mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-12-11 14:53:49 +00:00
919 lines
19 KiB
Markdown
919 lines
19 KiB
Markdown
|
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.34.8](https://img.shields.io/badge/Version-0.34.8-informational?style=flat-square)
|
||
|
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/victoriametrics)](https://artifacthub.io/packages/helm/victoriametrics/victoria-metrics-operator)
|
||
|
|
||
|
Victoria Metrics Operator
|
||
|
|
||
|
## Prerequisites
|
||
|
|
||
|
* Install the follow packages: ``git``, ``kubectl``, ``helm``, ``helm-docs``. See this [tutorial](../../REQUIREMENTS.md).
|
||
|
* PV support on underlying infrastructure.
|
||
|
|
||
|
## ArgoCD issues
|
||
|
|
||
|
When running operator using ArgoCD without Cert Manager (`.Values.admissionWebhooks.certManager.enabled: false`) it will rerender webhook certificates
|
||
|
on each sync since Helm `lookup` function is not respected by ArgoCD. To prevent this please update you operator Application `spec.syncPolicy` and `spec.ignoreDifferences` with a following:
|
||
|
|
||
|
```yaml
|
||
|
apiVersion: argoproj.io/v1alpha1
|
||
|
kind: Application
|
||
|
...
|
||
|
spec:
|
||
|
...
|
||
|
syncPolicy:
|
||
|
syncOptions:
|
||
|
# https://argo-cd.readthedocs.io/en/stable/user-guide/sync-options/#respect-ignore-difference-configs
|
||
|
# argocd must also ignore difference during apply stage
|
||
|
# otherwise it ll silently override changes and cause a problem
|
||
|
- RespectIgnoreDifferences=true
|
||
|
ignoreDifferences:
|
||
|
- group: ""
|
||
|
kind: Secret
|
||
|
name: <fullname>-validation
|
||
|
namespace: kube-system
|
||
|
jsonPointers:
|
||
|
- /data
|
||
|
- group: admissionregistration.k8s.io
|
||
|
kind: ValidatingWebhookConfiguration
|
||
|
name: <fullname>-admission
|
||
|
jqPathExpressions:
|
||
|
- '.webhooks[]?.clientConfig.caBundle'
|
||
|
```
|
||
|
where `<fullname>` is output of `{{ include "vm-operator.fullname" }}` for your setup
|
||
|
|
||
|
## Upgrade guide
|
||
|
|
||
|
During release an issue with helm CRD was discovered. So for upgrade from version less then 0.1.3 you have to two options:
|
||
|
1) use helm management for CRD, enabled by default.
|
||
|
2) use own management system, need to add variable: --set createCRD=false.
|
||
|
|
||
|
If you choose helm management, following steps must be done before upgrade:
|
||
|
|
||
|
1) define namespace and helm release name variables
|
||
|
|
||
|
```
|
||
|
export NAMESPACE=default
|
||
|
export RELEASE_NAME=operator
|
||
|
```
|
||
|
|
||
|
execute kubectl commands:
|
||
|
|
||
|
```
|
||
|
kubectl get crd | grep victoriametrics.com | awk '{print $1 }' | xargs -i kubectl label crd {} app.kubernetes.io/managed-by=Helm --overwrite
|
||
|
kubectl get crd | grep victoriametrics.com | awk '{print $1 }' | xargs -i kubectl annotate crd {} meta.helm.sh/release-namespace="$NAMESPACE" meta.helm.sh/release-name="$RELEASE_NAME" --overwrite
|
||
|
```
|
||
|
|
||
|
run helm upgrade command.
|
||
|
|
||
|
## Chart Details
|
||
|
|
||
|
This chart will do the following:
|
||
|
|
||
|
* Rollout victoria metrics operator
|
||
|
|
||
|
## How to install
|
||
|
|
||
|
Access a Kubernetes cluster.
|
||
|
|
||
|
### Setup chart repository (can be omitted for OCI repositories)
|
||
|
|
||
|
Add a chart helm repository with follow commands:
|
||
|
|
||
|
```console
|
||
|
helm repo add vm https://victoriametrics.github.io/helm-charts/
|
||
|
|
||
|
helm repo update
|
||
|
```
|
||
|
List versions of `vm/victoria-metrics-operator` chart available to installation:
|
||
|
|
||
|
```console
|
||
|
helm search repo vm/victoria-metrics-operator -l
|
||
|
```
|
||
|
|
||
|
### Install `victoria-metrics-operator` chart
|
||
|
|
||
|
Export default values of `victoria-metrics-operator` chart to file `values.yaml`:
|
||
|
|
||
|
- For HTTPS repository
|
||
|
|
||
|
```console
|
||
|
helm show values vm/victoria-metrics-operator > values.yaml
|
||
|
```
|
||
|
- For OCI repository
|
||
|
|
||
|
```console
|
||
|
helm show values oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-operator > values.yaml
|
||
|
```
|
||
|
|
||
|
Change the values according to the need of the environment in ``values.yaml`` file.
|
||
|
|
||
|
Test the installation with command:
|
||
|
|
||
|
- For HTTPS repository
|
||
|
|
||
|
```console
|
||
|
helm install vmo vm/victoria-metrics-operator -f values.yaml -n NAMESPACE --debug --dry-run
|
||
|
```
|
||
|
|
||
|
- For OCI repository
|
||
|
|
||
|
```console
|
||
|
helm install vmo oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-operator -f values.yaml -n NAMESPACE --debug --dry-run
|
||
|
```
|
||
|
|
||
|
Install chart with command:
|
||
|
|
||
|
- For HTTPS repository
|
||
|
|
||
|
```console
|
||
|
helm install vmo vm/victoria-metrics-operator -f values.yaml -n NAMESPACE
|
||
|
```
|
||
|
|
||
|
- For OCI repository
|
||
|
|
||
|
```console
|
||
|
helm install vmo oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-operator -f values.yaml -n NAMESPACE
|
||
|
```
|
||
|
|
||
|
Get the pods lists by running this commands:
|
||
|
|
||
|
```console
|
||
|
kubectl get pods -A | grep 'vmo'
|
||
|
```
|
||
|
|
||
|
Get the application by running this command:
|
||
|
|
||
|
```console
|
||
|
helm list -f vmo -n NAMESPACE
|
||
|
```
|
||
|
|
||
|
See the history of versions of `vmo` application with command.
|
||
|
|
||
|
```console
|
||
|
helm history vmo -n NAMESPACE
|
||
|
```
|
||
|
|
||
|
## Validation webhook
|
||
|
|
||
|
Its possible to use validation of created resources with operator. For now, you need cert-manager to easily certificate management https://cert-manager.io/docs/
|
||
|
|
||
|
```yaml
|
||
|
admissionWebhooks:
|
||
|
enabled: true
|
||
|
# what to do in case, when operator not available to validate request.
|
||
|
certManager:
|
||
|
# enables cert creation and injection by cert-manager
|
||
|
enabled: true
|
||
|
```
|
||
|
|
||
|
## How to uninstall
|
||
|
|
||
|
Remove application with command.
|
||
|
|
||
|
```console
|
||
|
helm uninstall vmo -n NAMESPACE
|
||
|
```
|
||
|
|
||
|
## Documentation of Helm Chart
|
||
|
|
||
|
Install ``helm-docs`` following the instructions on this [tutorial](../../REQUIREMENTS.md).
|
||
|
|
||
|
Generate docs with ``helm-docs`` command.
|
||
|
|
||
|
```bash
|
||
|
cd charts/victoria-metrics-operator
|
||
|
|
||
|
helm-docs
|
||
|
```
|
||
|
|
||
|
The markdown generation is entirely go template driven. The tool parses metadata from charts and generates a number of sub-templates that can be referenced in a template file (by default ``README.md.gotmpl``). If no template file is provided, the tool has a default internal template that will generate a reasonably formatted README.
|
||
|
|
||
|
## Parameters
|
||
|
|
||
|
The following tables lists the configurable parameters of the chart and their default values.
|
||
|
|
||
|
Change the values according to the need of the environment in ``victoria-metrics-operator/values.yaml`` file.
|
||
|
|
||
|
<table>
|
||
|
<thead>
|
||
|
<th>Key</th>
|
||
|
<th>Type</th>
|
||
|
<th>Default</th>
|
||
|
<th>Description</th>
|
||
|
</thead>
|
||
|
<tbody>
|
||
|
<tr>
|
||
|
<td>admissionWebhooks</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
certManager:
|
||
|
enabled: false
|
||
|
issuer: {}
|
||
|
enabled: true
|
||
|
enabledCRDValidation:
|
||
|
vlogs: true
|
||
|
vmagent: true
|
||
|
vmalert: true
|
||
|
vmalertmanager: true
|
||
|
vmalertmanagerconfig: true
|
||
|
vmauth: true
|
||
|
vmcluster: true
|
||
|
vmrule: true
|
||
|
vmsingle: true
|
||
|
vmuser: true
|
||
|
keepTLSSecret: true
|
||
|
policy: Fail
|
||
|
tls:
|
||
|
caCert: null
|
||
|
cert: null
|
||
|
key: null
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Configures resource validation</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>admissionWebhooks.certManager</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
enabled: false
|
||
|
issuer: {}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>with keys: tls.key, tls.crt, ca.crt</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>admissionWebhooks.certManager.enabled</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
false
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Enables cert creation and injection by cert-manager.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>admissionWebhooks.certManager.issuer</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>If needed, provide own issuer. Operator will create self-signed if empty.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>admissionWebhooks.enabled</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
true
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Enables validation webhook.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>admissionWebhooks.policy</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
Fail
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>What to do in case, when operator not available to validate request.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>affinity</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Pod affinity</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>annotations</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Annotations to be added to the all resources</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>crd.cleanup.enabled</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
false
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Tells helm to clean up all the vm resources under this release’s namespace when uninstalling</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>crd.cleanup.image</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
pullPolicy: IfNotPresent
|
||
|
repository: bitnami/kubectl
|
||
|
tag: ""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Image configuration for CRD cleanup Job</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>crd.create</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
true
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>with this option, if you remove this chart, all crd resources will be deleted with it.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>env</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>extra settings for the operator deployment. Full list <a href="https://docs.victoriametrics.com/operator/vars" target="_blank">here</a></p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>envFrom</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>extraArgs</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>operator container additional commandline arguments</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>extraContainers</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>extraHostPathMounts</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Additional hostPath mounts</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>extraLabels</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Labels to be added to the all resources</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>extraObjects</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Add extra specs dynamically to this chart</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>extraVolumeMounts</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Extra Volume Mounts for the container</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>extraVolumes</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Extra Volumes for the pod</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>fullnameOverride</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Overrides the full name of server component</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>global.cluster.dnsDomain</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
cluster.local
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>global.image.registry</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>global.imagePullSecrets</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>image</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
pullPolicy: IfNotPresent
|
||
|
registry: ""
|
||
|
repository: victoriametrics/operator
|
||
|
tag: ""
|
||
|
variant: ""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>operator image configuration</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>image.pullPolicy</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
IfNotPresent
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Image pull policy</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>image.registry</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Image registry</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>image.repository</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
victoriametrics/operator
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Image repository</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>image.tag</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Image tag override Chart.AppVersion</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>imagePullSecrets</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Secret to pull images</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>logLevel</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
info
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>possible values: info and error.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>nameOverride</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>VM operatror deployment name override</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>nodeSelector</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Pod’s node selector. Details are <a href="https://kubernetes.io/docs/user-guide/node-selection/" target="_blank">here</a></p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>operator.disable_prometheus_converter</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
false
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>By default, operator converts prometheus-operator objects.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>operator.enable_converter_ownership</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
false
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Enables ownership reference for converted prometheus-operator objects, it will remove corresponding victoria-metrics objects in case of deletion prometheus one.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>operator.prometheus_converter_add_argocd_ignore_annotations</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
false
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Compare-options and sync-options for prometheus objects converted by operator for properly use with ArgoCD</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>operator.useCustomConfigReloader</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
false
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Enables custom config-reloader, bundled with operator. It should reduce vmagent and vmauth config sync-time and make it predictable.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>podDisruptionBudget</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
enabled: false
|
||
|
labels: {}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>See <code>kubectl explain poddisruptionbudget.spec</code> for more or check <a href="https://kubernetes.io/docs/tasks/run-application/configure-pdb/" target="_blank">these docs</a></p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>podLabels</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>podSecurityContext</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>probe.liveness</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
failureThreshold: 3
|
||
|
initialDelaySeconds: 5
|
||
|
periodSeconds: 15
|
||
|
tcpSocket:
|
||
|
port: probe
|
||
|
timeoutSeconds: 5
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Liveness probe</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>probe.readiness</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
failureThreshold: 3
|
||
|
httpGet:
|
||
|
port: probe
|
||
|
initialDelaySeconds: 5
|
||
|
periodSeconds: 15
|
||
|
timeoutSeconds: 5
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Readiness probe</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>probe.startup</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Startup probe</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>rbac.aggregatedClusterRoles</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
enabled: true
|
||
|
labels:
|
||
|
admin:
|
||
|
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
||
|
view:
|
||
|
rbac.authorization.k8s.io/aggregate-to-view: "true"
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>create aggregated clusterRoles for CRD readonly and admin permissions</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>rbac.aggregatedClusterRoles.labels</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
admin:
|
||
|
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
||
|
view:
|
||
|
rbac.authorization.k8s.io/aggregate-to-view: "true"
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>labels attached to according clusterRole</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>rbac.create</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
true
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Specifies whether the RBAC resources should be created</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>replicaCount</td>
|
||
|
<td>int</td>
|
||
|
<td><pre lang="">
|
||
|
1
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>resources</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Resource object</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>securityContext</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.annotations</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.clusterIP</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.externalIPs</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.externalTrafficPolicy</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.healthCheckNodePort</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.ipFamilies</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.ipFamilyPolicy</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.labels</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
{}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.loadBalancerIP</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.loadBalancerSourceRanges</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.servicePort</td>
|
||
|
<td>int</td>
|
||
|
<td><pre lang="">
|
||
|
8080
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.type</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
ClusterIP
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>service.webhookPort</td>
|
||
|
<td>int</td>
|
||
|
<td><pre lang="">
|
||
|
9443
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>serviceAccount.create</td>
|
||
|
<td>bool</td>
|
||
|
<td><pre lang="">
|
||
|
true
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Specifies whether a service account should be created</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>serviceAccount.name</td>
|
||
|
<td>string</td>
|
||
|
<td><pre lang="">
|
||
|
""
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>The name of the service account to use. If not set and create is true, a name is generated using the fullname template</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>serviceMonitor</td>
|
||
|
<td>object</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
annotations: {}
|
||
|
basicAuth: {}
|
||
|
enabled: false
|
||
|
extraLabels: {}
|
||
|
interval: ""
|
||
|
relabelings: []
|
||
|
scheme: ""
|
||
|
scrapeTimeout: ""
|
||
|
tlsConfig: {}
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>configures monitoring with serviceScrape. VMServiceScrape must be pre-installed</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>tolerations</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Array of tolerations object. Spec is <a href="https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" target="_blank">here</a></p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>topologySpreadConstraints</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>Pod Topology Spread Constraints. Spec is <a href="https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/" target="_blank">here</a></p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>watchNamespaces</td>
|
||
|
<td>list</td>
|
||
|
<td><pre lang="plaintext">
|
||
|
[]
|
||
|
</pre>
|
||
|
</td>
|
||
|
<td><p>By default, the operator will watch all the namespaces If you want to override this behavior, specify the namespace. Operator supports multiple namespaces for watching.</p>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
|