andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/kasten/k10/6.0.401/values.schema.json

2647 lines
131 KiB
JSON
Raw Blame History

{
"$schema": "https://json-schema.org/draft/2019-09/schema",
"type": "object",
"properties": {
"rbac": {
"type": "object",
"title": "RBAC configuration",
"description": "Create RBAC seetings",
"properties": {
"create": {
"title": "Enable RBAC creation",
"description": "Toggle RBAC resource creation",
"type": "boolean",
"default": true
}
}
},
"serviceAccount": {
"type": "object",
"title": "ServiceAccount details",
"description": "Configure ServiceAccount",
"properties": {
"create": {
"type": "boolean",
"default": true,
"title": "Create a ServiceAccount",
"description": "Specifies whether a ServiceAccount should be created"
},
"name": {
"type": "string",
"default": "",
"title": "The name of the ServiceAccount",
"description": "The name of the ServiceAccount to use. If not set and create is true, a name is derived using the release and chart names"
}
}
},
"scc": {
"type": "object",
"title": "Security Context Constraints details",
"description": "Configure Security Context Constraints",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Create K10 SSC",
"description": "Whether to create a SecurityContextConstraints for K10 ServiceAccounts"
}
}
},
"networkPolicy": {
"type": "object",
"title": "NetworkPolicy details",
"description": "Configure NetworkPolicy",
"properties": {
"create": {
"type": "boolean",
"default": true,
"title": "Create NetworkPolicies",
"description": "Whether to create NetworkPolicies for the K10 services"
}
}
},
"global": {
"type": "object",
"title": "Global settings",
"properties": {
"image": {
"type": "object",
"title": "K10 image configurations",
"description": "Change K10 image settings",
"properties": {
"registry": {
"type": "string",
"default": "gcr.io/kasten-images",
"title": "K10 image registry",
"description": "Change default K10 image registry"
},
"tag": {
"type": "string",
"default": "",
"title": "K10 image tag",
"description": "Change default K10 tag"
},
"pullPolicy": {
"type": "string",
"default": "Always",
"title": "Container images pullPolicy",
"description": "Change default pullPolicy for all the images",
"enum": [
"IfNotPresent",
"Always",
"Never"
]
}
}
},
"airgapped": {
"type": "object",
"title": "Airgapped offline installation",
"description": "Configure Airgapped offline installation",
"properties": {
"repository": {
"type": "string",
"default": "",
"title": "helm repository",
"description": "The helm repository for offline (airgapped) installation"
}
}
},
"persistence": {
"type": "object",
"title": "Persistent Volume global details",
"description": "Configure global settings for Persistent Volume",
"properties": {
"mountPath": {
"type": "string",
"default": "/mnt/k10state",
"title": "Persistent Volume global mount path",
"description": "Change default path for Persistent Volume mount"
},
"enabled": {
"type": "boolean",
"default": true,
"title": "Enable Persistent Volume",
"description": "Create Persistent Volumes"
},
"storageClass": {
"type": "string",
"default": "",
"title": "Persistent Volume global Storageclass",
"description": "If set to '-', dynamic provisioning is disabled. If undefined (the default) or set to null, the default provisioner is used. (e.g gp2 on AWS, standard on GKE, AWS & OpenStack)"
},
"accessMode": {
"type": "string",
"default": "ReadWriteOnce",
"title": "Persistent Volume global AccessMode",
"description": "Change default AccessMode for Persistent Volumes",
"enum": [
"ReadWriteOnce",
"ReadOnlyMany",
"ReadWriteMany"
]
},
"size": {
"type": "string",
"default": "20Gi",
"title": "Persistent Volume size",
"description": "Change default size for Persistent Volumes"
},
"metering": {
"type": "object",
"title": "Metering service Persistent Volume details",
"description": "Configure Persistence Volume for metering service",
"properties": {
"size": {
"type": "string",
"default": "2Gi",
"title": "Metering service Persistent Volume size",
"description": "If not set, global.persistence.size is used"
}
}
},
"catalog": {
"type": "object",
"title": "Catalog service Persistent Volume details",
"description": "Configure Persistence Volume for catalog service",
"properties": {
"size": {
"type": "string",
"default": "",
"title": "Catalog service Persistent Volume size",
"description": "If not set, global.persistence.size is used."
}
}
},
"jobs": {
"type": "object",
"title": "Jobs service Persistent Volume details",
"description": "Configure Persistence Volume for jobs service",
"properties": {
"size": {
"type": "string",
"default": "",
"title": "Jobs service Persistent Volume size",
"description": "If not set, global.persistence.size is used."
}
}
},
"logging": {
"type": "object",
"title": "Logging service Persistent Volume details",
"description": "Configure Persistence Volume for logging service",
"properties": {
"size": {
"type": "string",
"default": "",
"title": "Logging service Persistent Volume size",
"description": "If not set, global.persistence.size is used."
}
}
},
"grafana": {
"type": "object",
"title": "Grafana service Persistent Volume details",
"description": "Configure Persistence Volume for grafana service",
"properties": {
"size": {
"type": "string",
"default": "5Gi",
"title": "Grafana service Persistent Volume size",
"description": "If not set, global.persistence.size is used."
}
}
}
}
},
"rhMarketPlace": {
"type": "boolean",
"default": false,
"title": "RedHat marketplace config",
"description": "Set it to true while generating helm operator"
},
"images": {
"type": "object",
"title": "Global image settings",
"properties": {
"admin": {
"type": "string",
"default": "",
"title": "Admin service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"aggregatedapis": {
"type": "string",
"default": "",
"title": "Aggregatedapis service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"ambassador": {
"type": "string",
"default": "",
"title": "Ambassador service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"auth": {
"type": "string",
"default": "",
"title": "Auth service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"bloblifecyclemanager": {
"type": "string",
"default": "",
"title": "Bloblifecyclemanager service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"catalog": {
"type": "string",
"default": "",
"title": "Catalog service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"cephtool": {
"type": "string",
"default": "",
"title": "Cephtool service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"configmap-reload": {
"type": "string",
"title": "Configmap-reload service container image",
"default": "",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"controllermanager": {
"type": "string",
"default": "",
"title": "Controllermanager service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"crypto": {
"type": "string",
"default": "",
"title": "Crypto service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"dashboardbff": {
"type": "string",
"default": "",
"title": "Dashboardbff service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"datamover": {
"type": "string",
"default": "",
"title": "Datamover service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"dex": {
"type": "string",
"default": "",
"title": "Dex service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"emissary": {
"type": "string",
"default": "",
"title": "Emissary service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"events": {
"type": "string",
"default": "",
"title": "Events service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"executor": {
"type": "string",
"default": "",
"title": "Executor service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"frontend": {
"type": "string",
"default": "",
"title": "Frontend service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"grafana": {
"type": "string",
"title": "Grafana service container image",
"default": "",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"init": {
"type": "string",
"title": "Generic init container image",
"default": "",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"jobs": {
"type": "string",
"default": "",
"title": "Jobs service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"kanister-tools": {
"type": "string",
"default": "",
"title": "Kanister-tools service container image",
"description": "Kanister-tools service container image contains set of tools, required for all kanister related operations. It is used for debug, troubleshooting, primer purposes as well"
},
"kanister": {
"type": "string",
"default": "",
"title": "Kanister service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"logging": {
"type": "string",
"default": "",
"title": "Logging service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"metering": {
"type": "string",
"default": "",
"title": "Metering service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"paygo_daemonset": {
"type": "string",
"default": "",
"title": "Paygo_daemonset service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"prometheus": {
"type": "string",
"default": "",
"title": "Prometheus service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"state": {
"type": "string",
"default": "",
"title": "State service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"upgrade": {
"type": "string",
"default": "",
"title": "Upgrade service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes. If not set, the image name is formed with '(global.airgapped.repository)|(global.image.registry)/<service-name>:(Chart.AppVersion)|(image.tag)'"
},
"vbrintegrationapi": {
"type": "string",
"default": "",
"title": "Vbrintegrationapi service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"garbagecollector": {
"type": "string",
"default": "",
"title": "Garbagecollector service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
},
"metric-sidecar": {
"type": "string",
"default": "",
"title": "Metric-sidecar service container image",
"description": "Used for packaging RedHat Operator. Setting this flag along with global.rhMarketPlace=true overrides the default image name. This flag is only for internal purposes."
}
}
},
"imagePullSecret": {
"type": "string",
"default": "",
"title": "Container image pull secret",
"description": "Secret which contains docker config for private repository. Use `k10-ecr` when secrets.dockerConfigPath is used."
},
"ingress": {
"type": "object",
"title": "Global Ingress settings",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Expose dashboard via ingress",
"description": "Whether the K10 dashboard should be exposed via ingress"
},
"urlPath": {
"type": "string",
"default": "",
"title": "URL path for ingress config",
"description": "Set URL path for ingress"
}
}
},
"route": {
"type": "object",
"title": "Global Route settings",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Expose dashboard via route",
"description": "Whether the K10 dashboard should be exposed via route"
},
"path": {
"type": "string",
"default": "",
"title": "Route path",
"description": "Set path for Route"
}
}
},
"prometheus": {
"type": "object",
"title": "Prometheus settings",
"description": "Global prometheus settings",
"properties": {
"external": {
"type": "object",
"title": "External prometheus settings",
"description": "Configure prometheus",
"properties": {
"host": {
"type": "string",
"default": "",
"title": "External prometheus host name",
"description": "Set prometheus host name"
},
"port": {
"type": "string",
"default": "",
"title": "External prometheus port number",
"description": "Set prometheus port number"
},
"baseURL": {
"type": "string",
"default": "",
"title": "External prometheus baseURL",
"description": "Set prometheus baseURL"
}
}
}
}
},
"network": {
"type": "object",
"title": "Network settings",
"description": "Global network settings",
"properties": {
"enable_ipv6": {
"type": "boolean",
"default": false,
"title": "Enable ipv6",
"description": "Set true to enable ipv6"
}
}
}
}
},
"route": {
"type": "object",
"title": "OpenShift route configuration",
"description": "Configure OpenShift Route",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Exposed dashboard via route",
"description": "Whether the K10 dashboard should be exposed via route"
},
"host": {
"type": "string",
"default": "",
"title": "Host name",
"description": "Set Host name for the route"
},
"path": {
"type": "string",
"default": "",
"title": "Route path",
"description": "Set Path for the route"
},
"annotations": {
"type": "object",
"default": {},
"title": "Route annotations",
"description": "Set annotations for the route",
"examples": [
{
"kubernetes.io/tls-acme": "true",
"haproxy.router.openshift.io/disable_cookies": "true",
"haproxy.router.openshift.io/balance": "roundrobin"
}
]
},
"labels": {
"type": "object",
"default": {},
"title": "Route label",
"description": "Set Labels for the route resource",
"examples": [
{
"foo": "bar"
}
]
},
"tls": {
"type": "object",
"title": "Route TLS configuration",
"description": "Set TLS configuration for the route",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable TLS",
"description": "Whether to enable TLS"
},
"insecureEdgeTerminationPolicy": {
"type": "string",
"default": "Redirect",
"title": "Route Termination Policy",
"description": "What to do in case of an insecure traffic edge termination",
"enum": [
"None",
"Allow",
"Redirect",
""
]
},
"termination": {
"type": "string",
"default": "edge",
"title": "Termination Schema",
"description": "Set termination Schema",
"enum": [
"edge",
"passthrough",
"reencrypt"
]
}
}
}
}
},
"toolsImage": {
"type": "object",
"title": "Tools image config",
"description": "Set tools image settings",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "Enable tools image",
"description": "Whether to enable tools image"
},
"pullPolicy": {
"type": "string",
"default": "Always",
"title": "Tools image pullPolicy",
"description": "Change tools image pullPolicy",
"enum": [
"IfNotPresent",
"Always",
"Never"
]
}
}
},
"dexImage": {
"type": "object",
"title": "Dex image config",
"description": "Specify Dex image config",
"properties": {
"registry": {
"type": "string",
"default": "ghcr.io",
"title": "Dex image registry",
"description": "Change default image registry for Dex images"
},
"repository": {
"type": "string",
"default": "dexidp",
"title": "Dex image repository",
"description": "Change default image repository for Dex images"
},
"image": {
"type": "string",
"default": "dex",
"title": "Dex image name",
"description": "Change default image name for Dex images"
}
}
},
"kanisterToolsImage": {
"type": "object",
"title": "kanister tools image config",
"description": "Set kanister tools image config",
"properties": {
"registry": {
"type": "string",
"default": "ghcr.io",
"title": "kanister-tools image registry",
"description": "Change default image registry for kanister-tools images"
},
"repository": {
"type": "string",
"default": "kanisterio",
"title": "kanister-tools image repository",
"description": "Change default image repository for kanister-tools images"
},
"image": {
"type": "string",
"default": "kanister-tools",
"title": "Kanister tools image name",
"description": "Change default image name for kanister-tools images"
},
"pullPolicy": {
"type": "string",
"default": "Always",
"title": "Kanister tools image pullPolicy",
"description": "Change kanister-tools image pullPolicy",
"enum": [
"IfNotPresent",
"Always",
"Never"
]
}
}
},
"ingress": {
"type": "object",
"title": "Ingress configuration",
"description": "Add ingress resource configuration",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Expose dashboard via ingress",
"description": "whether the K10 dashboard should be exposed via ingress"
},
"tls": {
"type": "object",
"title": "TLS configuration for ingress",
"description": "Set TLS configuration for ingress",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable TLS",
"description": "Configures a TLS use for ingress.host"
}
}
},
"class": {
"type": "string",
"default": "",
"title": "Ingress controller class",
"description": "Cluster ingress controller class: nginx, GCE"
},
"host": {
"type": "string",
"default": "",
"title": "Ingress host name",
"description": "FQDN for name-based virtual host",
"examples": [
"/k10.example.com"
]
},
"urlPath": {
"type": "string",
"default": "",
"title": "Ingress URL path",
"description": "URL path for K10 Dashboard",
"examples": [
"/k10"
]
},
"pathType": {
"type": "string",
"default": "ImplementationSpecific",
"title": "Ingress path type",
"description": "Set the path type for the ingress resource",
"enum": [
"Exact",
"Prefix",
"ImplementationSpecific"
]
}
}
},
"eula": {
"type": "object",
"title": "EULA configuration",
"properties": {
"accept": {
"type": "boolean",
"default": false,
"title": "Enable accept EULA before installation",
"description": "An End-user license agreement (EULA) is a legal agreement granting a user a license to use an application or software. It must be consented to before a user buys, installs, or downloads an application or software owned by the service provider."
}
}
},
"license": {
"type": "string",
"default": "",
"title": "License from Kasten",
"description": "Add license string obtained from Kasten"
},
"cluster": {
"type": "object",
"title": "Cluster configuration",
"description": "Set cluster configuration",
"properties": {
"domainName": {
"type": "string",
"default": "cluster.local",
"title": "Domain name of the cluster",
"description": "Change default domain name of the cluster"
}
}
},
"prometheus": {
"type": "object",
"title": "Internal Prometheus configuration",
"description": "Configure internal Prometheus",
"properties": {
"initChownData": {
"type": "object",
"title": "Prometheus init container",
"description": "Prometheus init container configuration",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable initChownData init container",
"description": "Run initChownData init container"
}
}
},
"rbac": {
"type": "object",
"title": "Prometheus rbac",
"description": "Configure Prometheus rbac resources",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Enable Prometheus rbac. Warning - cluster wide permissions",
"description": "Whether to create Prometheus rbac configuration. Warning - this action will allow prometheus to scrape pods in all k8s namespaces."
}
}
},
"alertmanager": {
"type": "object",
"title": "Prometheus alertmanager",
"description": "Enable Prometheus alertmanager service",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Prometheus alertmanager",
"description": "Create Prometheus alertmanager service"
}
}
},
"kubeStateMetrics": {
"type": "object",
"title": "Prometheus kubeStateMetrics",
"description": "Configure Prometheus kubeStateMetrics service",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Prometheus KubeStateMetrics",
"description": "Create Prometheus KubeStateMetrics service"
}
}
},
"networkPolicy": {
"type": "object",
"title": "Prometheus NetworkPolicy",
"description": "Configure Prometheus NetworkPolicy",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "Enable Prometheus NetworkPolicy",
"description": "Create Prometheus NetworkPolicy"
}
}
},
"nodeExporter": {
"type": "object",
"title": "Prometheus NodeExporter",
"description": "Configure Prometheus NodeExporter",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Prometheus NodeExporter",
"description": "Create Prometheus NodeExporter service"
}
}
},
"pushgateway": {
"type": "object",
"title": "Prometheus PushGateway",
"description": "Configure Prometheus PushGateway service",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Prometheus PushGateway",
"description": "Create Prometheus PushGateway service"
}
}
},
"scrapeCAdvisor": {
"type": "boolean",
"default": false,
"title": "Enable Prometheus ScrapeCAdvisor",
"description": "Create Prometheus ScrapeCAdvisor service"
},
"server": {
"type": "object",
"title": "Prometheus Server",
"description": "Configure Prometheus Server",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "Enable Prometheus server",
"description": "Create Prometheus server"
},
"securityContext": {
"type": "object",
"title": "Prometheus server securityContext",
"description": "Configure Prometheus server securityContext",
"properties": {
"runAsUser": {
"type": "integer",
"default": 65534,
"title": "runAsUser ID",
"description": "Set securityContext runAsUser ID"
},
"runAsNonRoot": {
"type": "boolean",
"default": true,
"title": "Enable runAsNonRoot",
"description": "Enable securityContext runAsNonRoot"
},
"runAsGroup": {
"type": "integer",
"default": 65534,
"title": "runAsGroup ID",
"description": "Set securityContext runAsGroup ID"
},
"fsGroup": {
"type": "integer",
"default": 65534,
"title": "fsGroup ID",
"description": "Set securityContext fsGroup ID"
}
}
},
"retention": {
"type": "string",
"default": "30d",
"title": "Prometheus retention",
"description": "Set retention period for Prometheus"
},
"strategy": {
"type": "object",
"title": "Prometheus deployment strategy",
"description": "Configure Prometheus deployment strategy",
"properties": {
"rollingUpdate": {
"type": "object",
"default": {},
"title": "rollingUpdate",
"description": "Prometheus rollingUpdate config",
"properties": {
"maxSurge": {
"type": "string",
"default": "100%",
"title": "rollingUpdate maxSurge",
"description": "The number of pods that can be created above the desired amount of pods during an update"
},
"maxUnavailable": {
"type": "string",
"default": "100%",
"title": "rollingUpdate maxUnavailable",
"description": "The number of pods that can be unavailable during the update process"
}
}
},
"type": {
"type": "string",
"default": "RollingUpdate",
"title": "Deployment strategy",
"description": "Change default deployment strategy",
"enum": [
"Recreate",
"RollingUpdate"
]
}
}
},
"persistentVolume": {
"type": "object",
"title": "Prometheus persistent volume",
"description": "Configure Prometheus persistent volume",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "Enable PersistentVolumeClaim",
"description": "Create PersistentVolumeClaim for Prometheus server"
},
"storageClass": {
"type": "string",
"default": "",
"title": "StorageClassName used to create Prometheus PVC",
"description": "Setting this option overwrites global StorageClass value"
}
}
},
"configMapOverrideName": {
"type": "string",
"default": "k10-prometheus-config",
"title": "Prometheus configmap name",
"description": "Prometheus configmap name to override default generated name"
},
"fullnameOverride": {
"type": "string",
"default": "prometheus-server",
"title": "Prometheus server deployment name",
"description": "Override default Prometheus server deployment name"
},
"baseURL": {
"type": "string",
"default": "/k10/prometheus/",
"title": "Prometheus external url path",
"description": "Prometheus external url path at which the server can be accessed"
},
"prefixURL": {
"type": "string",
"default": "/k10/prometheus",
"title": "Prometheus prefix slug",
"description": "Prometheus prefix slug at which the server can be accessed"
}
}
},
"serviceAccounts": {
"type": "object",
"default": {},
"title": "Prometheus service account",
"description": "Whether to create ServiceAccounts for Prometheus services",
"properties": {
"alertmanager": {
"type": "object",
"title": "Enable service account for Alertmanager service",
"description": "Whether to create service account for Prometheus Alertmanager service",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "ServiceAccount for Alertmanager service",
"description": "Set true to create ServiceAccount for Alertmanager service"
}
}
},
"kubeStateMetrics": {
"type": "object",
"title": "Enable service account for KubeStateMetrics service",
"description": "Whether to create service account for Prometheus KubeStateMetrics service",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Create ServiceAccount for KubeStateMetrics service",
"description": "Set true to create ServiceAccount for KubeStateMetrics service"
}
}
},
"nodeExporter": {
"type": "object",
"title": "Enable service account for NodeExporter service",
"description": "Whether to create service account for Prometheus NodeExporter service",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Create ServiceAccount for NodeExporter service",
"description": "Set true to create ServiceAccount for NodeExporter service"
}
}
},
"pushgateway": {
"type": "object",
"title": "Enable service account for PushGateway service",
"description": "Whether to create service account for Prometheus PushGateway service",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Create ServiceAccount for PushGateway service",
"description": "Set true to create ServiceAccount for PushGateway service"
}
}
},
"server": {
"type": "object",
"title": "Enable service account for Prometheus Server",
"description": "Whether to create service account for Prometheus Server",
"properties": {
"create": {
"type": "boolean",
"default": true,
"title": "Create ServiceAccount for Prometheus server",
"description": "Set true to create ServiceAccount for Prometheus Server"
}
}
}
}
}
}
},
"jaeger": {
"type": "object",
"title": "Jaeger configuration",
"description": "Jaeger tracing settings",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Jaeger tracing",
"description": "Set true to enable Jaeger tracing"
},
"agentDNS": {
"type": "string",
"default": "",
"title": "Jaeger agentDNS",
"description": "Set agentDNS for Jaeger tracing"
}
}
},
"service": {
"type": "object",
"title": "K10 K8s services config",
"properties": {
"externalPort": {
"type": "integer",
"default": 8000,
"title": "externalPort for K10 services",
"description": "Override default 8000 externalPort for K10 services"
},
"internalPort": {
"type": "integer",
"default": 8000,
"title": "internalPort for K10 services",
"description": "Override default 8000 internalPort for K10 services"
},
"aggregatedApiPort": {
"type": "integer",
"default": 10250,
"title": "aggregatedApiPort for aggapi service",
"description": "Override default 10250 port for aggapi service"
},
"gatewayAdminPort": {
"type": "integer",
"default": 8877,
"title": "Gateway admin port",
"description": "Override default 8877 gateway admin port"
}
}
},
"secrets": {
"type": "object",
"title": "K10 secrets",
"description": "K10 secrets configuration",
"properties": {
"awsAccessKeyId": {
"type": "string",
"default": "",
"title": "AWS access key ID",
"description": "Set AWS access key ID required for AWS deployment"
},
"awsSecretAccessKey": {
"type": "string",
"default": "",
"title": "AWS secret access key",
"description": "Set AWS access key secret"
},
"awsIamRole": {
"type": "string",
"default": "",
"title": "AWS IAM Role",
"description": "ARN of the AWS IAM role assumed by K10 to perform any AWS operation"
},
"googleApiKey": {
"type": "string",
"default": "",
"title": "Google API Key",
"description": "Non-default base64 encoded GCP Service Account key"
},
"googleProjectId": {
"type": "string",
"default": "",
"title": "Google Project ID",
"description": "Set Google Project ID other than the one in the GCP Service Account"
},
"ibmSoftLayerApiKey": {
"type": "string",
"default": "",
"title": "IBM SoftLayer API key",
"description": "API key for accessing Classic Infrastructure (AKA SoftLayer) services, requires ibmSoftLayerApiUsername"
},
"ibmSoftLayerApiUsername": {
"type": "string",
"default": "",
"title": "IBM SoftLayer Username",
"description": "Username for accessing Classic Infrastructure (AKA SoftLayer) services, requires ibmSoftLayerApiKey"
},
"tlsSecret": {
"type": "string",
"default": "",
"title": "K8s TLS secret name contains for k10 Gateway service",
"description": "Specify a Secret directly instead of having to provide both the cert and key. This reduces the security risk a bit by not caching the certs and keys in the bash history."
},
"dockerConfig": {
"type": "string",
"default": "",
"title": "Docker config",
"description": "base64 representation of your Docker credentials to pull docker images from a private registry"
},
"dockerConfigPath": {
"type": "string",
"default": "",
"title": "Docker config path",
"description": "Path to Docker config file to create secret from"
},
"azureTenantId": {
"type": "string",
"default": "",
"title": "Azure tenant ID",
"description": "Azure tenant ID required for Azure deployment"
},
"azureClientId": {
"type": "string",
"default": "",
"title": "Azure client ID",
"description": "Azure Service App ID"
},
"azureClientSecret": {
"type": "string",
"default": "",
"title": "Azure client Secret",
"description": "Azure Service APP secret"
},
"azureResourceGroup": {
"type": "string",
"default": "",
"title": "Azure resource group",
"description": "Resource Group name that was created for the Kubernetes cluster"
},
"azureSubscriptionID": {
"type": "string",
"default": "",
"title": "Azure subscription ID",
"description": "Subscription ID in your Azure tenant"
},
"azureResourceMgrEndpoint": {
"type": "string",
"default": "",
"title": "Azure resource manager endpoint",
"description": "Resource management endpoint for the Azure Stack instance"
},
"azureADEndpoint": {
"type": "string",
"default": "",
"title": "Azure AD endpoint",
"description": "Azure Active Directory login endpoint"
},
"azureADResourceID": {
"type": "string",
"default": "",
"title": "Azure Active Directory resource ID",
"description": "Azure Active Directory resource ID to obtain AD tokens"
},
"azureCloudEnvID": {
"type": "string",
"default": "",
"title": "Azure Cloud Environment ID",
"description": "Azure Cloud Environment ID"
},
"apiTlsCrt": {
"type": "string",
"default": "",
"title": "API TLS Certificate",
"description": "K8s API server TLS certificate"
},
"apiTlsKey": {
"type": "string",
"default": "",
"title": "API TLS Key",
"description": "K8s API server TLS key"
},
"vsphereEndpoint": {
"type": "string",
"default": "",
"title": "vSphere endpoint",
"description": "vSphere endpoint for login"
},
"vsphereUsername": {
"type": "string",
"default": "",
"title": "",
"description": ""
},
"vspherePassword": {
"type": "string",
"default": "",
"title": "vSphere password",
"description": "vSphere password for login"
}
}
},
"metering": {
"type": "object",
"title": "Metering service config",
"description": "Metering service settings",
"properties": {
"reportingKey": {
"type": "string",
"default": "",
"title": "Reporting key",
"description": "Base64 encoded reporting key"
},
"consumerId": {
"type": "string",
"default": "",
"title": "Consumer ID",
"description": "Consumer ID in the format project:<project_id>"
},
"awsRegion": {
"type": "string",
"default": "",
"title": "AWS Region",
"description": "Set AWS_REGION for metering service"
},
"awsMarketPlaceIamRole": {
"type": "string",
"default": "",
"title": "AWS Marketplace IAM Role",
"description": "Set AWS marketplace IAM Role"
},
"awsMarketplace": {
"type": "boolean",
"default": false,
"title": "AWS Marketplace",
"description": "Set AWS cloud metering license mode"
},
"awsManagedLicense": {
"type": "boolean",
"default": false,
"title": "AWS managed license",
"description": "Set AWS managed license mode"
},
"licenseConfigSecretName": {
"type": "string",
"default": "",
"title": "License config secret name",
"description": "AWS managed license config secret"
},
"serviceAccount": {
"type": "object",
"title": "Metering service serviceAccount",
"description": "Configuration for metering service serviceAccount",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Create metering service serviceAccount",
"description": "Create metering service serviceAccount"
},
"name": {
"type": "string",
"default": "",
"title": "Metering ServiceAccount name",
"description": "Set name for metering ServiceAccount"
}
}
},
"mode": {
"type": "string",
"default": "",
"title": "Control license reporting",
"description": "Set to `airgap` for private-network installs"
},
"redhatMarketplacePayg": {
"type": "boolean",
"default": false,
"title": "Red Hat cloud metering",
"description": "Set Red Hat cloud metering license mode"
},
"reportCollectionPeriod": {
"type": "integer",
"default": 1800,
"title": "Report collection period",
"description": "Metric report collection period (in seconds)"
},
"reportPushPeriod": {
"type": "integer",
"default": 3600,
"title": "Report push period",
"description": "Metric report push period (in seconds)"
},
"promoID": {
"type": "string",
"default": "",
"title": "K10 promotion ID",
"description": "K10 promotion ID from marketing campaigns"
}
}
},
"clusterName": {
"type": "string",
"default": "",
"title": "Cluster name",
"description": "Cluster name for better logs visibility"
},
"executorReplicas": {
"type": "integer",
"default": 3,
"title": "Number of executor service pod replicas",
"description": "Set number of executor service pod replicas for better performance"
},
"logLevel": {
"type": "string",
"default": "info",
"title": "Log level",
"description": "Change default log level"
},
"externalGateway": {
"type": "object",
"title": "External gateway",
"description": "Configure external gateway for K10 API services",
"properties": {
"create": {
"type": "boolean",
"default": false,
"title": "Enable external gateway",
"description": "Create external gateway service"
},
"annotations": {
"type": "object",
"title": "The annotations Schema",
"default": {},
"description": "Standard annotations for the services"
},
"fqdn": {
"type": "object",
"title": "Host and domain name for the K10 API services",
"description": "Configure host and domain name for the K10 API services",
"properties": {
"name": {
"type": "string",
"default": "",
"title": "Domain name for the K10 API services",
"description": "Domain name for the K10 API services"
},
"type": {
"type": "string",
"default": "",
"title": "Gateway type",
"description": "Supported gateway type: route53-mapper or external-dns"
}
}
},
"awsSSLCertARN": {
"type": "string",
"default": "",
"title": "AWS SSL Cert ARN",
"description": "ARN for the AWS ACM SSL certificate used in the K10 API server"
}
}
},
"auth": {
"type": "object",
"title": "Authentication settings",
"description": "Configure K10 dashboard authentication",
"properties": {
"groupAllowList": {
"type": "array",
"default": [],
"items": {
"type": "string"
},
"title": "List of groups allowed to access K10 dashboard",
"description": "A list of groups whose members are allowed access to K10's dashboard",
"examples": [
[
"group1",
"group2"
]
]
},
"basicAuth": {
"type": "object",
"title": "Basic authentication for the K10 dashboard",
"description": "Configure basic authentication for the K10 dashboard",
"properties": {
"enabled": {
"title": "Enable basic authentication",
"description": "Enables basic authentication to the K10 dashboard that allows users to login with username and password",
"type": "boolean",
"default": false
},
"secretName": {
"type": "string",
"default": "",
"title": "Secret with basic auth creds",
"description": "Name of an existing Secret that contains a file generated with htpasswd"
},
"htpasswd": {
"type": "string",
"default": "",
"title": "Basic authentication creds",
"description": "A username and password pair separated by a colon character"
}
}
},
"tokenAuth": {
"type": "object",
"title": "Token based authentication",
"description": "Configuration for Token based authentication for the K10 dashboard",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable token based authentication",
"description": "Enable token based authentication to access K10 dashboard"
}
}
},
"oidcAuth": {
"type": "object",
"default": {},
"title": "Open ID Connect based authentication",
"description": "Configuration for Open ID Connect based authentication for the K10 dashboard",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Open ID Connect based authentication",
"description": "Enable Open ID Connect based authentication to access K10 dashboard"
},
"providerURL": {
"type": "string",
"default": "",
"title": "OIDC Provider URL",
"description": "URL for the OIDC Provider"
},
"redirectURL": {
"type": "string",
"default": "",
"title": "K10 gateway service URL",
"description": "URL to the K10 gateway service"
},
"scopes": {
"type": "string",
"default": "",
"title": "OIDC scopes",
"description": "Space separated OIDC scopes required for userinfo",
"examples": [
"profile email"
]
},
"prompt": {
"type": "string",
"title": "OIDC prompt type",
"description": "The type of prompt to be used during authentication",
"default": "select_account",
"enum": [
"none",
"consent",
"login",
"select_account"
]
},
"clientID": {
"type": "string",
"default": "",
"title": "OIDC client ID",
"description": "Client ID given by the OIDC provider"
},
"clientSecret": {
"type": "string",
"default": "",
"title": "OIDC client secret",
"description": "Client secret given by the OIDC provider"
},
"usernameClaim": {
"type": "string",
"default": "",
"title": "OIDC username claim",
"description": "The claim to be used as the username"
},
"usernamePrefix": {
"type": "string",
"default": "",
"title": "OIDC username prefix",
"description": "Prefix that has to be used with the username obtained from the username claim"
},
"groupClaim": {
"type": "string",
"default": "",
"title": "OIDC group claim",
"description": "Name of a custom OpenID Connect claim for specifying user groups"
},
"groupPrefix": {
"type": "string",
"default": "",
"title": "OIDC group prefix",
"description": "All groups will be prefixed with this value to prevent conflicts"
},
"logoutURL": {
"type": "string",
"default": "",
"title": "OIDC logout endpoint",
"description": "URL to your OIDC provider's logout endpoint"
},
"secretName": {
"type": "string",
"default": "",
"title": "OIDC config based existing secret",
"description": "Must include providerURL, redirectURL, scopes, clientID/secret and logoutURL"
}
}
},
"dex": {
"type": "object",
"title": "Dex based authentication",
"description": "Configure Dex based authentication to access K10 dashboard",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Dex based authentication",
"description": "Enable Dex based authentication to access K10 dashboard"
},
"providerURL": {
"type": "string",
"default": "",
"title": "Dex provider URL",
"description": "Set Dex provider URL"
},
"redirectURL": {
"type": "string",
"default": "",
"title": "K10 gateway service URL",
"description": "URL to the K10 gateway service"
}
}
},
"openshift": {
"type": "object",
"title": "OpenShift OAuth server based authentication",
"description": "OpenShift OAuth server based authentication for K10 dashboard",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable OpenShift OAuth server based authentication",
"description": "Enable OpenShift OAuth server based authentication to access K10 dashboard"
},
"serviceAccount": {
"type": "string",
"default": "",
"title": "Service account that represents an OAuth client",
"description": "Name of the service account that represents an OAuth client"
},
"clientSecret": {
"type": "string",
"default": "",
"title": "Service account token",
"description": "The token corresponding to the service account"
},
"dashboardURL": {
"type": "string",
"default": "",
"title": "K10 dashboard URL",
"description": "The URL used for accessing K10's dashboard"
},
"openshiftURL": {
"type": "string",
"default": "",
"title": "OpenShift URL",
"description": "The URL for accessing OpenShift's API server"
},
"insecureCA": {
"type": "boolean",
"default": false,
"title": "Disable SSL verification of connections to OpenShift",
"description": "Set true to turn off SSL verification of connections to OpenShift"
},
"useServiceAccountCA": {
"type": "boolean",
"default": false,
"title": "use the CA certificate corresponding to the Service Account",
"description": "Usually found at ``/var/run/secrets/kubernetes.io/serviceaccount/ca.crt``"
},
"secretName": {
"type": "string",
"default": "",
"title": "The Kubernetes Secret that contains OIDC settings",
"description": "Specify Kubernetes Secret that contains OIDC settings"
},
"usernameClaim": {
"type": "string",
"default": "email",
"title": "Username claim",
"description": "The claim to be used as the username"
},
"usernamePrefix": {
"type": "string",
"default": "",
"title": "Username prefix",
"description": "Prefix that has to be used with the username obtained from the username claim"
},
"groupnameClaim": {
"type": "string",
"default": "groups",
"title": "custom OpenID Connect claim name for specifying user groups",
"description": "Name of a custom OpenID Connect claim for specifying user groups"
},
"groupnamePrefix": {
"type": "string",
"default": "",
"title": "User group name prefix",
"description": "Prefix for user group name"
}
}
},
"ldap": {
"type": "object",
"title": "Active Directory/LDAP based authentication ",
"description": "Active Directory/LDAP based authentication for the K10 dashboard",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Active Directory/LDAP based authentication",
"description": "Enable Active Directory/LDAP based authentication to access K10 dashboard"
},
"restartPod": {
"type": "boolean",
"default": false,
"title": "force a restart of the authentication service pod",
"description": "force a restart of the authentication service pod (useful when updating authentication config)"
},
"dashboardURL": {
"type": "string",
"default": "",
"title": "K10 dashboard URL",
"description": "The URL used for accessing K10's dashboard"
},
"host": {
"type": "string",
"default": "",
"title": "Host and port of the AD/LDAP server",
"description": "Host and optional port of the AD/LDAP server in the form `host:port`"
},
"insecureNoSSL": {
"type": "boolean",
"default": false,
"title": "Insecure AD/LDAP host",
"description": "Set if the AD/LDAP host is not using TLS"
},
"insecureSkipVerifySSL": {
"type": "boolean",
"default": false,
"title": "Skip SSL verification of connections to the AD/LDAP host",
"description": "Turn off SSL verification of connections to the AD/LDAP host"
},
"startTLS": {
"type": "boolean",
"default": false,
"title": "TLS protocol",
"description": "When set to true, ldap:// is used to connect to the server followed by creation of a TLS session. When set to false, ldaps:// is used."
},
"bindDN": {
"type": "string",
"default": "",
"title": "Username for connecting to the AD/LDAP host",
"description": "The Distinguished Name(username) used for connecting to the AD/LDAP host"
},
"bindPW": {
"type": "string",
"default": "",
"title": "The password for `bindDN`",
"description": "The password corresponding to the `bindDN` for connecting to the AD/LDAP host"
},
"bindPWSecretName": {
"type": "string",
"default": "",
"title": "Secret name containing the password",
"description": "Secret name containing the password corresponding to the `bindDN` for connecting to the AD/LDAP host"
},
"userSearch": {
"type": "object",
"title": "User search config",
"description": "AD/LDAP user search config",
"properties": {
"baseDN": {
"type": "string",
"default": "",
"title": "The base username to start the AD/LDAP search from",
"description": "The base Distinguished Name to start the AD/LDAP search from"
},
"filter": {
"type": "string",
"default": "",
"title": "filter to apply when searching",
"description": "Optional filter to apply when searching the directory"
},
"username": {
"type": "string",
"default": "",
"title": "Username to search in the directory",
"description": "Attribute used for comparing user entries when searching the directory"
},
"idAttr": {
"type": "string",
"default": "",
"title": "Attribute in a user's entry that should map to the user ID field in a token",
"description": "AD/LDAP attribute in a user's entry that should map to the user ID field in a token"
},
"emailAttr": {
"type": "string",
"default": "",
"title": "Attribute in a user's entry that should map to the email field in a token",
"description": "AD/LDAP attribute in a user's entry that should map to the email field in a token"
},
"nameAttr": {
"type": "string",
"default": "",
"title": "Attribute in a user's entry that should map to the name field in a token",
"description": "Attribute in a user's entry that should map to the name field in a token"
},
"preferredUsernameAttr": {
"type": "string",
"default": "",
"title": "Attribute in a user's entry that should map to the preferred_username field in a token",
"description": "AD/LDAP attribute in a user's entry that should map to the preferred_username field in a token"
}
}
},
"groupSearch": {
"type": "object",
"title": "AD/LDAP group search config",
"description": "AD/LDAP group search config",
"properties": {
"baseDN": {
"type": "string",
"default": "",
"title": "The base Distinguished Name",
"description": "The base Distinguished Name to start the AD/LDAP group search from"
},
"filter": {
"type": "string",
"default": "",
"title": "Search filter",
"description": "filter to apply when searching the directory for groups"
},
"userMatchers": {
"type": "array",
"items": {
"type": "object",
"properties": {
"userAttr": {
"type": "string",
"default": "",
"title": "Attribute in the user's entry",
"description": "Attribute in the user's entry that must match with the groupAttr while searching for groups"
},
"groupAttr": {
"type": "string",
"default": "",
"title": "Attribute in the group's entry",
"description": "Attribute in the group's entry that must match with the userAttr while searching for groups"
}
}
},
"default": [],
"title": "List of field pairs that are used to match a user to a group",
"description": "List of field pairs that are used to match a user to a group"
},
"nameAttr": {
"type": "string",
"default": "",
"title": "Attribute that represents a group's name in the directory",
"description": "The AD/LDAP attribute that represents a group's name in the directory"
}
}
},
"secretName": {
"type": "string",
"default": "",
"title": "The Kubernetes Secret with OIDC settings",
"description": "The Kubernetes Secret that contains OIDC settings"
},
"usernameClaim": {
"type": "string",
"default": "email",
"title": "Username claim",
"description": "The claim to be used as the username"
},
"usernamePrefix": {
"type": "string",
"default": "",
"title": "Username prefix",
"description": "Prefix that has to be used with the username obtained from the username claim"
},
"groupnameClaim": {
"type": "string",
"default": "groups",
"title": "Name of a custom OpenID Connect claim for specifying user groups",
"description": "Name of a custom OpenID Connect claim for specifying user groups"
},
"groupnamePrefix": {
"type": "string",
"default": "",
"title": "Group name prefix",
"description": "Prefix for user group name"
}
}
},
"k10AdminUsers": {
"type": "array",
"items": {
"type": "string"
},
"default": [],
"title": "Admin users list",
"description": "A list of users who are granted admin level access to K10's dashboard"
},
"k10AdminGroups": {
"type": "array",
"items": {
"type": "string"
},
"default": [],
"title": "Admin groups list",
"description": "A list of groups whose members are granted admin level access to K10's dashboard"
}
}
},
"optionalColocatedServices": {
"type": "object",
"title": "Optional Colocated services config",
"description": "Settings to enable optional colocated services",
"properties": {
"vbrintegrationapi": {
"title": "VBRIntegratipnAPI service",
"description": "Settings for VBRIntegratipnAPI service",
"type": "object",
"properties": {
"enabled": {
"title": "Enable VBRIntegratipnAPI service",
"description": "Set true to enable VBRIntegratipnAPI service",
"type": "boolean",
"default": true
}
}
}
}
},
"cacertconfigmap": {
"type": "object",
"title": "CA Certificate ConfigMap",
"description": "ConfigMap containing a certificate for a trusted root certificate authority",
"properties": {
"name": {
"title": "Name of the configmap",
"description": "Name of the K8s ConfigMap containing a certificate for a trusted root certificate authority",
"type": "string",
"default": ""
}
}
},
"apiservices": {
"type": "object",
"title": "Skip APIService objects creation",
"describe": "Skip APIService objects creation if already exists",
"properties": {
"deployed": {
"type": "boolean",
"default": true,
"title": "Whether APIService object are deployed",
"description": "Set true if APIService objects exists. Setting false will recreate the objects"
}
}
},
"injectKanisterSidecar": {
"type": "object",
"title": "Kanister sidecar injection for workload pods",
"description": "Configure Kanister sidecar injection for workload pods",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable Kanister sidecar injection for workload pods",
"description": "Set true to enable Kanister sidecar injection for workload pods"
},
"namespaceSelector": {
"type": "object",
"title": "namespaceSelector config",
"description": "Configure namespaceSelector for namespace containing the workloads to inject Kansiter Sidecar",
"properties": {
"matchLabels": {
"type": "object",
"default": {},
"title": "namespaceSelector matchLabels",
"description": "Set of labels to select namespaces in which sidecar injection is enabled for workloads"
}
}
},
"objectSelector": {
"type": "object",
"title": "objectSelector config",
"description": "Configure objectSelector for the workloads to inject Kansiter Sidecar",
"properties": {
"matchLabels": {
"type": "object",
"default": {},
"title": "objectSelector matchLabels",
"description": "Set of labels to filter workload objects in which the sidecar is injected"
}
}
},
"webhookServer": {
"type": "object",
"title": "Sidecar injector webhook server",
"description": "Configure sidecar injector webhook server",
"properties": {
"port": {
"type": "integer",
"default": 8080,
"title": "Mutating webhook server port number",
"description": "Port number on which the mutating webhook server accepts request"
}
}
}
}
},
"kanisterPodCustomLabels": {
"type": "string",
"default": "",
"title": "Kanister pod custom labels",
"description": "Custom labels for pods managed by Kanister"
},
"kanisterPodCustomAnnotations": {
"type": "string",
"default": "",
"title": "Kanister pod custom annotations",
"description": "Custom annotations added to pods managed by Kanister"
},
"kanisterPodMetricSidecar": {
"type": "object",
"title": "Metric sidecar for ephemeral pods",
"description": "Sidecar container for gathering metrics from ephemeral pods",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "Enable sidecar container",
"description": "Enable sidecar container for gathering metrics from ephemeral pods"
},
"metricLifetime":{
"type": "string",
"default": "2m",
"title": "The period we check if there are metrics which should be removed",
"description": "The period we check if there are metrics which should be removed"
},
"pushGatewayInterval":{
"type": "string",
"default": "30s",
"title": "Pushgateway metrics interval",
"description": "The interval of sending metrics into the Pushgateway"
}
}
},
"genericVolumeSnapshot": {
"type": "object",
"title": "Generic Volume Snapshot restore pods config",
"description": "Resource configuration for Generic Volume Snapshot restore pods",
"properties": {
"resources": {
"type": "object",
"title": "Generic Volume Snapshot restore pod resource config",
"description": "Configure resource request and limits by Generic Volume Snapshot restore pods",
"properties": {
"requests": {
"type": "object",
"title": "Generic Volume Snapshot resource requests",
"description": "Generic Volume Snapshot resource requests configuration",
"properties": {
"memory": {
"type": "string",
"default": "",
"title": "Generic Volume Snapshot restore pods memory request",
"description": "Generic Volume Snapshot restore pods memory request",
"examples": [
"1Gi"
]
},
"cpu": {
"type": "string",
"default": "",
"title": "Generic Volume Snapshot restore pods cpu request",
"description": "Generic Volume Snapshot restore pods cpu request",
"examples": [
"1"
]
}
}
},
"limits": {
"type": "object",
"title": "Generic Volume Snapshot resource limits",
"description": "Generic Volume Snapshot resource limits configuration",
"properties": {
"memory": {
"type": "string",
"default": "",
"title": "Generic Volume Snapshot restore pods memory limit",
"description": "Generic Volume Snapshot restore pods memory limit",
"examples": [
"1Gi"
]
},
"cpu": {
"type": "string",
"default": "",
"title": "Generic Volume Snapshot restore pods cpu limit",
"description": "Generic Volume Snapshot restore pods cpu limit",
"examples": [
"1"
]
}
}
}
}
}
}
},
"garbagecollector": {
"type": "object",
"title": "garbage collection",
"description": "Configure garbage collection settings",
"properties": {
"daemonPeriod": {
"type": "integer",
"default": 21600,
"title": "Garbage collection period",
"description": "Set garbage collection period (in seconds)"
},
"keepMaxActions": {
"type": "integer",
"default": 1000,
"title": "Max actions to keep",
"description": "Sets maximum actions to keep"
},
"importRunActions": {
"type": "object",
"title": "importRunActions collector config",
"description": "Configure importRunActions garbage collector",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable importRunActions collector",
"description": "Set true to enable importRunActions collector"
}
}
},
"retireActions": {
"type": "object",
"title": "retireActions collector config",
"description": "Configure retireActions garbage collector",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"title": "Enable importRunActions collector",
"description": "Set true to enable importRunActions collector"
}
}
}
}
},
"resources": {
"type": "object",
"default": {},
"title": "K10 pods resource config",
"description": "Resource management for K10 pods"
},
"services": {
"type": "object",
"title": "K10 services config",
"description": "Settings for K10 services",
"properties": {
"executor": {
"type": "object",
"title": "executor service config",
"description": "Configuration for K10 executor service",
"properties": {
"hostNetwork": {
"type": "boolean",
"default": false,
"title": "Enable node network usage",
"description": "Whether the executor pods may use the node network"
},
"workerCount": {
"type": "integer",
"default": 8,
"title": "Executor workers count",
"description": "Count of running executor workers"
},
"maxConcurrentRestoreCsiSnapshots": {
"type": "integer",
"default": 3,
"title": "Concurrent restore CSI snapshots operations",
"description": "Limit of concurrent restore CSI snapshots operations per each restore action"
},
"maxConcurrentRestoreGenericVolumeSnapshots": {
"type": "integer",
"default": 3,
"title": "Concurrent restore generic volume snapshots operations",
"description": "Limit of concurrent restore generic volume snapshots operations per each restore action"
},
"maxConcurrentRestoreWorkloads": {
"type": "integer",
"default": 3,
"title": "Concurrent restore workloads operations",
"description": "Limit of concurrent restore workloads operations per each restore action"
}
}
},
"dashboardbff": {
"type": "object",
"title": "dashboardbff service config",
"properties": {
"hostNetwork": {
"type": "boolean",
"default": false,
"title": "Enable node network usage",
"description": "Whether the dashboardbff pods may use the node network"
}
}
},
"securityContext": {
"type": "object",
"title": "securityContext for K10 service containers",
"description": "Custom securityContext for K10 service containers",
"properties": {
"runAsUser": {
"type": "integer",
"default": 1000,
"title": "runAsUser ID",
"description": "User ID K10 service containers run as"
},
"fsGroup": {
"type": "integer",
"default": 1000,
"title": "FSGroup ID",
"description": "FSGroup that owns K10 service container volumes"
}
}
},
"aggregatedapis": {
"type": "object",
"title": "K10 aggregatedapis service config",
"properties": {
"hostNetwork": {
"type": "boolean",
"default": false,
"title": "Enable node network usage",
"description": "Whether the aggregatedapis pods may use the node network"
}
}
}
}
},
"apigateway": {
"type": "object",
"title": "APIGateway",
"description": "APIGateway settings",
"properties": {
"serviceResolver": {
"type": "string",
"default": "dns",
"title": "Resolver used for service discovery",
"description": "The resolver used for service discovery in the API gateway",
"enum": [
"dns",
"endpoint"
]
}
}
},
"limiter": {
"type": "object",
"title": "Limiter",
"description": "Limits set on several operations",
"properties": {
"genericVolumeSnapshots": {
"type": "integer",
"default": 10,
"title": "Concurrent generic volume snapshot creation",
"description": "Limit of concurrent generic volume snapshot create operations"
},
"genericVolumeCopies": {
"type": "integer",
"default": 10,
"title": "Concurrent generic volume snapshot copy",
"description": "Limit of concurrent generic volume snapshot copy operations"
},
"genericVolumeRestores": {
"type": "integer",
"default": 10,
"title": "Concurrent generic volume snapshot restore",
"description": "Limit of concurrent generic volume snapshot restore operations"
},
"csiSnapshots": {
"type": "integer",
"default": 10,
"title": "Concurrent CSI snapshot create",
"description": "Limit of concurrent CSI snapshot create operations"
},
"providerSnapshots": {
"type": "integer",
"default": 10,
"title": "Concurrent cloud provider create",
"description": "Limit of concurrent cloud provider create operations"
}
}
},
"gateway": {
"type": "object",
"title": "Gateway config",
"description": "Configure Gateway service",
"properties": {
"insecureDisableSSLVerify": {
"type": "boolean",
"default": false,
"title": "Disable SSL verification for gateway pods",
"description": "Whether to disable SSL verification for gateway pods"
},
"exposeAdminPort": {
"type": "boolean",
"default": true,
"title": "Expose Admin port",
"description": "Whether to expose Admin port for gateway service"
},
"resources": {
"type": "object",
"title": "Gateway pod resource config",
"description": "Configure resource request and limits by Gateway pod",
"properties": {
"requests": {
"type": "object",
"title": "Gateway resource requests",
"description": "Gateway resource requests configuration",
"properties": {
"memory": {
"type": "string",
"default": "300Mi",
"title": "Gateway pod memory request",
"description": "Gateway pod memory request",
"examples": [
"1Gi"
]
},
"cpu": {
"type": "string",
"default": "200m",
"title": "Gateway pod cpu request",
"description": "Gateway pod cpu request",
"examples": [
"1"
]
}
}
},
"limits": {
"type": "object",
"title": "Gateway resource limits",
"description": "Gateway resource limits configuration",
"properties": {
"memory": {
"type": "string",
"default": "1Gi",
"title": "Gateway pod memory limit",
"description": "Gateway pod memory limit",
"examples": [
"1Gi"
]
},
"cpu": {
"type": "string",
"default": "1000m",
"title": "Gateway pod cpu limit",
"description": "Gateway pod cpu limit",
"examples": [
"1"
]
}
}
}
}
}
}
},
"kanister": {
"type": "object",
"title": "Kanister config",
"description": "Configuration for Kanister service",
"properties": {
"backupTimeout": {
"type": "integer",
"default": 45,
"title": "Timeout on Kanister backup operations",
"description": "Timeout on Kanister backup operations in mins"
},
"restoreTimeout": {
"type": "integer",
"default": 600,
"title": "Timeout for Kanister restore operations",
"description": "Timeout for Kanister restore operations in mins"
},
"deleteTimeout": {
"type": "integer",
"default": 45,
"title": "Timeout for Kanister delete operations",
"description": "Timeout for Kanister delete operations in mins"
},
"hookTimeout": {
"type": "integer",
"default": 20,
"title": "Timeout for Kanister pre-hook and post-hook operations",
"description": "Timeout for Kanister pre-hook and post-hook operations in minutes"
},
"checkRepoTimeout": {
"type": "integer",
"default": 20,
"title": "Timeout for Kanister checkRepo operations",
"description": "Specify timeout to set on Kanister checkRepo operations in minutes"
},
"statsTimeout": {
"type": "integer",
"default": 20,
"title": "Timeout for Kanister stats operations",
"description": "Timeout for Kanister stats operations in minutes"
},
"efsPostRestoreTimeout": {
"type": "integer",
"default": 45,
"title": "Timeout for Kanister efsPostRestore operations",
"description": "Timeout for Kanister efsPostRestore operations in minutes"
},
"podReadyWaitTimeout": {
"type": "integer",
"default": 15,
"title": "Timeout for Kanister tooling pods to be ready",
"description": "Timeout for Kanister tooling pods to be ready during operations in minutes"
}
}
},
"awsConfig": {
"type": "object",
"title": "AWS config",
"description": "AWS config",
"properties": {
"assumeRoleDuration": {
"type": "string",
"default": "",
"title": "Duration of a session token generated by AWS for an IAM role",
"description": "The minimum value is 15 minutes and the maximum value is the maximum duration setting for that IAM role. For documentation about how to view and edit the maximum session duration for an IAM role see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session. The value accepts a number along with a single character 'm'(for minutes) or 'h' (for hours) Examples: 60m or 2h"
},
"efsBackupVaultName": {
"type": "string",
"default": "k10vault",
"title": "the AWS EFS backup vault name",
"description": "Set the AWS EFS backup vault name"
}
}
},
"azure": {
"type": "object",
"title": "Azure config",
"description": "Azure config",
"properties": {
"useDefaultMSI": {
"type": "boolean",
"default": false,
"title": "Use the default Managed Identity",
"description": "Set to true - profile does not need a secret, Default Managed Identity will be used"
}
}
},
"grafana": {
"type": "object",
"title": "Grafana config",
"description": "Settings for Grafana service",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "Enable Grafana service",
"description": "Deploy Grafana service. If false Grafana will not be available"
},
"prometheusName": {
"type": "string",
"default": "prometheus-server",
"title": "Prometheus server name",
"description": "Prometheus server name required by Grafana to query"
},
"prometheusPrefixURL": {
"type": "string",
"default": "/k10/prometheus",
"title": "Prometheus prefix URL",
"description": "URL for Prometheus datasource in Grafana (must match `prometheus.server.prefixURL`)"
},
"extraLabels": {
"type": "object",
"title": "Custom labels for all manifests",
"description": "Custom labels for all manifests",
"properties": {
"component": {
"type": "string",
"default": "grafana",
"title": "Component name",
"description": "Component name"
}
}
},
"podLabels": {
"type": "object",
"title": "Pod labels",
"description": "Pod labels",
"properties": {
"component": {
"type": "string",
"default": "grafana",
"title": "Component name",
"description": "Component name"
}
}
},
"rbac": {
"type": "object",
"title": "Grafana rbac config",
"description": "Configure Grafana rbac resources",
"properties": {
"namespaced": {
"type": "boolean",
"default": true,
"title": "Grant namespace scoped permissions",
"description": "Create Role if set true. Otherwise create ClusterRole"
},
"pspEnabled": {
"type": "boolean",
"default": false,
"title": "Grafana Pod Security Policy",
"description": "Enable Grafana Pod Security Policy"
}
}
}
}
},
"encryption": {
"type": "object",
"title": "Encryption config",
"description": "Encryption config",
"properties": {
"primaryKey": {
"type": "object",
"title": "primaryKey for encrypting of K10 primary key",
"description": "primaryKey is used for enabling encryption of K10 primary key",
"properties": {
"awsCmkKeyId": {
"type": "string",
"default": "",
"title": "The AWS CMK key ID for encrypting K10 Primary Key",
"description": "Ensures AWS CMK is used for encrypting K10 primary key"
},
"vaultTransitKeyName": {
"type": "string",
"default": "",
"title": "Vault transit Key Name",
"description": "Vault Transit key name for Vault integration"
},
"vaultTransitPath": {
"type": "string",
"default": "",
"title": "Vault transit path",
"description": "Vault transit path for Vault integration"
}
}
}
}
},
"vmWare": {
"type": "object",
"title": "VMWare integration config",
"properties": {
"taskTimeoutMin": {
"type": "integer",
"default": 60,
"title": "the timeout for VMWare operations",
"description": "the timeout for VMWare operations in minutes"
}
}
},
"vault": {
"type": "object",
"title": "Vault config",
"description": "Vault integration configuration",
"properties": {
"secretName": {
"type": "string",
"default": "",
"title": "Vault secret name",
"description": "Vault secret name"
},
"address": {
"type": "string",
"default": "http://vault.vault.svc:8200",
"title": "Vault address",
"description": "Specify Vault endpoint"
},
"role": {
"type": "string",
"default": "",
"title": "Vault Service Account Role",
"description": "Role that was bound to the service account name and namespace from cluster"
},
"serviceAccountTokenPath": {
"type": "string",
"default": "",
"title": "Token path for Vault Service Account Role",
"description": "Default: '/var/run/secrets/kubernetes.io/serviceaccount/token'"
}
}
},
"kubeVirtVMs": {
"type": "object",
"properties": {
"snapshot": {
"type": "object",
"properties": {
"unfreezeTimeout":{
"type": "string",
"title": "Unfreeze timeout for Virtual Machines",
"description": "Time within which K10 is expected to complete the Virtual Machine's backup and thaw the Virtual Machine.",
"default": "5m"
}
}
}
}
},
"excludedApps": {
"type": "array",
"items": {
"type": "string"
},
"default": ["kube-system", "kube-ingress", "kube-node-lease", "kube-public", "kube-rook-ceph"],
"title": "List of applications to be excluded",
"description": "List of applications to be excluded from the dashboard & compliance considerations"
},
"reporting": {
"type": "object",
"properties": {
"pdfReports": {
"title": "Enable PDF reports",
"description": "Enable download of PDF reports in the Dashboard",
"type": "boolean",
"default": true
}
}
},
"maxJobWaitDuration": {
"type": "string",
"default": "",
"title": "Maximum duration for jobs in minutes",
"description": "Set a maximum duration of waiting for child jobs. If the execution of the subordinate jobs exceeds this value, the parent job will be canceled. If no value is set, a default of 10 hours will be used"
}
}
}
Reference in New Issue View Git Blame Copy Permalink