image.tag }}" + image: "{{ $agent.image.repository }}:{{ default $defaults.image.tag $agent.image.tag }}" imagePullPolicy: {{ $agent.image.pullPolicy }} - {{- $servers := dict "Values" $agent.server_config "default" .Values.defaults.server_config -}} + {{- $servers := dict "Values" $agent.server_config "default" $defaults.server_config -}} {{- include "vald.containerPorts" $servers | trim | nindent 10 }} resources: {{- toYaml $agent.resources | nindent 12 }} @@ -173,7 +180,7 @@ spec: name: {{ $agent.name }}-config - name: {{ $readreplica.volume_name }} persistentVolumeClaim: - claimName: {{ $readreplica.name }}-pvc-0 # FIXME: replace this id with loop var + claimName: {{ $readreplica.name }}-pvc-{{ $id }} {{- if $agent.nodeName }} nodeName: {{ $agent.nodeName }} {{- end }} @@ -187,7 +194,8 @@ spec: {{- end }} {{- if $agent.podPriority }} {{- if $agent.podPriority.enabled }} - priorityClassName: {{ .Release.Namespace }}-{{ $agent.name }}-priority + priorityClassName: {{ $release.Namespace }}-{{ $agent.name }}-priority {{- end }} {{- end }} {{- end }} +{{- end }} diff --git a/charts/vald/templates/agent/readreplica/pvc.yaml b/charts/vald/templates/agent/readreplica/pvc.yaml index 1fb0c8d78f..c578e005d6 100644 --- a/charts/vald/templates/agent/readreplica/pvc.yaml +++ b/charts/vald/templates/agent/readreplica/pvc.yaml @@ -17,12 +17,14 @@ {{- $agent := .Values.agent -}} {{- $readreplica := .Values.agent.readreplica -}} {{- if $readreplica.enabled }} +{{ range $id := until (int $agent.minReplicas) }} +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ $readreplica.name }}-pvc-0 + name: {{ $readreplica.name }}-pvc-{{ $id }} labels: - {{ $readreplica.label_key }}: "0" # FIXME: replace this with loop var + {{ $readreplica.label_key }}: "{{ $id }}" spec: accessModes: - ReadOnlyMany @@ -30,7 +32,8 @@ spec: requests: storage: 1Gi dataSource: - name: {{ $readreplica.name }}-snapshot-0 + name: {{ $readreplica.name }}-snapshot-{{ $id }} kind: VolumeSnapshot apiGroup: snapshot.storage.k8s.io {{- end }} +{{- end }} diff --git a/charts/vald/templates/agent/readreplica/snapshot.yaml b/charts/vald/templates/agent/readreplica/snapshot.yaml index 74d1331de3..6e3b8f1007 100644 --- a/charts/vald/templates/agent/readreplica/snapshot.yaml +++ b/charts/vald/templates/agent/readreplica/snapshot.yaml @@ -16,15 +16,18 @@ {{- $agent := .Values.agent -}} {{- $readreplica := .Values.agent.readreplica -}} {{- if $readreplica.enabled }} +{{ range $id := until (int $agent.minReplicas) }} +--- apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshot metadata: labels: - {{ $readreplica.label_key }}: "0" # FIXME: replace this with loop var - name: {{ $readreplica.name }}-snapshot-0 # FIXME: + {{ $readreplica.label_key }}: "{{ $id }}" + name: {{ $readreplica.name }}-snapshot-{{ $id }} spec: volumeSnapshotClassName: csi-hostpath-snapclass source: # Specify the PVCs for which you want to take snapshots - persistentVolumeClaimName: {{ $agent.name }}-pvc-{{ $agent.name }}-0 + persistentVolumeClaimName: {{ $agent.name }}-pvc-{{ $agent.name }}-{{ $id }} +{{- end }} {{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml index 3e93b52257..ba4bc204ef 100644 --- a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml +++ b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml @@ -13,8 +13,9 @@ # See the License for the specific language governing permissions and # limitations under the License. # -{{- $rotator := .Values.manager.index.readreplica.rotator -}} -{{- if $rotator.enabled }} +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- $agent := .Values.agent }} +{{- if $agent.readreplica.enabled }} apiVersion: batch/v1 kind: CronJob metadata: From c433bd2f2d14b124584601b2c69dd1ef7276a81d Mon Sep 17 00:00:00 2001 From: ykadowak Date: Fri, 1 Dec 2023 06:49:54 +0000 Subject: [PATCH 34/51] Add svc for readreplica --- .../agent/readreplica/deployment.yaml | 2 +- .../vald/templates/agent/readreplica/svc.yaml | 61 +++++++++++++++++++ charts/vald/values.yaml | 4 ++ 3 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 charts/vald/templates/agent/readreplica/svc.yaml diff --git a/charts/vald/templates/agent/readreplica/deployment.yaml b/charts/vald/templates/agent/readreplica/deployment.yaml index 4d7e22088b..605d067838 100644 --- a/charts/vald/templates/agent/readreplica/deployment.yaml +++ b/charts/vald/templates/agent/readreplica/deployment.yaml @@ -36,7 +36,7 @@ metadata: app.kubernetes.io/managed-by: {{ $release.Service }} app.kubernetes.io/instance: {{ $release.Name }} app.kubernetes.io/version: {{ $chart.Version }} - app.kubernetes.io/component: agent + app.kubernetes.io/component: agent-replica {{ $readreplica.label_key }}: "{{ $id }}" {{- if $agent.annotations }} annotations: diff --git a/charts/vald/templates/agent/readreplica/svc.yaml b/charts/vald/templates/agent/readreplica/svc.yaml new file mode 100644 index 0000000000..f37d942fcf --- /dev/null +++ b/charts/vald/templates/agent/readreplica/svc.yaml @@ -0,0 +1,61 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $agent := .Values.agent -}} +{{- $readreplica := .Values.agent.readreplica -}} +{{- $defaults := .Values.defaults -}} +{{- $release := .Release -}} +{{- $chart := .Chart -}} +{{- $valdname := include "vald.name" . -}} +{{- $valdchart := include "vald.chart" . -}} +{{- if $agent.enabled }} +{{- if $readreplica.enabled }} +{{ range $id := until (int $agent.minReplicas) }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $readreplica.name }}-{{ $id }} + {{- if $readreplica.service.annotations }} + annotations: + {{- toYaml $readreplica.service.annotations | nindent 4 }} + {{- end }} + labels: + app.kubernetes.io/name: {{ $valdname }} + helm.sh/chart: {{ $valdchart }} + app.kubernetes.io/managed-by: {{ $release.Service }} + app.kubernetes.io/instance: {{ $release.Name }} + app.kubernetes.io/version: {{ $chart.Version }} + app.kubernetes.io/component: agent + {{ $readreplica.label_key }}: "{{ $id }}" + {{- if $agent.service.labels }} + {{- toYaml $agent.service.labels | nindent 4 }} + {{- end }} +spec: + {{- $servers := dict "Values" $agent.server_config "default" $defaults.server_config }} + {{- include "vald.servicePorts" $servers | nindent 2 }} + selector: + app: {{ $readreplica.name }}-{{ $id }} + app.kubernetes.io/name: {{ $valdname }} + {{- if eq $agent.serviceType "ClusterIP" }} + clusterIP: None + {{- end }} + type: {{ $agent.serviceType }} + {{- if $agent.externalTrafficPolicy }} + externalTrafficPolicy: {{ $agent.externalTrafficPolicy }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index 355d4fd507..ba7466241b 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -1640,6 +1640,10 @@ agent: volume_name: vald-agent-ngt-readreplica-pvc snapshot_classname: "" replica: 2 + service: + # @schema {"name": "agent.readreplica.service.annotations", "type": "object"} + # agent.readreplica.service.annotations -- readreplica deployment annotations + annotations: {} # @schema {"name": "agent.ngt", "type": "object"} ngt: # @schema {"name": "agent.ngt.index_path", "type": "string"} From fbe2e8344f5e6d0b3ebd41809e5bf281bd9a641c Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 4 Dec 2023 03:51:18 +0000 Subject: [PATCH 35/51] Update valdrelease --- charts/vald-helm-operator/crds/valdrelease.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/charts/vald-helm-operator/crds/valdrelease.yaml b/charts/vald-helm-operator/crds/valdrelease.yaml index f045c50278..cba6a7dac9 100644 --- a/charts/vald-helm-operator/crds/valdrelease.yaml +++ b/charts/vald-helm-operator/crds/valdrelease.yaml @@ -382,6 +382,9 @@ spec: x-kubernetes-preserve-unknown-fields: true progressDeadlineSeconds: type: integer + readreplica: + type: object + x-kubernetes-preserve-unknown-fields: true resources: type: object properties: @@ -8536,6 +8539,9 @@ spec: readreplica: type: object properties: + "": + type: object + x-kubernetes-preserve-unknown-fields: true agent_namespace: type: string clusterRole: From 4b6dcb6c3c262f18c8cfb2109cbfb0c6555780a4 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 4 Dec 2023 04:35:36 +0000 Subject: [PATCH 36/51] Add podAntiAffinity for readreplica --- .../agent/readreplica/deployment.yaml | 12 ++++++++++- .../readreplica/rotate/serviceaccount.yaml | 3 ++- charts/vald/values.yaml | 20 +++++++++++++++++++ 3 files changed, 33 insertions(+), 2 deletions(-) diff --git a/charts/vald/templates/agent/readreplica/deployment.yaml b/charts/vald/templates/agent/readreplica/deployment.yaml index 605d067838..fc9c043b7f 100644 --- a/charts/vald/templates/agent/readreplica/deployment.yaml +++ b/charts/vald/templates/agent/readreplica/deployment.yaml @@ -124,7 +124,17 @@ spec: {{- end }} {{- end }} affinity: - {{- include "vald.affinity" $agent.affinity | nindent 8 }} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ $readreplica.name }}-{{ $id }} + topologyKey: kubernetes.io/hostname + weight: 100 {{- if $agent.topologySpreadConstraints }} topologySpreadConstraints: {{- toYaml $agent.topologySpreadConstraints | nindent 8 }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml b/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml index 5afae0eeab..1ad619294d 100644 --- a/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml +++ b/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml @@ -13,8 +13,9 @@ # See the License for the specific language governing permissions and # limitations under the License. # +{{- $agent := .Values.agent -}} {{- $rotator := .Values.manager.index.readreplica.rotator -}} -{{- if and $rotator.enabled $rotator.serviceAccount.enabled }} +{{- if and $agent.readreplica.enabled $rotator.serviceAccount.enabled }} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index ba7466241b..1dac6b69de 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -2988,6 +2988,26 @@ manager: # @schema {"name": "manager.index.readreplica.rotator.initContainers", "alias": "initContainers"} # manager.index.readreplica.rotator.initContainers -- init containers initContainers: [] + # @schema {"name": "manager.index.readreplica.rotator.podSecurityContext", "type": "object"} + # manager.index.readreplica.rotator.podSecurityContext -- security context for pod + podSecurityContext: + runAsUser: 65532 + runAsNonRoot: true + runAsGroup: 65532 + fsGroup: 65532 + fsGroupChangePolicy: "OnRootMismatch" + # @schema {"name": "manager.index.readreplica.rotator.securityContext", "type": "object"} + # manager.index.readreplica.rotator.securityContext -- security context for container + securityContext: + runAsUser: 65532 + runAsNonRoot: true + runAsGroup: 65532 + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL # @schema {"name": "manager.index.readreplica.rotator.env", "alias": "env"} # manager.index.readreplica.rotator.env -- environment variables env: From 192f417d22bd5a5ce02e24de11bfa36b6145af07 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 4 Dec 2023 04:41:38 +0000 Subject: [PATCH 37/51] Add security context for readreplica --- .../index/job/readreplica/rotate/cronjob.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml index ba4bc204ef..5b412097b5 100644 --- a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml +++ b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml @@ -56,6 +56,10 @@ spec: initContainers: {{- $initContainers := dict "initContainers" $rotator.initContainers "Values" .Values "namespace" .Release.Namespace -}} {{- include "vald.initContainers" $initContainers | trim | nindent 12 }} + {{- if $rotator.securityContext }} + securityContext: + {{- toYaml $rotator.securityContext | nindent 16 }} + {{- end }} {{- end }} containers: - name: {{ $rotator.name }} @@ -66,10 +70,18 @@ spec: mountPath: /etc/server/ {{- $servers := dict "Values" $rotator.server_config "default" .Values.defaults.server_config -}} {{- include "vald.containerPorts" $servers | trim | nindent 14 }} + {{- if $rotator.securityContext }} + securityContext: + {{- toYaml $rotator.securityContext | nindent 16 }} + {{- end }} {{- if $rotator.env }} env: {{- toYaml $rotator.env | nindent 16 }} {{- end }} + {{- if $rotator.podSecurityContext }} + securityContext: + {{- toYaml $rotator.podSecurityContext | nindent 12 }} + {{- end }} restartPolicy: OnFailure volumes: - name: {{ $rotator.name }}-config From 374bf5ce68c46390dde0c6e82f06921d7856bd85 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 4 Dec 2023 04:44:32 +0000 Subject: [PATCH 38/51] Update valdrelease --- .../vald-helm-operator/crds/valdrelease.yaml | 1086 +++++++++-------- charts/vald/values.yaml | 4 +- 2 files changed, 548 insertions(+), 542 deletions(-) diff --git a/charts/vald-helm-operator/crds/valdrelease.yaml b/charts/vald-helm-operator/crds/valdrelease.yaml index cba6a7dac9..3eaf4ba0c7 100644 --- a/charts/vald-helm-operator/crds/valdrelease.yaml +++ b/charts/vald-helm-operator/crds/valdrelease.yaml @@ -8539,628 +8539,634 @@ spec: readreplica: type: object properties: - "": - type: object - x-kubernetes-preserve-unknown-fields: true - agent_namespace: - type: string - clusterRole: - type: object - properties: - enabled: - type: boolean - name: - type: string - clusterRoleBinding: - type: object - properties: - enabled: - type: boolean - name: - type: string - env: - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - image: + rotator: type: object properties: - pullPolicy: - type: string - enum: - - Always - - Never - - IfNotPresent - repository: - type: string - tag: + agent_namespace: type: string - initContainers: - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - name: - type: string - observability: - type: object - properties: - enabled: - type: boolean - metrics: + clusterRole: type: object properties: - enable_cgo: - type: boolean - enable_goroutine: - type: boolean - enable_memory: - type: boolean - enable_version_info: + enabled: type: boolean - version_info_labels: - type: array - items: - type: string - enum: - - vald_version - - server_name - - git_commit - - build_time - - go_version - - go_os - - go_arch - - cgo_enabled - - ngt_version - - build_cpu_info_flags - otlp: + name: + type: string + clusterRoleBinding: type: object properties: - attribute: - type: object - properties: - namespace: - type: string - node_name: - type: string - pod_name: - type: string - service_name: - type: string - collector_endpoint: - type: string - metrics_export_interval: + enabled: + type: boolean + name: type: string - metrics_export_timeout: + env: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + image: + type: object + properties: + pullPolicy: type: string - trace_batch_timeout: + enum: + - Always + - Never + - IfNotPresent + repository: type: string - trace_export_timeout: + tag: type: string - trace_max_export_batch_size: - type: integer - trace_max_queue_size: - type: integer - trace: + initContainers: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + name: + type: string + observability: type: object properties: enabled: type: boolean - read_replica_id: - type: string - server_config: - type: object - properties: - full_shutdown_duration: - type: string - healths: - type: object - properties: - liveness: + metrics: type: object properties: - enabled: + enable_cgo: type: boolean - host: - type: string - livenessProbe: - type: object - properties: - failureThreshold: - type: integer - httpGet: - type: object - properties: - path: - type: string - port: - type: string - scheme: - type: string - initialDelaySeconds: - type: integer - periodSeconds: - type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - port: - type: integer - maximum: 65535 - minimum: 0 - server: + enable_goroutine: + type: boolean + enable_memory: + type: boolean + enable_version_info: + type: boolean + version_info_labels: + type: array + items: + type: string + enum: + - vald_version + - server_name + - git_commit + - build_time + - go_version + - go_os + - go_arch + - cgo_enabled + - ngt_version + - build_cpu_info_flags + otlp: + type: object + properties: + attribute: type: object properties: - http: - type: object - properties: - handler_timeout: - type: string - idle_timeout: - type: string - read_header_timeout: - type: string - read_timeout: - type: string - shutdown_duration: - type: string - write_timeout: - type: string - mode: + namespace: type: string - network: + node_name: type: string - enum: - - tcp - - tcp4 - - tcp6 - - udp - - udp4 - - udp6 - - unix - - unixgram - - unixpacket - probe_wait_time: + pod_name: type: string - socket_option: - type: object - properties: - ip_recover_destination_addr: - type: boolean - ip_transparent: - type: boolean - reuse_addr: - type: boolean - reuse_port: - type: boolean - tcp_cork: - type: boolean - tcp_defer_accept: - type: boolean - tcp_fast_open: - type: boolean - tcp_no_delay: - type: boolean - tcp_quick_ack: - type: boolean - socket_path: + service_name: type: string - servicePort: + collector_endpoint: + type: string + metrics_export_interval: + type: string + metrics_export_timeout: + type: string + trace_batch_timeout: + type: string + trace_export_timeout: + type: string + trace_max_export_batch_size: type: integer - maximum: 65535 - minimum: 0 - readiness: + trace_max_queue_size: + type: integer + trace: type: object properties: enabled: type: boolean - host: - type: string - port: - type: integer - maximum: 65535 - minimum: 0 - readinessProbe: + podSecurityContext: + type: object + x-kubernetes-preserve-unknown-fields: true + read_replica_id: + type: string + securityContext: + type: object + x-kubernetes-preserve-unknown-fields: true + server_config: + type: object + properties: + full_shutdown_duration: + type: string + healths: + type: object + properties: + liveness: type: object properties: - failureThreshold: - type: integer - httpGet: + enabled: + type: boolean + host: + type: string + livenessProbe: type: object properties: - path: - type: string - port: - type: string - scheme: - type: string - initialDelaySeconds: - type: integer - periodSeconds: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + port: type: integer - successThreshold: - type: integer - timeoutSeconds: + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: type: integer - server: + maximum: 65535 + minimum: 0 + readiness: type: object properties: - http: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + readinessProbe: type: object properties: - handler_timeout: - type: string - idle_timeout: - type: string - read_header_timeout: - type: string - read_timeout: - type: string - shutdown_duration: - type: string - write_timeout: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: type: string - mode: - type: string - network: - type: string - enum: - - tcp - - tcp4 - - tcp6 - - udp - - udp4 - - udp6 - - unix - - unixgram - - unixpacket - probe_wait_time: - type: string - socket_option: + servicePort: + type: integer + maximum: 65535 + minimum: 0 + startup: + type: object + properties: + enabled: + type: boolean + port: + type: integer + maximum: 65535 + minimum: 0 + startupProbe: type: object properties: - ip_recover_destination_addr: - type: boolean - ip_transparent: - type: boolean - reuse_addr: - type: boolean - reuse_port: - type: boolean - tcp_cork: - type: boolean - tcp_defer_accept: - type: boolean - tcp_fast_open: - type: boolean - tcp_no_delay: - type: boolean - tcp_quick_ack: - type: boolean - socket_path: - type: string - servicePort: - type: integer - maximum: 65535 - minimum: 0 - startup: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + metrics: type: object properties: - enabled: - type: boolean - port: - type: integer - maximum: 65535 - minimum: 0 - startupProbe: + pprof: type: object properties: - failureThreshold: + enabled: + type: boolean + host: + type: string + port: type: integer - httpGet: + maximum: 65535 + minimum: 0 + server: type: object properties: - path: - type: string - port: - type: string - scheme: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: type: string - initialDelaySeconds: - type: integer - periodSeconds: + servicePort: type: integer - successThreshold: - type: integer - timeoutSeconds: - type: integer - metrics: - type: object - properties: - pprof: + maximum: 65535 + minimum: 0 + servers: type: object properties: - enabled: - type: boolean - host: - type: string - port: - type: integer - maximum: 65535 - minimum: 0 - server: + grpc: type: object properties: - http: - type: object - properties: - handler_timeout: - type: string - idle_timeout: - type: string - read_header_timeout: - type: string - read_timeout: - type: string - shutdown_duration: - type: string - write_timeout: - type: string - mode: - type: string - network: - type: string - enum: - - tcp - - tcp4 - - tcp6 - - udp - - udp4 - - udp6 - - unix - - unixgram - - unixpacket - probe_wait_time: + enabled: + type: boolean + host: type: string - socket_option: + port: + type: integer + maximum: 65535 + minimum: 0 + server: type: object properties: - ip_recover_destination_addr: - type: boolean - ip_transparent: - type: boolean - reuse_addr: - type: boolean - reuse_port: - type: boolean - tcp_cork: - type: boolean - tcp_defer_accept: - type: boolean - tcp_fast_open: - type: boolean - tcp_no_delay: - type: boolean - tcp_quick_ack: - type: boolean - socket_path: - type: string - servicePort: - type: integer - maximum: 65535 - minimum: 0 - servers: - type: object - properties: - grpc: - type: object - properties: - enabled: - type: boolean - host: - type: string - port: - type: integer - maximum: 65535 - minimum: 0 - server: + grpc: + type: object + properties: + bidirectional_stream_concurrency: + type: integer + connection_timeout: + type: string + enable_reflection: + type: boolean + header_table_size: + type: integer + initial_conn_window_size: + type: integer + initial_window_size: + type: integer + interceptors: + type: array + items: + type: string + enum: + - RecoverInterceptor + - AccessLogInterceptor + - TraceInterceptor + - MetricInterceptor + keepalive: + type: object + properties: + max_conn_age: + type: string + max_conn_age_grace: + type: string + max_conn_idle: + type: string + min_time: + type: string + permit_without_stream: + type: boolean + time: + type: string + timeout: + type: string + max_header_list_size: + type: integer + max_receive_message_size: + type: integer + max_send_message_size: + type: integer + read_buffer_size: + type: integer + write_buffer_size: + type: integer + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + restart: + type: boolean + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + rest: type: object properties: - grpc: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: type: object properties: - bidirectional_stream_concurrency: - type: integer - connection_timeout: - type: string - enable_reflection: - type: boolean - header_table_size: - type: integer - initial_conn_window_size: - type: integer - initial_window_size: - type: integer - interceptors: - type: array - items: - type: string - enum: - - RecoverInterceptor - - AccessLogInterceptor - - TraceInterceptor - - MetricInterceptor - keepalive: + http: type: object properties: - max_conn_age: + handler_timeout: type: string - max_conn_age_grace: + idle_timeout: type: string - max_conn_idle: + read_header_timeout: type: string - min_time: + read_timeout: type: string - permit_without_stream: - type: boolean - time: + shutdown_duration: type: string - timeout: + write_timeout: type: string - max_header_list_size: - type: integer - max_receive_message_size: - type: integer - max_send_message_size: - type: integer - read_buffer_size: - type: integer - write_buffer_size: - type: integer - mode: - type: string - network: - type: string - enum: - - tcp - - tcp4 - - tcp6 - - udp - - udp4 - - udp6 - - unix - - unixgram - - unixpacket - probe_wait_time: - type: string - restart: - type: boolean - socket_option: - type: object - properties: - ip_recover_destination_addr: - type: boolean - ip_transparent: - type: boolean - reuse_addr: - type: boolean - reuse_port: - type: boolean - tcp_cork: - type: boolean - tcp_defer_accept: - type: boolean - tcp_fast_open: - type: boolean - tcp_no_delay: - type: boolean - tcp_quick_ack: - type: boolean - socket_path: - type: string - servicePort: - type: integer - maximum: 65535 - minimum: 0 - rest: + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + tls: type: object properties: + ca: + type: string + cert: + type: string enabled: type: boolean - host: + insecure_skip_verify: + type: boolean + key: type: string - port: - type: integer - maximum: 65535 - minimum: 0 - server: - type: object - properties: - http: - type: object - properties: - handler_timeout: - type: string - idle_timeout: - type: string - read_header_timeout: - type: string - read_timeout: - type: string - shutdown_duration: - type: string - write_timeout: - type: string - mode: - type: string - network: - type: string - enum: - - tcp - - tcp4 - - tcp6 - - udp - - udp4 - - udp6 - - unix - - unixgram - - unixpacket - probe_wait_time: - type: string - socket_option: - type: object - properties: - ip_recover_destination_addr: - type: boolean - ip_transparent: - type: boolean - reuse_addr: - type: boolean - reuse_port: - type: boolean - tcp_cork: - type: boolean - tcp_defer_accept: - type: boolean - tcp_fast_open: - type: boolean - tcp_no_delay: - type: boolean - tcp_quick_ack: - type: boolean - socket_path: - type: string - servicePort: - type: integer - maximum: 65535 - minimum: 0 - tls: + serviceAccount: type: object properties: - ca: - type: string - cert: - type: string enabled: type: boolean - insecure_skip_verify: - type: boolean - key: + name: type: string - serviceAccount: - type: object - properties: - enabled: - type: boolean - name: + ttlSecondsAfterFinished: + type: integer + version: type: string - ttlSecondsAfterFinished: - type: integer - version: - type: string - pattern: ^v[0-9]+\.[0-9]+\.[0-9]$ + pattern: ^v[0-9]+\.[0-9]+\.[0-9]$ replicas: type: integer minimum: 0 diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index 1dac6b69de..5a534c5cfe 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -2957,8 +2957,8 @@ manager: net: dialer: keepalive: 15m #indexer fetches uncommitted index length, which includes huge payload so we need to set keepalive longer than usual - # @schema {"name": "manager.index.readreplica.rotator", "type": "object"} - # manager.index.readreplica.rotator -- [This feature is work in progress] readreplica agents rotation job + # @schema {"name": "manager.index.readreplica", "type": "object"} + # manager.index.readreplica -- [This feature is work in progress] readreplica agents rotation job readreplica: # @schema {"name": "manager.index.readreplica.rotator", "type": "object"} rotator: From ff17dc2396e5fcca91a3e5d6fed2dbd21302fe5a Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 4 Dec 2023 05:13:53 +0000 Subject: [PATCH 39/51] Update valdrelease scheme --- .../vald-helm-operator/crds/valdrelease.yaml | 20 ++++++++++++++++++- charts/vald/values.yaml | 16 +++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/charts/vald-helm-operator/crds/valdrelease.yaml b/charts/vald-helm-operator/crds/valdrelease.yaml index 3eaf4ba0c7..058de45cae 100644 --- a/charts/vald-helm-operator/crds/valdrelease.yaml +++ b/charts/vald-helm-operator/crds/valdrelease.yaml @@ -384,7 +384,25 @@ spec: type: integer readreplica: type: object - x-kubernetes-preserve-unknown-fields: true + properties: + enabled: + type: boolean + label_key: + type: string + name: + type: string + replica: + type: integer + service: + type: object + properties: + annotations: + type: object + x-kubernetes-preserve-unknown-fields: true + snapshot_classname: + type: string + volume_name: + type: string resources: type: object properties: diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index 5a534c5cfe..1f5813867a 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -1633,13 +1633,29 @@ agent: requests: cpu: 300m memory: 4Gi + # @schema {"name": "agent.readreplica", "type": "object"} + # agent.readreplica -- readreplica deployment annotations readreplica: + # @schema {"name": "agent.readreplica.enabled", "type": "boolean"} + # agent.readreplica.enabled -- enable agent readreplica enabled: true + # @schema {"name": "agent.readreplica.name", "type": "string"} + # agent.readreplica.name -- name of agent readreplica name: vald-agent-ngt-readreplica + # @schema {"name": "agent.readreplica.label_key", "type": "string"} + # agent.readreplica.label_key -- label key to identify read replica resources label_key: vald-readreplica-id + # @schema {"name": "agent.readreplica.volume_name", "type": "string"} + # agent.readreplica.volume_name -- name of clone volume of agent pvc for read replica volume_name: vald-agent-ngt-readreplica-pvc + # @schema {"name": "agent.readreplica.snapshot_classname", "type": "string"} + # agent.readreplica.snapshot_classname -- snapshot class name for snapshotter used for read replica snapshot_classname: "" + # @schema {"name": "agent.readreplica.replica", "type": "integer"} + # agent.readreplica.replica -- replica number of read replica replica: 2 + # @schema {"name": "agent.readreplica.service", "type": "object"} + # agent.readreplica.service -- service settings for read replica service resources service: # @schema {"name": "agent.readreplica.service.annotations", "type": "object"} # agent.readreplica.service.annotations -- readreplica deployment annotations From 1928481f231f8a97abd12cf7644f8acbae151de5 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Mon, 4 Dec 2023 08:04:59 +0000 Subject: [PATCH 40/51] Fix component name of readreplica so that svc can find it well --- charts/vald/templates/agent/readreplica/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/vald/templates/agent/readreplica/deployment.yaml b/charts/vald/templates/agent/readreplica/deployment.yaml index fc9c043b7f..b501c1fb1a 100644 --- a/charts/vald/templates/agent/readreplica/deployment.yaml +++ b/charts/vald/templates/agent/readreplica/deployment.yaml @@ -57,7 +57,7 @@ spec: app: {{ $readreplica.name }}-{{ $id }} app.kubernetes.io/name: {{ $valdname }} app.kubernetes.io/instance: {{ $release.Name }} - app.kubernetes.io/component: agent + app.kubernetes.io/component: agent-replica {{- $pprof := default $defaults.server_config.metrics.pprof $agent.server_config.metrics.pprof }} {{- if or $agent.podAnnotations $agent.sidecar.enabled $pprof.enabled }} annotations: From e08f67d43fda21c384cfc521c042aa23e83891dd Mon Sep 17 00:00:00 2001 From: ykadowak Date: Tue, 5 Dec 2023 06:55:49 +0000 Subject: [PATCH 41/51] Change readreplica svc component name --- charts/vald/templates/agent/readreplica/svc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/vald/templates/agent/readreplica/svc.yaml b/charts/vald/templates/agent/readreplica/svc.yaml index f37d942fcf..a8e5807fc7 100644 --- a/charts/vald/templates/agent/readreplica/svc.yaml +++ b/charts/vald/templates/agent/readreplica/svc.yaml @@ -38,7 +38,7 @@ metadata: app.kubernetes.io/managed-by: {{ $release.Service }} app.kubernetes.io/instance: {{ $release.Name }} app.kubernetes.io/version: {{ $chart.Version }} - app.kubernetes.io/component: agent + app.kubernetes.io/component: agent-replica {{ $readreplica.label_key }}: "{{ $id }}" {{- if $agent.service.labels }} {{- toYaml $agent.service.labels | nindent 4 }} From e65201ebfef416ed8fd5ce5d720e856f940dd79b Mon Sep 17 00:00:00 2001 From: ykadowak Date: Tue, 5 Dec 2023 08:29:01 +0000 Subject: [PATCH 42/51] Change headless to normal ClusterIP to do loadbalancing for readreplica --- charts/vald/templates/agent/readreplica/svc.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/charts/vald/templates/agent/readreplica/svc.yaml b/charts/vald/templates/agent/readreplica/svc.yaml index a8e5807fc7..402fcfdf65 100644 --- a/charts/vald/templates/agent/readreplica/svc.yaml +++ b/charts/vald/templates/agent/readreplica/svc.yaml @@ -49,9 +49,6 @@ spec: selector: app: {{ $readreplica.name }}-{{ $id }} app.kubernetes.io/name: {{ $valdname }} - {{- if eq $agent.serviceType "ClusterIP" }} - clusterIP: None - {{- end }} type: {{ $agent.serviceType }} {{- if $agent.externalTrafficPolicy }} externalTrafficPolicy: {{ $agent.externalTrafficPolicy }} From 08dbc737fc157000995dcc92a3eb3d5456612ad1 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 6 Dec 2023 02:52:12 +0000 Subject: [PATCH 43/51] Fix comment --- charts/vald/README.md | 1590 ++++++++++++++++++++------------------- charts/vald/values.yaml | 4 +- 2 files changed, 803 insertions(+), 791 deletions(-) diff --git a/charts/vald/README.md b/charts/vald/README.md index 9c945f3be7..2dcc5b8b68 100644 --- a/charts/vald/README.md +++ b/charts/vald/README.md @@ -44,792 +44,804 @@ Run the following command to install the chart, ### Parameters -| Key | Type | Default | Description | -| ----------------------------------------------------------------------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| agent.annotations | object | `{}` | deployment annotations | -| agent.enabled | bool | `true` | agent enabled | -| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.hpa.enabled | bool | `false` | HPA enabled | -| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| agent.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | -| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.initContainers | list | `[]` | init containers | -| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | -| agent.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | -| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | -| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | -| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | -| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | -| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | -| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | -| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | -| agent.ngt.creation_edge_size | int | `20` | creation edge size | -| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | -| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | -| agent.ngt.default_radius | float | `-1` | default radius used for search | -| agent.ngt.dimension | int | `4096` | vector dimension | -| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | -| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | -| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | -| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | -| agent.ngt.index_path | string | `""` | path to index data | -| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | -| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | -| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | -| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | -| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | -| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | -| agent.ngt.search_edge_size | int | `10` | search edge size | -| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | -| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | -| agent.nodeName | string | `""` | node name | -| agent.nodeSelector | object | `{}` | node selector | -| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | -| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | -| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | -| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | -| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | -| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | -| agent.podAnnotations | object | `{}` | pod annotations | -| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | -| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | -| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | -| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | -| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | -| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| agent.service.annotations | object | `{}` | service annotations | -| agent.service.labels | object | `{}` | service labels | -| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | -| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | -| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | -| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | -| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | -| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | -| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | -| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | -| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | -| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | -| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | -| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | -| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | -| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | -| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | -| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | -| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | -| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | -| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | -| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | -| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | -| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | -| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | -| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | -| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | -| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | -| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | -| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | -| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | -| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | -| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | -| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | -| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | -| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | -| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | -| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | -| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | -| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | -| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | -| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | -| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | -| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | -| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | -| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | -| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | -| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | -| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | -| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | -| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | -| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | -| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | -| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | -| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | -| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | -| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | -| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | -| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | -| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | -| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | -| agent.sidecar.enabled | bool | `false` | sidecar enabled | -| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | -| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | -| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | -| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | -| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | -| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | -| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | -| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | -| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | -| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | -| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.time_zone | string | `""` | Time zone | -| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | -| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | -| agent.time_zone | string | `""` | Time zone | -| agent.tolerations | list | `[]` | tolerations | -| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | -| agent.version | string | `"v0.0.0"` | version of agent config | -| agent.volumeMounts | list | `[]` | volume mounts | -| agent.volumes | list | `[]` | volumes | -| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | -| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | -| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | -| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | -| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | -| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | -| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | -| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | -| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | -| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | -| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | -| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | -| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | -| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | -| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | -| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | -| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | -| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | -| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | -| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | -| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | -| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | -| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | -| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | -| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | -| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | -| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | -| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | -| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | -| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | -| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | -| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | -| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | -| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | -| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | -| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | -| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | -| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | -| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | -| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | -| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | -| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | -| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | -| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.image.tag | string | `"v1.7.8"` | docker image tag | -| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | -| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | -| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | -| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | -| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | -| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | -| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | -| defaults.observability.enabled | bool | `false` | observability features enabled | -| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | -| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | -| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | -| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | -| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | -| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | -| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | -| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | -| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | -| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | -| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | -| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | -| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | -| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | -| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | -| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | -| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | -| defaults.observability.trace.enabled | bool | `false` | trace enabled | -| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | -| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | -| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | -| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | -| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | -| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | -| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | -| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | -| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | -| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | -| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | -| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | -| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | -| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | -| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | -| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | -| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | -| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | -| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | -| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | -| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | -| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | -| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | -| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | -| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | -| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | -| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | -| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | -| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | -| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | -| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | -| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | -| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | -| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | -| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | -| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | -| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | -| defaults.server_config.healths.startup.port | int | `3000` | startup server port | -| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | -| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | -| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | -| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | -| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | -| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | -| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | -| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | -| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | -| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | -| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | -| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | -| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | -| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | -| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | -| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | -| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | -| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | -| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | -| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | -| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | -| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | -| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | -| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | -| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | -| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | -| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | -| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | -| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | -| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | -| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | -| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | -| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | -| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | -| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | -| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | -| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | -| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | -| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | -| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | -| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | -| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | -| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | -| defaults.server_config.servers.rest.port | int | `8080` | REST server port | -| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | -| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | -| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | -| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | -| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | -| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | -| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | -| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | -| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | -| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | -| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.time_zone | string | `"UTC"` | Time zone | -| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| discoverer.annotations | object | `{}` | deployment annotations | -| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | -| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | -| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | -| discoverer.discoverer.name | string | `""` | name to discovery | -| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | -| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | -| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | -| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | -| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | -| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | -| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | -| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | -| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | -| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | -| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | -| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | -| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | -| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | -| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | -| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | -| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | -| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | -| discoverer.enabled | bool | `true` | discoverer enabled | -| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| discoverer.hpa.enabled | bool | `false` | HPA enabled | -| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | -| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | -| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| discoverer.initContainers | list | `[]` | init containers | -| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | -| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | -| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | -| discoverer.nodeName | string | `""` | node name | -| discoverer.nodeSelector | object | `{}` | node selector | -| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | -| discoverer.podAnnotations | object | `{}` | pod annotations | -| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | -| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | -| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | -| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| discoverer.service.annotations | object | `{}` | service annotations | -| discoverer.service.labels | object | `{}` | service labels | -| discoverer.serviceAccount.enabled | bool | `true` | creates service account | -| discoverer.serviceAccount.name | string | `"vald"` | name of service account | -| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| discoverer.time_zone | string | `""` | Time zone | -| discoverer.tolerations | list | `[]` | tolerations | -| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | -| discoverer.version | string | `"v0.0.0"` | version of discoverer config | -| discoverer.volumeMounts | list | `[]` | volume mounts | -| discoverer.volumes | list | `[]` | volumes | -| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.filter.annotations | object | `{}` | deployment annotations | -| gateway.filter.enabled | bool | `false` | gateway enabled | -| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | -| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | -| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | -| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | -| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | -| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | -| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | -| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | -| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | -| gateway.filter.nodeName | string | `""` | node name | -| gateway.filter.nodeSelector | object | `{}` | node selector | -| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.filter.podAnnotations | object | `{}` | pod annotations | -| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.filter.service.annotations | object | `{}` | service annotations | -| gateway.filter.service.labels | object | `{}` | service labels | -| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.filter.time_zone | string | `""` | Time zone | -| gateway.filter.tolerations | list | `[]` | tolerations | -| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | -| gateway.filter.volumeMounts | list | `[]` | volume mounts | -| gateway.filter.volumes | list | `[]` | volumes | -| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.lb.annotations | object | `{}` | deployment annotations | -| gateway.lb.enabled | bool | `true` | gateway enabled | -| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | -| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | -| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | -| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | -| gateway.lb.gateway_config.node_name | string | `""` | node name | -| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | -| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | -| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | -| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | -| gateway.lb.nodeName | string | `""` | node name | -| gateway.lb.nodeSelector | object | `{}` | node selector | -| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.lb.podAnnotations | object | `{}` | pod annotations | -| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.lb.service.annotations | object | `{}` | service annotations | -| gateway.lb.service.labels | object | `{}` | service labels | -| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.lb.time_zone | string | `""` | Time zone | -| gateway.lb.tolerations | list | `[]` | tolerations | -| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | -| gateway.lb.volumeMounts | list | `[]` | volume mounts | -| gateway.lb.volumes | list | `[]` | volumes | -| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | -| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| manager.index.annotations | object | `{}` | deployment annotations | -| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | -| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.corrector.image.pullPolicy | string | `"Always"` | | -| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | -| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | -| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | -| manager.index.corrector.node_name | string | `""` | node name | -| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | -| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | -| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | -| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | -| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.creator.concurrency | int | `1` | concurrency for indexing | -| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | -| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.creator.image.pullPolicy | string | `"Always"` | | -| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | -| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | -| manager.index.creator.node_name | string | `""` | node name | -| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | -| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | -| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | -| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.enabled | bool | `true` | index manager enabled | -| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | -| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | -| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | -| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | -| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | -| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | -| manager.index.indexer.concurrency | int | `1` | concurrency | -| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.indexer.node_name | string | `""` | node name | -| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | -| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | -| manager.index.nodeName | string | `""` | node name | -| manager.index.nodeSelector | object | `{}` | node selector | -| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | -| manager.index.podAnnotations | object | `{}` | pod annotations | -| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | -| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | -| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| manager.index.readreplica.rotator | object | `{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}},"read_replica_id":"_MY_TARGET_REPLICA_ID_","server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}` | [This feature is work in progress] readreplica agents rotation job | -| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | -| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | -| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | -| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | -| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | -| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}}` | observability config (overrides defaults.observability) | -| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | -| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | -| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | -| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | -| manager.index.replicas | int | `1` | number of replicas | -| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | -| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.saver.concurrency | int | `1` | concurrency for index saving | -| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.saver.enabled | bool | `false` | enable index save CronJob | -| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.saver.image.pullPolicy | string | `"Always"` | | -| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | -| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | -| manager.index.saver.node_name | string | `""` | node name | -| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | -| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | -| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | -| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.service.annotations | object | `{}` | service annotations | -| manager.index.service.labels | object | `{}` | service labels | -| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| manager.index.time_zone | string | `""` | Time zone | -| manager.index.tolerations | list | `[]` | tolerations | -| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | -| manager.index.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.volumeMounts | list | `[]` | volume mounts | -| manager.index.volumes | list | `[]` | volumes | +| Key | Type | Default | Description | +| ----------------------------------------------------------------------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| agent.annotations | object | `{}` | deployment annotations | +| agent.enabled | bool | `true` | agent enabled | +| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.hpa.enabled | bool | `false` | HPA enabled | +| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| agent.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | +| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.initContainers | list | `[]` | init containers | +| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | +| agent.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | +| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | +| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | +| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | +| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | +| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | +| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | +| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | +| agent.ngt.creation_edge_size | int | `20` | creation edge size | +| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | +| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | +| agent.ngt.default_radius | float | `-1` | default radius used for search | +| agent.ngt.dimension | int | `4096` | vector dimension | +| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | +| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | +| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | +| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | +| agent.ngt.error_buffer_limit | int | `10` | maximum number of core ngt error buffer pool size limit | +| agent.ngt.index_path | string | `""` | path to index data | +| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | +| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | +| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | +| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | +| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | +| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | +| agent.ngt.search_edge_size | int | `10` | search edge size | +| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | +| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | +| agent.nodeName | string | `""` | node name | +| agent.nodeSelector | object | `{}` | node selector | +| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | +| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | +| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | +| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | +| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | +| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | +| agent.podAnnotations | object | `{}` | pod annotations | +| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | +| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | +| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | +| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| agent.readreplica | object | `{"enabled":false,"label_key":"vald-readreplica-id","name":"vald-agent-ngt-readreplica","replica":2,"service":{"annotations":{}},"snapshot_classname":"","volume_name":"vald-agent-ngt-readreplica-pvc"}` | readreplica deployment annotations | +| agent.readreplica.enabled | bool | `false` | [This feature is WORK IN PROGRESS]enable agent readreplica | +| agent.readreplica.label_key | string | `"vald-readreplica-id"` | label key to identify read replica resources | +| agent.readreplica.name | string | `"vald-agent-ngt-readreplica"` | name of agent readreplica | +| agent.readreplica.replica | int | `2` | replica number of read replica | +| agent.readreplica.service | object | `{"annotations":{}}` | service settings for read replica service resources | +| agent.readreplica.service.annotations | object | `{}` | readreplica deployment annotations | +| agent.readreplica.snapshot_classname | string | `""` | snapshot class name for snapshotter used for read replica | +| agent.readreplica.volume_name | string | `"vald-agent-ngt-readreplica-pvc"` | name of clone volume of agent pvc for read replica | +| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | +| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | +| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| agent.service.annotations | object | `{}` | service annotations | +| agent.service.labels | object | `{}` | service labels | +| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | +| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | +| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | +| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | +| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | +| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | +| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | +| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | +| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | +| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | +| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | +| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | +| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | +| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | +| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | +| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | +| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | +| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | +| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | +| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | +| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | +| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | +| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | +| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | +| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | +| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | +| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | +| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | +| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | +| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | +| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | +| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | +| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | +| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | +| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | +| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | +| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | +| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | +| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | +| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | +| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | +| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | +| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | +| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | +| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | +| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | +| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | +| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | +| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | +| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | +| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | +| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | +| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | +| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | +| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | +| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | +| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | +| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | +| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | +| agent.sidecar.enabled | bool | `false` | sidecar enabled | +| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | +| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | +| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | +| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | +| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | +| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | +| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | +| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | +| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | +| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | +| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.time_zone | string | `""` | Time zone | +| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | +| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | +| agent.time_zone | string | `""` | Time zone | +| agent.tolerations | list | `[]` | tolerations | +| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | +| agent.version | string | `"v0.0.0"` | version of agent config | +| agent.volumeMounts | list | `[]` | volume mounts | +| agent.volumes | list | `[]` | volumes | +| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | +| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | +| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | +| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | +| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | +| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | +| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | +| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | +| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | +| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | +| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | +| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | +| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | +| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | +| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | +| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | +| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | +| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | +| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | +| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | +| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | +| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | +| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | +| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | +| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | +| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | +| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | +| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | +| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | +| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | +| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | +| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | +| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | +| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | +| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | +| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | +| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | +| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | +| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | +| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | +| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | +| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | +| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | +| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.image.tag | string | `"v1.7.8"` | docker image tag | +| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | +| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | +| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | +| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | +| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | +| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | +| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | +| defaults.observability.enabled | bool | `false` | observability features enabled | +| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | +| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | +| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | +| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | +| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | +| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | +| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | +| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | +| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | +| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | +| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | +| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | +| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | +| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | +| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | +| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | +| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | +| defaults.observability.trace.enabled | bool | `false` | trace enabled | +| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | +| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | +| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | +| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | +| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | +| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | +| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | +| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | +| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | +| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | +| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | +| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | +| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | +| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | +| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | +| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | +| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | +| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | +| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | +| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | +| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | +| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | +| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | +| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | +| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | +| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | +| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | +| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | +| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | +| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | +| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | +| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | +| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | +| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | +| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | +| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | +| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | +| defaults.server_config.healths.startup.port | int | `3000` | startup server port | +| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | +| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | +| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | +| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | +| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | +| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | +| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | +| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | +| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | +| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | +| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | +| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | +| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | +| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | +| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | +| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | +| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | +| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | +| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | +| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | +| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | +| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | +| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | +| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | +| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | +| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | +| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | +| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | +| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | +| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | +| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | +| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | +| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | +| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | +| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | +| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | +| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | +| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | +| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | +| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | +| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | +| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | +| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | +| defaults.server_config.servers.rest.port | int | `8080` | REST server port | +| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | +| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | +| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | +| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | +| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | +| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | +| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | +| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | +| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | +| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | +| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.time_zone | string | `"UTC"` | Time zone | +| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| discoverer.annotations | object | `{}` | deployment annotations | +| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | +| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | +| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | +| discoverer.discoverer.name | string | `""` | name to discovery | +| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | +| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | +| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | +| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | +| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | +| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | +| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | +| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | +| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | +| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | +| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | +| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | +| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | +| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | +| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | +| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | +| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | +| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | +| discoverer.enabled | bool | `true` | discoverer enabled | +| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| discoverer.hpa.enabled | bool | `false` | HPA enabled | +| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | +| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | +| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| discoverer.initContainers | list | `[]` | init containers | +| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | +| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | +| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | +| discoverer.nodeName | string | `""` | node name | +| discoverer.nodeSelector | object | `{}` | node selector | +| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | +| discoverer.podAnnotations | object | `{}` | pod annotations | +| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | +| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | +| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | +| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| discoverer.service.annotations | object | `{}` | service annotations | +| discoverer.service.labels | object | `{}` | service labels | +| discoverer.serviceAccount.enabled | bool | `true` | creates service account | +| discoverer.serviceAccount.name | string | `"vald"` | name of service account | +| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| discoverer.time_zone | string | `""` | Time zone | +| discoverer.tolerations | list | `[]` | tolerations | +| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | +| discoverer.version | string | `"v0.0.0"` | version of discoverer config | +| discoverer.volumeMounts | list | `[]` | volume mounts | +| discoverer.volumes | list | `[]` | volumes | +| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.filter.annotations | object | `{}` | deployment annotations | +| gateway.filter.enabled | bool | `false` | gateway enabled | +| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | +| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | +| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | +| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | +| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | +| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | +| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | +| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | +| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | +| gateway.filter.nodeName | string | `""` | node name | +| gateway.filter.nodeSelector | object | `{}` | node selector | +| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.filter.podAnnotations | object | `{}` | pod annotations | +| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.filter.service.annotations | object | `{}` | service annotations | +| gateway.filter.service.labels | object | `{}` | service labels | +| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.filter.time_zone | string | `""` | Time zone | +| gateway.filter.tolerations | list | `[]` | tolerations | +| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | +| gateway.filter.volumeMounts | list | `[]` | volume mounts | +| gateway.filter.volumes | list | `[]` | volumes | +| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.lb.annotations | object | `{}` | deployment annotations | +| gateway.lb.enabled | bool | `true` | gateway enabled | +| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | +| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | +| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | +| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | +| gateway.lb.gateway_config.node_name | string | `""` | node name | +| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | +| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | +| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | +| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | +| gateway.lb.nodeName | string | `""` | node name | +| gateway.lb.nodeSelector | object | `{}` | node selector | +| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.lb.podAnnotations | object | `{}` | pod annotations | +| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.lb.service.annotations | object | `{}` | service annotations | +| gateway.lb.service.labels | object | `{}` | service labels | +| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.lb.time_zone | string | `""` | Time zone | +| gateway.lb.tolerations | list | `[]` | tolerations | +| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | +| gateway.lb.volumeMounts | list | `[]` | volume mounts | +| gateway.lb.volumes | list | `[]` | volumes | +| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | +| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| manager.index.annotations | object | `{}` | deployment annotations | +| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | +| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.corrector.image.pullPolicy | string | `"Always"` | | +| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | +| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | +| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | +| manager.index.corrector.node_name | string | `""` | node name | +| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | +| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | +| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | +| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | +| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.creator.concurrency | int | `1` | concurrency for indexing | +| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | +| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.creator.image.pullPolicy | string | `"Always"` | | +| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | +| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | +| manager.index.creator.node_name | string | `""` | node name | +| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | +| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | +| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | +| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.enabled | bool | `true` | index manager enabled | +| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | +| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | +| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | +| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | +| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | +| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | +| manager.index.indexer.concurrency | int | `1` | concurrency | +| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.indexer.node_name | string | `""` | node name | +| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | +| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | +| manager.index.nodeName | string | `""` | node name | +| manager.index.nodeSelector | object | `{}` | node selector | +| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | +| manager.index.podAnnotations | object | `{}` | pod annotations | +| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | +| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | +| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| manager.index.readreplica | object | `{"rotator":{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}},"podSecurityContext":{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"read_replica_id":"_MY_TARGET_REPLICA_ID_","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}}` | [This feature is work in progress] readreplica agents rotation job | +| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | +| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | +| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | +| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | +| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | +| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}}` | observability config (overrides defaults.observability) | +| manager.index.readreplica.rotator.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | +| manager.index.readreplica.rotator.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | +| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | +| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | +| manager.index.replicas | int | `1` | number of replicas | +| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | +| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.saver.concurrency | int | `1` | concurrency for index saving | +| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.saver.enabled | bool | `false` | enable index save CronJob | +| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.saver.image.pullPolicy | string | `"Always"` | | +| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | +| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | +| manager.index.saver.node_name | string | `""` | node name | +| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | +| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | +| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | +| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.service.annotations | object | `{}` | service annotations | +| manager.index.service.labels | object | `{}` | service labels | +| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| manager.index.time_zone | string | `""` | Time zone | +| manager.index.tolerations | list | `[]` | tolerations | +| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | +| manager.index.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.volumeMounts | list | `[]` | volume mounts | +| manager.index.volumes | list | `[]` | volumes | diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index 706350a3e8..75f6e5b3c5 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -1637,8 +1637,8 @@ agent: # agent.readreplica -- readreplica deployment annotations readreplica: # @schema {"name": "agent.readreplica.enabled", "type": "boolean"} - # agent.readreplica.enabled -- enable agent readreplica - enabled: true + # agent.readreplica.enabled -- [This feature is WORK IN PROGRESS]enable agent readreplica + enabled: false # @schema {"name": "agent.readreplica.name", "type": "string"} # agent.readreplica.name -- name of agent readreplica name: vald-agent-ngt-readreplica From cd191e37385089ef3cda9fe91e720d384f606cb5 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 6 Dec 2023 02:52:27 +0000 Subject: [PATCH 44/51] Parametarize some field in configmap --- .../templates/index/job/readreplica/rotate/configmap.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml b/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml index 6402c217b0..31e67ab0a2 100644 --- a/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml +++ b/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml @@ -46,7 +46,7 @@ data: {{- include "vald.observability" $observability | nindent 6 }} rotator: agent_namespace: {{ $rotator.agent_namespace | quote }} - read_replica_label_key: "vald-readreplica-id" + read_replica_label_key: {{ $agent.readreplica.label_key | quote }} read_replica_id: "_MY_TARGET_REPLICA_ID_" - volume_name: "vald-agent-ngt-readreplica-pvc" + volume_name: {{ $agent.readreplica.volume_name | quote }} {{- end }} From 1d33eea32de28e6162131a0cbda916be1455b8c2 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 6 Dec 2023 08:38:59 +0000 Subject: [PATCH 45/51] remove sidecar related things from readreplica deployment --- .../agent/readreplica/deployment.yaml | 58 +------------------ 1 file changed, 1 insertion(+), 57 deletions(-) diff --git a/charts/vald/templates/agent/readreplica/deployment.yaml b/charts/vald/templates/agent/readreplica/deployment.yaml index b501c1fb1a..3fa388d49a 100644 --- a/charts/vald/templates/agent/readreplica/deployment.yaml +++ b/charts/vald/templates/agent/readreplica/deployment.yaml @@ -59,69 +59,13 @@ spec: app.kubernetes.io/instance: {{ $release.Name }} app.kubernetes.io/component: agent-replica {{- $pprof := default $defaults.server_config.metrics.pprof $agent.server_config.metrics.pprof }} - {{- if or $agent.podAnnotations $agent.sidecar.enabled $pprof.enabled }} - annotations: - {{- if $agent.podAnnotations }} - {{- toYaml $agent.podAnnotations | nindent 8 }} - {{- end }} - {{- if $pprof.enabled }} - pyroscope.io/scrape: "true" - pyroscope.io/application-name: {{ $agent.name }} - pyroscope.io/profile-cpu-enabled: "true" - pyroscope.io/profile-mem-enabled: "true" - pyroscope.io/port: "{{ $pprof.port }}" - {{- end }} - {{- if $agent.sidecar.enabled }} - checksum/configmap: {{ include (print $.Template.BasePath "/agent/configmap.yaml") . | sha256sum }} - checksum/sidecar-configmap: {{ include (print $.Template.BasePath "/agent/sidecar-configmap.yaml") . | sha256sum }} - {{- end }} - {{- end }} spec: - {{- if or $agent.initContainers $agent.sidecar.initContainerEnabled }} + {{- if $agent.initContainers }} initContainers: {{- if $agent.initContainers }} {{- $initContainers := dict "initContainers" $agent.initContainers "Values" .Values "namespace" .Release.Namespace -}} {{- include "vald.initContainers" $initContainers | trim | nindent 8 }} {{- end }} - {{- if $agent.sidecar.initContainerEnabled }} - - name: {{ $agent.sidecar.name }}-init - image: "{{ $agent.sidecar.image.repository }}:{{ default $defaults.image.tag $agent.sidecar.image.tag }}" - imagePullPolicy: {{ $agent.sidecar.image.pullPolicy }} - {{- $servers := dict "Values" $agent.sidecar.server_config "default" $defaults.server_config -}} - {{- include "vald.containerPorts" $servers | trim | nindent 10 }} - resources: - {{- toYaml $agent.sidecar.resources | nindent 12 }} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - {{- if $agent.securityContext }} - securityContext: - {{- toYaml $agent.securityContext | nindent 12 }} - {{- end }} - env: - - name: VALD_AGENT_SIDECAR_MODE - value: "initcontainer" - {{- if $agent.sidecar.env }} - {{- toYaml $agent.sidecar.env | nindent 12 }} - {{- end }} - volumeMounts: - - name: {{ $agent.sidecar.name }}-config - mountPath: /etc/server/ - {{- if not $agent.ngt.enable_in_memory_mode }} - {{- if $agent.ngt.index_path }} - {{- if $agent.persistentVolume.enabled }} - - name: {{ $agent.name }}-pvc - mountPath: {{ dir $agent.ngt.index_path }} - mountPropagation: {{ $agent.persistentVolume.mountPropagation }} - {{- else }} - - name: {{ $agent.name }}-local - mountPath: {{ dir $agent.ngt.index_path }} - {{- end }} - {{- end }} - {{- end }} - {{- if $agent.volumeMounts }} - {{- toYaml $agent.volumeMounts | nindent 12 }} - {{- end }} - {{- end }} {{- end }} affinity: podAntiAffinity: From a5dd88a44c36fb476bae54205b55165a336c89c8 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 6 Dec 2023 08:45:41 +0000 Subject: [PATCH 46/51] Fix readreplica svc type to ClusterIP --- charts/vald/templates/agent/readreplica/svc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/vald/templates/agent/readreplica/svc.yaml b/charts/vald/templates/agent/readreplica/svc.yaml index 402fcfdf65..b38a3a85cf 100644 --- a/charts/vald/templates/agent/readreplica/svc.yaml +++ b/charts/vald/templates/agent/readreplica/svc.yaml @@ -49,7 +49,7 @@ spec: selector: app: {{ $readreplica.name }}-{{ $id }} app.kubernetes.io/name: {{ $valdname }} - type: {{ $agent.serviceType }} + type: ClusterIP {{- if $agent.externalTrafficPolicy }} externalTrafficPolicy: {{ $agent.externalTrafficPolicy }} {{- end }} From ec810fd0d90976efe35ce6273ac5fe9b488a1584 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Wed, 6 Dec 2023 08:53:20 +0000 Subject: [PATCH 47/51] Update README.md --- charts/vald/README.md | 1591 +++++++++++++++++++++-------------------- 1 file changed, 801 insertions(+), 790 deletions(-) diff --git a/charts/vald/README.md b/charts/vald/README.md index a2d089acc5..8ced7f5590 100644 --- a/charts/vald/README.md +++ b/charts/vald/README.md @@ -44,793 +44,804 @@ Run the following command to install the chart, ### Parameters -| Key | Type | Default | Description | -| ----------------------------------------------------------------------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| agent.annotations | object | `{}` | deployment annotations | -| agent.enabled | bool | `true` | agent enabled | -| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.hpa.enabled | bool | `false` | HPA enabled | -| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| agent.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | -| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.initContainers | list | `[]` | init containers | -| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | -| agent.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | -| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | -| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | -| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | -| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | -| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | -| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | -| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | -| agent.ngt.creation_edge_size | int | `20` | creation edge size | -| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | -| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | -| agent.ngt.default_radius | float | `-1` | default radius used for search | -| agent.ngt.dimension | int | `4096` | vector dimension | -| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | -| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | -| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | -| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | -| agent.ngt.error_buffer_limit | int | `10` | maximum number of core ngt error buffer pool size limit | -| agent.ngt.index_path | string | `""` | path to index data | -| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | -| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | -| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | -| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | -| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | -| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | -| agent.ngt.search_edge_size | int | `10` | search edge size | -| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | -| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | -| agent.nodeName | string | `""` | node name | -| agent.nodeSelector | object | `{}` | node selector | -| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | -| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | -| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | -| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | -| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | -| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | -| agent.podAnnotations | object | `{}` | pod annotations | -| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | -| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | -| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | -| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | -| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | -| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| agent.service.annotations | object | `{}` | service annotations | -| agent.service.labels | object | `{}` | service labels | -| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | -| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | -| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | -| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | -| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | -| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | -| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | -| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | -| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | -| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | -| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | -| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | -| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | -| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | -| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | -| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | -| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | -| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | -| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | -| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | -| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | -| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | -| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | -| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | -| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | -| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | -| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | -| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | -| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | -| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | -| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | -| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | -| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | -| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | -| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | -| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | -| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | -| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | -| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | -| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | -| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | -| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | -| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | -| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | -| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | -| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | -| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | -| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | -| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | -| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | -| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | -| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | -| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | -| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | -| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | -| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | -| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | -| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | -| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | -| agent.sidecar.enabled | bool | `false` | sidecar enabled | -| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | -| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | -| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | -| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | -| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | -| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | -| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | -| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | -| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | -| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | -| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.time_zone | string | `""` | Time zone | -| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | -| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | -| agent.time_zone | string | `""` | Time zone | -| agent.tolerations | list | `[]` | tolerations | -| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | -| agent.version | string | `"v0.0.0"` | version of agent config | -| agent.volumeMounts | list | `[]` | volume mounts | -| agent.volumes | list | `[]` | volumes | -| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | -| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | -| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | -| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | -| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | -| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | -| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | -| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | -| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | -| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | -| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | -| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | -| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | -| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | -| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | -| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | -| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | -| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | -| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | -| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | -| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | -| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | -| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | -| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | -| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | -| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | -| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | -| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | -| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | -| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | -| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | -| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | -| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | -| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | -| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | -| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | -| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | -| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | -| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | -| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | -| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | -| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | -| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | -| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.image.tag | string | `"v1.7.9"` | docker image tag | -| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | -| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | -| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | -| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | -| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | -| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | -| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | -| defaults.observability.enabled | bool | `false` | observability features enabled | -| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | -| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | -| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | -| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | -| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | -| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | -| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | -| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | -| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | -| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | -| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | -| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | -| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | -| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | -| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | -| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | -| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | -| defaults.observability.trace.enabled | bool | `false` | trace enabled | -| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | -| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | -| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | -| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | -| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | -| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | -| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | -| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | -| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | -| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | -| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | -| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | -| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | -| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | -| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | -| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | -| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | -| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | -| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | -| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | -| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | -| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | -| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | -| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | -| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | -| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | -| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | -| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | -| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | -| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | -| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | -| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | -| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | -| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | -| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | -| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | -| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | -| defaults.server_config.healths.startup.port | int | `3000` | startup server port | -| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | -| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | -| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | -| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | -| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | -| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | -| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | -| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | -| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | -| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | -| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | -| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | -| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | -| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | -| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | -| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | -| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | -| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | -| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | -| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | -| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | -| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | -| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | -| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | -| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | -| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | -| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | -| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | -| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | -| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | -| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | -| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | -| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | -| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | -| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | -| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | -| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | -| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | -| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | -| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | -| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | -| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | -| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | -| defaults.server_config.servers.rest.port | int | `8080` | REST server port | -| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | -| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | -| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | -| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | -| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | -| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | -| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | -| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | -| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | -| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | -| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.time_zone | string | `"UTC"` | Time zone | -| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| discoverer.annotations | object | `{}` | deployment annotations | -| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | -| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | -| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | -| discoverer.discoverer.name | string | `""` | name to discovery | -| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | -| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | -| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | -| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | -| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | -| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | -| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | -| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | -| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | -| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | -| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | -| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | -| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | -| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | -| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | -| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | -| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | -| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | -| discoverer.enabled | bool | `true` | discoverer enabled | -| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| discoverer.hpa.enabled | bool | `false` | HPA enabled | -| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | -| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | -| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| discoverer.initContainers | list | `[]` | init containers | -| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | -| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | -| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | -| discoverer.nodeName | string | `""` | node name | -| discoverer.nodeSelector | object | `{}` | node selector | -| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | -| discoverer.podAnnotations | object | `{}` | pod annotations | -| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | -| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | -| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | -| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| discoverer.service.annotations | object | `{}` | service annotations | -| discoverer.service.labels | object | `{}` | service labels | -| discoverer.serviceAccount.enabled | bool | `true` | creates service account | -| discoverer.serviceAccount.name | string | `"vald"` | name of service account | -| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| discoverer.time_zone | string | `""` | Time zone | -| discoverer.tolerations | list | `[]` | tolerations | -| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | -| discoverer.version | string | `"v0.0.0"` | version of discoverer config | -| discoverer.volumeMounts | list | `[]` | volume mounts | -| discoverer.volumes | list | `[]` | volumes | -| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.filter.annotations | object | `{}` | deployment annotations | -| gateway.filter.enabled | bool | `false` | gateway enabled | -| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | -| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | -| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | -| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | -| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | -| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | -| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | -| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | -| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | -| gateway.filter.nodeName | string | `""` | node name | -| gateway.filter.nodeSelector | object | `{}` | node selector | -| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.filter.podAnnotations | object | `{}` | pod annotations | -| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.filter.service.annotations | object | `{}` | service annotations | -| gateway.filter.service.labels | object | `{}` | service labels | -| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.filter.time_zone | string | `""` | Time zone | -| gateway.filter.tolerations | list | `[]` | tolerations | -| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | -| gateway.filter.volumeMounts | list | `[]` | volume mounts | -| gateway.filter.volumes | list | `[]` | volumes | -| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.lb.annotations | object | `{}` | deployment annotations | -| gateway.lb.enabled | bool | `true` | gateway enabled | -| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | -| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | -| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | -| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | -| gateway.lb.gateway_config.node_name | string | `""` | node name | -| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | -| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | -| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | -| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | -| gateway.lb.nodeName | string | `""` | node name | -| gateway.lb.nodeSelector | object | `{}` | node selector | -| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.lb.podAnnotations | object | `{}` | pod annotations | -| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.lb.service.annotations | object | `{}` | service annotations | -| gateway.lb.service.labels | object | `{}` | service labels | -| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.lb.time_zone | string | `""` | Time zone | -| gateway.lb.tolerations | list | `[]` | tolerations | -| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | -| gateway.lb.volumeMounts | list | `[]` | volume mounts | -| gateway.lb.volumes | list | `[]` | volumes | -| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | -| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| manager.index.annotations | object | `{}` | deployment annotations | -| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | -| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.corrector.image.pullPolicy | string | `"Always"` | | -| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | -| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | -| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | -| manager.index.corrector.node_name | string | `""` | node name | -| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | -| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | -| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | -| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | -| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.creator.concurrency | int | `1` | concurrency for indexing | -| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | -| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.creator.image.pullPolicy | string | `"Always"` | | -| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | -| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | -| manager.index.creator.node_name | string | `""` | node name | -| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | -| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | -| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | -| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.enabled | bool | `true` | index manager enabled | -| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | -| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | -| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | -| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | -| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | -| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | -| manager.index.indexer.concurrency | int | `1` | concurrency | -| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.indexer.node_name | string | `""` | node name | -| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | -| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | -| manager.index.nodeName | string | `""` | node name | -| manager.index.nodeSelector | object | `{}` | node selector | -| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | -| manager.index.podAnnotations | object | `{}` | pod annotations | -| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | -| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | -| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| manager.index.readreplica.rotator | object | `{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}},"read_replica_id":"_MY_TARGET_REPLICA_ID_","server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}` | [This feature is work in progress] readreplica agents rotation job | -| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | -| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | -| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | -| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | -| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | -| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}}` | observability config (overrides defaults.observability) | -| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | -| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | -| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | -| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | -| manager.index.replicas | int | `1` | number of replicas | -| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | -| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.saver.concurrency | int | `1` | concurrency for index saving | -| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.saver.enabled | bool | `false` | enable index save CronJob | -| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.saver.image.pullPolicy | string | `"Always"` | | -| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | -| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | -| manager.index.saver.node_name | string | `""` | node name | -| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | -| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | -| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | -| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.service.annotations | object | `{}` | service annotations | -| manager.index.service.labels | object | `{}` | service labels | -| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| manager.index.time_zone | string | `""` | Time zone | -| manager.index.tolerations | list | `[]` | tolerations | -| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | -| manager.index.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.volumeMounts | list | `[]` | volume mounts | -| manager.index.volumes | list | `[]` | volumes | +| Key | Type | Default | Description | +| ----------------------------------------------------------------------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| agent.annotations | object | `{}` | deployment annotations | +| agent.enabled | bool | `true` | agent enabled | +| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.hpa.enabled | bool | `false` | HPA enabled | +| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| agent.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | +| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.initContainers | list | `[]` | init containers | +| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | +| agent.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | +| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | +| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | +| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | +| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | +| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | +| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | +| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | +| agent.ngt.creation_edge_size | int | `20` | creation edge size | +| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | +| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | +| agent.ngt.default_radius | float | `-1` | default radius used for search | +| agent.ngt.dimension | int | `4096` | vector dimension | +| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | +| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | +| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | +| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | +| agent.ngt.error_buffer_limit | int | `10` | maximum number of core ngt error buffer pool size limit | +| agent.ngt.index_path | string | `""` | path to index data | +| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | +| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | +| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | +| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | +| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | +| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | +| agent.ngt.search_edge_size | int | `10` | search edge size | +| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | +| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | +| agent.nodeName | string | `""` | node name | +| agent.nodeSelector | object | `{}` | node selector | +| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | +| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | +| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | +| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | +| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | +| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | +| agent.podAnnotations | object | `{}` | pod annotations | +| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | +| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | +| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | +| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| agent.readreplica | object | `{"enabled":false,"label_key":"vald-readreplica-id","name":"vald-agent-ngt-readreplica","replica":2,"service":{"annotations":{}},"snapshot_classname":"","volume_name":"vald-agent-ngt-readreplica-pvc"}` | readreplica deployment annotations | +| agent.readreplica.enabled | bool | `false` | [This feature is WORK IN PROGRESS]enable agent readreplica | +| agent.readreplica.label_key | string | `"vald-readreplica-id"` | label key to identify read replica resources | +| agent.readreplica.name | string | `"vald-agent-ngt-readreplica"` | name of agent readreplica | +| agent.readreplica.replica | int | `2` | replica number of read replica | +| agent.readreplica.service | object | `{"annotations":{}}` | service settings for read replica service resources | +| agent.readreplica.service.annotations | object | `{}` | readreplica deployment annotations | +| agent.readreplica.snapshot_classname | string | `""` | snapshot class name for snapshotter used for read replica | +| agent.readreplica.volume_name | string | `"vald-agent-ngt-readreplica-pvc"` | name of clone volume of agent pvc for read replica | +| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | +| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | +| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| agent.service.annotations | object | `{}` | service annotations | +| agent.service.labels | object | `{}` | service labels | +| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | +| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | +| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | +| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | +| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | +| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | +| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | +| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | +| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | +| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | +| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | +| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | +| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | +| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | +| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | +| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | +| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | +| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | +| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | +| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | +| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | +| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | +| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | +| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | +| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | +| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | +| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | +| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | +| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | +| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | +| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | +| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | +| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | +| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | +| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | +| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | +| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | +| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | +| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | +| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | +| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | +| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | +| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | +| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | +| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | +| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | +| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | +| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | +| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | +| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | +| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | +| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | +| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | +| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | +| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | +| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | +| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | +| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | +| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | +| agent.sidecar.enabled | bool | `false` | sidecar enabled | +| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | +| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | +| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | +| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | +| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | +| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | +| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | +| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | +| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | +| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | +| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.time_zone | string | `""` | Time zone | +| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | +| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | +| agent.time_zone | string | `""` | Time zone | +| agent.tolerations | list | `[]` | tolerations | +| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | +| agent.version | string | `"v0.0.0"` | version of agent config | +| agent.volumeMounts | list | `[]` | volume mounts | +| agent.volumes | list | `[]` | volumes | +| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | +| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | +| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | +| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | +| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | +| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | +| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | +| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | +| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | +| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | +| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | +| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | +| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | +| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | +| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | +| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | +| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | +| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | +| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | +| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | +| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | +| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | +| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | +| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | +| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | +| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | +| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | +| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | +| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | +| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | +| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | +| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | +| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | +| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | +| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | +| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | +| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | +| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | +| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | +| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | +| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | +| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | +| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | +| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.image.tag | string | `"v1.7.9"` | docker image tag | +| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | +| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | +| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | +| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | +| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | +| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | +| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | +| defaults.observability.enabled | bool | `false` | observability features enabled | +| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | +| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | +| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | +| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | +| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | +| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | +| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | +| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | +| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | +| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | +| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | +| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | +| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | +| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | +| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | +| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | +| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | +| defaults.observability.trace.enabled | bool | `false` | trace enabled | +| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | +| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | +| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | +| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | +| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | +| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | +| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | +| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | +| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | +| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | +| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | +| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | +| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | +| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | +| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | +| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | +| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | +| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | +| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | +| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | +| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | +| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | +| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | +| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | +| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | +| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | +| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | +| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | +| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | +| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | +| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | +| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | +| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | +| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | +| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | +| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | +| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | +| defaults.server_config.healths.startup.port | int | `3000` | startup server port | +| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | +| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | +| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | +| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | +| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | +| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | +| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | +| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | +| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | +| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | +| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | +| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | +| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | +| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | +| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | +| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | +| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | +| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | +| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | +| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | +| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | +| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | +| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | +| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | +| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | +| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | +| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | +| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | +| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | +| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | +| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | +| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | +| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | +| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | +| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | +| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | +| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | +| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | +| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | +| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | +| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | +| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | +| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | +| defaults.server_config.servers.rest.port | int | `8080` | REST server port | +| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | +| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | +| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | +| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | +| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | +| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | +| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | +| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | +| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | +| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | +| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.time_zone | string | `"UTC"` | Time zone | +| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| discoverer.annotations | object | `{}` | deployment annotations | +| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | +| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | +| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | +| discoverer.discoverer.name | string | `""` | name to discovery | +| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | +| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | +| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | +| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | +| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | +| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | +| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | +| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | +| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | +| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | +| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | +| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | +| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | +| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | +| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | +| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | +| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | +| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | +| discoverer.enabled | bool | `true` | discoverer enabled | +| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| discoverer.hpa.enabled | bool | `false` | HPA enabled | +| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | +| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | +| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| discoverer.initContainers | list | `[]` | init containers | +| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | +| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | +| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | +| discoverer.nodeName | string | `""` | node name | +| discoverer.nodeSelector | object | `{}` | node selector | +| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | +| discoverer.podAnnotations | object | `{}` | pod annotations | +| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | +| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | +| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | +| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| discoverer.service.annotations | object | `{}` | service annotations | +| discoverer.service.labels | object | `{}` | service labels | +| discoverer.serviceAccount.enabled | bool | `true` | creates service account | +| discoverer.serviceAccount.name | string | `"vald"` | name of service account | +| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| discoverer.time_zone | string | `""` | Time zone | +| discoverer.tolerations | list | `[]` | tolerations | +| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | +| discoverer.version | string | `"v0.0.0"` | version of discoverer config | +| discoverer.volumeMounts | list | `[]` | volume mounts | +| discoverer.volumes | list | `[]` | volumes | +| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.filter.annotations | object | `{}` | deployment annotations | +| gateway.filter.enabled | bool | `false` | gateway enabled | +| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | +| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | +| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | +| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | +| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | +| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | +| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | +| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | +| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | +| gateway.filter.nodeName | string | `""` | node name | +| gateway.filter.nodeSelector | object | `{}` | node selector | +| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.filter.podAnnotations | object | `{}` | pod annotations | +| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.filter.service.annotations | object | `{}` | service annotations | +| gateway.filter.service.labels | object | `{}` | service labels | +| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.filter.time_zone | string | `""` | Time zone | +| gateway.filter.tolerations | list | `[]` | tolerations | +| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | +| gateway.filter.volumeMounts | list | `[]` | volume mounts | +| gateway.filter.volumes | list | `[]` | volumes | +| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.lb.annotations | object | `{}` | deployment annotations | +| gateway.lb.enabled | bool | `true` | gateway enabled | +| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | +| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | +| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | +| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | +| gateway.lb.gateway_config.node_name | string | `""` | node name | +| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | +| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | +| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | +| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | +| gateway.lb.nodeName | string | `""` | node name | +| gateway.lb.nodeSelector | object | `{}` | node selector | +| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.lb.podAnnotations | object | `{}` | pod annotations | +| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.lb.service.annotations | object | `{}` | service annotations | +| gateway.lb.service.labels | object | `{}` | service labels | +| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.lb.time_zone | string | `""` | Time zone | +| gateway.lb.tolerations | list | `[]` | tolerations | +| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | +| gateway.lb.volumeMounts | list | `[]` | volume mounts | +| gateway.lb.volumes | list | `[]` | volumes | +| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | +| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| manager.index.annotations | object | `{}` | deployment annotations | +| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | +| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.corrector.image.pullPolicy | string | `"Always"` | | +| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | +| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | +| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | +| manager.index.corrector.node_name | string | `""` | node name | +| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | +| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | +| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | +| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | +| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.creator.concurrency | int | `1` | concurrency for indexing | +| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | +| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.creator.image.pullPolicy | string | `"Always"` | | +| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | +| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | +| manager.index.creator.node_name | string | `""` | node name | +| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | +| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | +| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | +| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.enabled | bool | `true` | index manager enabled | +| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | +| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | +| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | +| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | +| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | +| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | +| manager.index.indexer.concurrency | int | `1` | concurrency | +| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.indexer.node_name | string | `""` | node name | +| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | +| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | +| manager.index.nodeName | string | `""` | node name | +| manager.index.nodeSelector | object | `{}` | node selector | +| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | +| manager.index.podAnnotations | object | `{}` | pod annotations | +| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | +| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | +| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| manager.index.readreplica.rotator | object | `{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}},"podSecurityContext":{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"read_replica_id":"_MY_TARGET_REPLICA_ID_","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}` | [This feature is work in progress] readreplica agents rotation job | +| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | +| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | +| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | +| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | +| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | +| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}}` | observability config (overrides defaults.observability) | +| manager.index.readreplica.rotator.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | +| manager.index.readreplica.rotator.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | +| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | +| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | +| manager.index.replicas | int | `1` | number of replicas | +| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | +| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.saver.concurrency | int | `1` | concurrency for index saving | +| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.saver.enabled | bool | `false` | enable index save CronJob | +| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.saver.image.pullPolicy | string | `"Always"` | | +| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | +| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | +| manager.index.saver.node_name | string | `""` | node name | +| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | +| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | +| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | +| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.service.annotations | object | `{}` | service annotations | +| manager.index.service.labels | object | `{}` | service labels | +| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| manager.index.time_zone | string | `""` | Time zone | +| manager.index.tolerations | list | `[]` | tolerations | +| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | +| manager.index.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.volumeMounts | list | `[]` | volume mounts | +| manager.index.volumes | list | `[]` | volumes | From 74325daa9137e66a29eec233ce490cfd6bbf5625 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Thu, 7 Dec 2023 01:51:57 +0000 Subject: [PATCH 48/51] Add networkpolicy --- .../agent/readreplica/deployment.yaml | 4 +- .../agent/readreplica/networkpolicy.yaml | 79 +++++++++++++++++++ .../vald/templates/agent/readreplica/svc.yaml | 2 +- charts/vald/values.yaml | 3 + 4 files changed, 85 insertions(+), 3 deletions(-) create mode 100644 charts/vald/templates/agent/readreplica/networkpolicy.yaml diff --git a/charts/vald/templates/agent/readreplica/deployment.yaml b/charts/vald/templates/agent/readreplica/deployment.yaml index 3fa388d49a..876182dbb2 100644 --- a/charts/vald/templates/agent/readreplica/deployment.yaml +++ b/charts/vald/templates/agent/readreplica/deployment.yaml @@ -36,7 +36,7 @@ metadata: app.kubernetes.io/managed-by: {{ $release.Service }} app.kubernetes.io/instance: {{ $release.Name }} app.kubernetes.io/version: {{ $chart.Version }} - app.kubernetes.io/component: agent-replica + app.kubernetes.io/component: {{ $readreplica.component_name }} {{ $readreplica.label_key }}: "{{ $id }}" {{- if $agent.annotations }} annotations: @@ -57,7 +57,7 @@ spec: app: {{ $readreplica.name }}-{{ $id }} app.kubernetes.io/name: {{ $valdname }} app.kubernetes.io/instance: {{ $release.Name }} - app.kubernetes.io/component: agent-replica + app.kubernetes.io/component: {{ $readreplica.component_name }} {{- $pprof := default $defaults.server_config.metrics.pprof $agent.server_config.metrics.pprof }} spec: {{- if $agent.initContainers }} diff --git a/charts/vald/templates/agent/readreplica/networkpolicy.yaml b/charts/vald/templates/agent/readreplica/networkpolicy.yaml new file mode 100644 index 0000000000..e4d523edd6 --- /dev/null +++ b/charts/vald/templates/agent/readreplica/networkpolicy.yaml @@ -0,0 +1,79 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +{{- $agent := .Values.agent -}} +{{- $readreplica := .Values.agent.readreplica -}} +{{- $lb := .Values.gateway.lb -}} +{{- $index := .Values.manager.index -}} +{{- $corrector := .Values.manager.index.corrector -}} +{{- $creator := .Values.manager.index.creator -}} +{{- $saver := .Values.manager.index.saver -}} +{{- if .Values.defaults.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: agent-readreplica-allow +spec: + podSelector: + matchLabels: + app: {{ $readreplica.name }} + policyTypes: + - Ingress + - Egress + ingress: + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: + app: {{ $lb.name }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: + app: {{ $index.name }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: + app: {{ $corrector.name }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: + app: {{ $creator.name }} + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ .Release.Namespace }} + podSelector: + matchLabels: + app: {{ $saver.name }} + {{- if .Values.defaults.networkPolicy.custom.ingress }} + {{- toYaml .Values.defaults.networkPolicy.custom.ingress | nindent 4 }} + {{- end }} + egress: + - to: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: kube-system + {{- if .Values.defaults.networkPolicy.custom.egress }} + {{- toYaml .Values.defaults.networkPolicy.custom.egress | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/vald/templates/agent/readreplica/svc.yaml b/charts/vald/templates/agent/readreplica/svc.yaml index b38a3a85cf..441c00c5cb 100644 --- a/charts/vald/templates/agent/readreplica/svc.yaml +++ b/charts/vald/templates/agent/readreplica/svc.yaml @@ -38,7 +38,7 @@ metadata: app.kubernetes.io/managed-by: {{ $release.Service }} app.kubernetes.io/instance: {{ $release.Name }} app.kubernetes.io/version: {{ $chart.Version }} - app.kubernetes.io/component: agent-replica + app.kubernetes.io/component: {{ $readreplica.component_name }} {{ $readreplica.label_key }}: "{{ $id }}" {{- if $agent.service.labels }} {{- toYaml $agent.service.labels | nindent 4 }} diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index e486d58430..fff65e59f4 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -1642,6 +1642,9 @@ agent: # @schema {"name": "agent.readreplica.name", "type": "string"} # agent.readreplica.name -- name of agent readreplica name: vald-agent-ngt-readreplica + # @schema {"name": "agent.readreplica.component_name", "type": "string"} + # agent.readreplica.component_name -- app.kubernetes.io/component name of agent readreplica + component_name: agent-readreplica # @schema {"name": "agent.readreplica.label_key", "type": "string"} # agent.readreplica.label_key -- label key to identify read replica resources label_key: vald-readreplica-id From 4a5ecd47aa8d411b5fb903c0dafe25c869f9a5a9 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Thu, 7 Dec 2023 01:57:48 +0000 Subject: [PATCH 49/51] Update docs --- charts/vald/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/vald/README.md b/charts/vald/README.md index 8ced7f5590..17b02a0e00 100644 --- a/charts/vald/README.md +++ b/charts/vald/README.md @@ -109,7 +109,8 @@ Run the following command to install the chart, | agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | | agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | | agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| agent.readreplica | object | `{"enabled":false,"label_key":"vald-readreplica-id","name":"vald-agent-ngt-readreplica","replica":2,"service":{"annotations":{}},"snapshot_classname":"","volume_name":"vald-agent-ngt-readreplica-pvc"}` | readreplica deployment annotations | +| agent.readreplica | object | `{"component_name":"agent-readreplica","enabled":false,"label_key":"vald-readreplica-id","name":"vald-agent-ngt-readreplica","replica":2,"service":{"annotations":{}},"snapshot_classname":"","volume_name":"vald-agent-ngt-readreplica-pvc"}` | readreplica deployment annotations | +| agent.readreplica.component_name | string | `"agent-readreplica"` | app.kubernetes.io/component name of agent readreplica | | agent.readreplica.enabled | bool | `false` | [This feature is WORK IN PROGRESS]enable agent readreplica | | agent.readreplica.label_key | string | `"vald-readreplica-id"` | label key to identify read replica resources | | agent.readreplica.name | string | `"vald-agent-ngt-readreplica"` | name of agent readreplica | From a5ea4dfdaea8c6a74999c9ebeef217072c6ca488 Mon Sep 17 00:00:00 2001 From: ykadowak Date: Thu, 7 Dec 2023 02:20:41 +0000 Subject: [PATCH 50/51] Update network policy selector label --- charts/vald/templates/agent/readreplica/networkpolicy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/vald/templates/agent/readreplica/networkpolicy.yaml b/charts/vald/templates/agent/readreplica/networkpolicy.yaml index e4d523edd6..a79b893404 100644 --- a/charts/vald/templates/agent/readreplica/networkpolicy.yaml +++ b/charts/vald/templates/agent/readreplica/networkpolicy.yaml @@ -29,7 +29,7 @@ metadata: spec: podSelector: matchLabels: - app: {{ $readreplica.name }} + app.kubernetes.io/component: {{ $readreplica.component_name }} policyTypes: - Ingress - Egress From 8abde31b65b6a329a415591d971711858cb565ce Mon Sep 17 00:00:00 2001 From: ykadowak Date: Thu, 7 Dec 2023 06:41:54 +0000 Subject: [PATCH 51/51] Apply format --- dockers/index/job/readreplica/rotate/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/dockers/index/job/readreplica/rotate/Dockerfile b/dockers/index/job/readreplica/rotate/Dockerfile index 20531bf974..ec58412731 100644 --- a/dockers/index/job/readreplica/rotate/Dockerfile +++ b/dockers/index/job/readreplica/rotate/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:latest # # Copyright (C) 2019-2023 vdaas.org vald team #