-
Notifications
You must be signed in to change notification settings - Fork 28
/
values.yaml
318 lines (284 loc) · 9.73 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
# Default values for node-red.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# -- Specifies the strategy used to replace old Pods by new ones, default: `RollingUpdate`
deploymentStrategy: ""
image:
# -- The image registry to pull from
registry: docker.io
# -- The image repository to pull from
repository: nodered/node-red
# -- The image pull policy
pullPolicy: IfNotPresent
# -- The image tag to pull, default: `Chart.appVersion`
tag: ""
rbac:
# If enabled, roles will be created and bound to the service account. default: true
enabled: true
# -- Create a ClusterRole resource for the node-red pod. default: false
createClusterRole: false
# -- The image pull secrets
imagePullSecrets: ""
# -- Provide a name in place of node-red
nameOverride: ""
# -- String to fully override "node-red.fullname"
fullnameOverride: ""
npmrc:
# -- Enable custom npmrc config
enabled: false
# -- Configuration to use any compatible registry
registry: "https://registry.npmjs.org"
# -- Configuration to add custom npmrc config
content: |
# Custom npmrc config
# -- node-red env, see more environment variables in the [node-red documentation](https://nodered.org/docs/getting-started/docker)
env: []
# Possible Values:
# TZ:
# NODE_OPTIONS:
# NODE_RED_ENABLE_PROJECTS:
# NODE_RED_ENABLE_SAFE_MODE:
# FLOWS:
# example:
# env:
# - name: "NODE_RED_ENABLE_SAFE_MODE"
# value: ""
envFrom: []
# Possible values:
# - secretRef:
# name: node-red-env
serviceAccount:
# Specifies whether a service account should be created
# -- Create service account
create: true
# Annotations to add to the service account
# -- Additional ServiceAccount annotations
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
# -- Service account name to use, when empty will be set to created account if
name: ""
# -- Pod annotations
podAnnotations: {}
# -- Deployment annotations
deploymentAnnotations: {}
# -- Pod Security Context see [values.yaml](values.yaml)
podSecurityContext:
# -- node-red group is 1000
fsGroup: 1000
# -- node-red user is 1000
runAsUser: 1000
# -- Security Context see [values.yaml](values.yaml)
securityContext:
privileged: false
runAsNonRoot: true
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsGroup: 10003
runAsUser: 10003
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
service:
# -- Kubernetes service type
type: ClusterIP
# -- Kubernetes port where service is exposed
port: 1880
# -- Annotations for the service
annotations: {}
# Enable Service-Monitor for node-red
metrics:
# -- Deploy metrics service
enabled: false
path: /metrics
serviceMonitor:
# -- Enable a prometheus ServiceMonitor
enabled: false
# -- Prometheus basicAuth configuration for ServiceMonitor endpoint
basicAuth: {}
# -- Prometheus ServiceMonitor interval
interval: 30s
# -- Prometheus [RelabelConfigs] to apply to samples before scraping
relabelings: []
# -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion
metricRelabelings: []
# -- Prometheus ServiceMonitor selector
selector: {}
# prometheus: kube-prometheus
# -- Prometheus ServiceMonitor namespace
namespace: "" # "monitoring"
# -- Prometheus ServiceMonitor labels
additionalLabels: {}
persistence:
# -- Use persistent volume to store data
enabled: false
## node-red data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# -- Type of persistent volume claim
# storageClass: "-"
##
## If you want to reuse an existing claim, you can pass the name of the PVC using
## the existingClaim variable
# -- Use an existing PVC to persist data
# existingClaim: your-claim
# -- Persistence access mode
accessMode: ReadWriteOnce
# -- Size of persistent volume claim
size: 5Gi
# -- ## Keep a created Persistent volume claim when uninstalling the helm chart (default: false)
keepPVC: false
# -- containers which are run before the app containers are started
initContainers: []
ingress:
# -- Enable an ingress resource for the server
enabled: false
# -- Defines which ingress controller will implement the resource
className: ""
# -- Additional ingress annotations
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
# Ingress accepted hostnames
- host: chart-example.local
paths:
# -- The base path
- path: /
# -- Ingress type of path
pathType: ImplementationSpecific
# -- Ingress TLS configuration
tls: []
# -- Secret name for the certificate
# - secretName: chart-example-tls
# -- Hostnames for the Ingress
# hosts:
# - chart-example.local
# -- Certificate used by the Cert-Manager
# certificate:
# -- Enable certificate
# enabled: true
# -- Name of the certificate default: `$fullname-cert-$index`
# name: ""
# -- Reference of ClusterIssuers or Issuer
# issuerRef:
# -- Kind of the Issuer
# kind: ClusterIssuer
# -- Name of the Issuer
# name: "test"
# -- Liveness probe for the Deployment
livenessProbe:
httpGet:
path: /
port: http
# -- Readiness probe for the Deployment
readinessProbe:
httpGet:
path: /
port: http
# -- CPU/Memory resource requests/limits
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
# -- Node selector
nodeSelector: {}
# -- Toleration labels for pod assignment
tolerations: []
# -- The terminationGracePeriodSeconds for the pod
# here we explicitly set the default value defined in kubernetes
# https://github.com/kubernetes/api/blob/d4b94f478bb2e6467873657dd7b4e1b0ac8351be/core/v1/types.go#L3114-L3118
terminationGracePeriodSeconds: 30
# -- The affinity constraint
affinity: {}
# -- Extra Volumes for the pod
extraVolumes:
# - name: pv-claim
# persistentVolumeClaim:
# claimName: task-pv-volume
# - name: example
# configMap:
# name: example
# -- Extra Volume Mounts for the node-red pod
extraVolumeMounts:
# - name: test
# mountPath: /test
# -- You can configure node-red using a settings file. default: {}
settings: {}
# Details about the content of the settings.js, you can lookup under
# https://nodered.org/docs/user-guide/runtime/settings-file
# The ConfigMap should already exist and the key must be named `settings.js`
# name: settings-config
# configMapName: settings-config
# -- Labels to add to the node-red pod. default: {}
podLabels: {}
# -- You can configure extra sidecars containers to run alongside the node-red pod. default: []
extraSidecars: []
# - name: sidecar-example
# image: busybox
# command: ["/bin/sh", "-c", "echo hello from sidecar"]
## -- Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource.
clusterRoleRules:
# -- Enable custom rules for the application controller's ClusterRole resource default: false
enabled: false
# -- List of custom rules for the application controller's ClusterRole resource default: []
rules: []
# Sidecar that collect the configmaps with specified label and stores the included files into the given folder
sidecar:
# -- Enable the sidecar
enabled: false
# Env variables to pass to the sidecar
env:
# -- Set the sleep time for refresh script
sleep_time_sidecar: 5s
# -- If METHOD is set to LIST, the sidecar will just list config-maps/secrets and exit. With SLEEP it will list all config-maps/secrets, then sleep for SLEEP_TIME seconds. Anything else will continuously watch for changes (see https://kubernetes.io/docs/reference/using-api/api-concepts/#efficient-detection-of-changes).
method: watch
# -- Label that should be used for filtering
label: node-red-settings
# -- The value for the label you want to filter your resources on. Don't set a value to filter by any value
label_value: "1"
# -- Absolute path to shell script to execute after a configmap got reloaded.
script: flow_refresh.py
# The username for the API Call, check node-red documentation for more information
username: ""
# -- Password as key value pair
password: ""
# -- Password from existing secret
passwordFromExistingSecret: {}
# -- Name of the secret that contains the password
# name: node-red-api-admin-password
# -- Key of the secret that contains the password
# key: password
# -- Extra Node-Modules that will be installed from the sidecar script
extraNodeModules: []
# -- Extra Environments for the sidecar
extraEnv: []
# -- Resources for the sidecar
resources: {}
# -- Security context for the sidecar
securityContext: {}
# Image for the sidecar
image:
# -- The image registry to pull the sidecar from
registry: quay.io
# -- The image repository to pull from
repository: kiwigrid/k8s-sidecar
# -- The image tag to pull, default: `1.28.0`
tag: 1.28.0
# -- The image pull policy, default: `IfNotPresent`
pullPolicy: IfNotPresent
# -- The extra volume mounts for the sidecar
volumeMounts: []