andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/kasten/k10/templates/k10-config.yaml

249 lines
10 KiB
YAML
Raw Blame History

kind: ConfigMap
apiVersion: v1
metadata:
labels:
{{ include "helm.labels" . | indent 4 }}
namespace: {{ .Release.Namespace }}
name: k10-config
data:
loglevel: {{ .Values.logLevel | quote }}
{{- if .Values.clusterName }}
clustername: {{ quote .Values.clusterName }}
{{- end }}
version: {{ .Chart.AppVersion }}
multiClusterVersion: {{ include "k10.multiClusterVersion" . | quote }}
modelstoredirname: "//mnt/k10state/kasten-io/"
apiDomain: {{ include "apiDomain" . }}
concurrentSnapConversions: {{ include "k10.defaultConcurrentSnapshotConversions" . | quote }}
concurrentWorkloadSnapshots: {{ include "k10.defaultConcurrentWorkloadSnapshots" . | quote }}
k10DataStoreParallelUpload: {{ include "k10.defaultK10DataStoreParallelUpload" . | quote }}
k10DataStoreGeneralContentCacheSizeMB: {{ include "k10.defaultK10DataStoreGeneralContentCacheSizeMB" . | quote }}
k10DataStoreGeneralMetadataCacheSizeMB: {{ include "k10.defaultK10DataStoreGeneralMetadataCacheSizeMB" . | quote }}
k10DataStoreRestoreContentCacheSizeMB: {{ include "k10.defaultK10DataStoreRestoreContentCacheSizeMB" . | quote }}
k10DataStoreRestoreMetadataCacheSizeMB: {{ include "k10.defaultK10DataStoreRestoreMetadataCacheSizeMB" . | quote }}
K10BackupBufferFileHeadroomFactor: {{ include "k10.defaultK10BackupBufferFileHeadroomFactor" . | quote }}
AWSAssumeRoleDuration: {{ default (include "k10.defaultAssumeRoleDuration" .) .Values.awsConfig.assumeRoleDuration | quote }}
KanisterBackupTimeout: {{ default (include "k10.defaultKanisterBackupTimeout" .) .Values.kanister.backupTimeout | quote }}
KanisterRestoreTimeout: {{ default (include "k10.defaultKanisterRestoreTimeout" .) .Values.kanister.restoreTimeout | quote }}
KanisterDeleteTimeout: {{ default (include "k10.defaultKanisterDeleteTimeout" .) .Values.kanister.deleteTimeout | quote }}
KanisterHookTimeout: {{ default (include "k10.defaultKanisterHookTimeout" .) .Values.kanister.hookTimeout | quote }}
KanisterCheckRepoTimeout: {{ default (include "k10.defaultKanisterCheckRepoTimeout" .) .Values.kanister.checkRepoTimeout | quote }}
KanisterStatsTimeout: {{ default (include "k10.defaultKanisterStatsTimeout" .) .Values.kanister.statsTimeout | quote }}
KanisterEFSPostRestoreTimeout: {{ default (include "k10.defaultKanisterEFSPostRestoreTimeout" .) .Values.kanister.efsPostRestoreTimeout | quote }}
KanisterPodReadyWaitTimeout: {{ .Values.kanister.podReadyWaitTimeout | quote }}
K10MutatingWebhookTLSCertDir: "/etc/ssl/certs/webhook"
K10LimiterGenericVolumeSnapshots: {{ default (include "k10.defaultK10LimiterGenericVolumeSnapshots" .) .Values.limiter.genericVolumeSnapshots | quote }}
K10LimiterGenericVolumeCopies: {{ default (include "k10.defaultK10LimiterGenericVolumeCopies" .) .Values.limiter.genericVolumeCopies | quote }}
K10LimiterGenericVolumeRestores: {{ default (include "k10.defaultK10LimiterGenericVolumeRestores" .) .Values.limiter.genericVolumeRestores | quote }}
K10LimiterCsiSnapshots: {{ default (include "k10.defaultK10LimiterCsiSnapshots" .) .Values.limiter.csiSnapshots | quote }}
K10LimiterProviderSnapshots: {{ default (include "k10.defaultK10LimiterProviderSnapshots" .) .Values.limiter.providerSnapshots | quote }}
K10ExecutorWorkerCount: {{ default (include "k10.defaultK10ExecutorWorkerCount" .) .Values.services.executor.workerCount | quote }}
K10ExecutorMaxConcurrentRestoreCsiSnapshots: {{ default (include "k10.defaultK10ExecutorMaxConcurrentRestoreCsiSnapshots" .) .Values.services.executor.maxConcurrentRestoreCsiSnapshots | quote }}
K10ExecutorMaxConcurrentRestoreGenericVolumeSnapshots: {{ default (include "k10.defaultK10ExecutorMaxConcurrentRestoreGenericVolumeSnapshots" .) .Values.services.executor.maxConcurrentRestoreGenericVolumeSnapshots | quote }}
K10ExecutorMaxConcurrentRestoreWorkloads: {{ default (include "k10.defaultK10ExecutorMaxConcurrentRestoreWorkloads" .) .Values.services.executor.maxConcurrentRestoreWorkloads | quote }}
K10GCDaemonPeriod: {{ default (include "k10.defaultK10GCDaemonPeriod" .) .Values.garbagecollector.daemonPeriod | quote }}
K10GCKeepMaxActions: {{ default (include "k10.defaultK10GCKeepMaxActions" .) .Values.garbagecollector.keepMaxActions | quote }}
K10GCImportRunActionsEnabled: {{ default (include "k10.defaultK10GCImportRunActionsEnabled" .) .Values.garbagecollector.importRunActions.enabled | quote }}
K10GCRetireActionsEnabled: {{ default (include "k10.defaultK10GCRetireActionsEnabled" .) .Values.garbagecollector.retireActions.enabled | quote }}
kubeVirtVMsUnFreezeTimeout: {{ default (include "k10.defaultKubeVirtVMsUnfreezeTimeout" .) .Values.kubeVirtVMs.snapshot.unfreezeTimeout | quote }}
K10RootlessContainers: {{ default (include "k10.defaultK10RootlessContainers" .) ( not ( empty .Values.global.rootlessContainers ) ) | quote }}
{{- if .Values.awsConfig.efsBackupVaultName }}
efsBackupVaultName: {{ quote .Values.awsConfig.efsBackupVaultName }}
{{- end }}
{{- if .Values.excludedApps }}
excludedApps: '{{ join "," .Values.excludedApps }}'
{{- end }}
{{- if .Values.vmWare.taskTimeoutMin }}
vmWareTaskTimeoutMin: {{ quote .Values.vmWare.taskTimeoutMin }}
{{- end }}
{{- include "get.kanisterPodCustomLabels" . | indent 2}}
{{- include "get.kanisterPodCustomAnnotations" . | indent 2}}
{{- if .Values.kanisterFunctionVersion }}
kanisterFunctionVersion: {{ .Values.kanisterFunctionVersion | quote }}
{{- else }}
kanisterFunctionVersion: {{ quote "v1.0.0-alpha" }}
{{- end }}
{{- if eq "true" (include "overwite.kanisterToolsImage" .) }}
{{- if (include "get.kanisterToolsImage" .) }}
overwriteKanisterTools: {{ include "get.kanisterToolsImage" .}}
{{- end }}
{{- end }}
{{- include "kanisterToolsResources" . | indent 2 }}
{{ if .Values.features }}
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
{{ include "helm.labels" . | indent 4 }}
namespace: {{ .Release.Namespace }}
name: k10-features
data:
{{ include "k10.features" . | indent 2}}
{{ end }}
{{ if .Values.auth.dex.enabled }}
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
{{ include "helm.labels" . | indent 4 }}
name: k10-dex
namespace: {{ .Release.Namespace }}
data:
config.yaml: |
issuer: {{ .Values.auth.oidcAuth.providerURL }}
storage:
type: memory
web:
http: 0.0.0.0:8080
logger:
level: info
format: text
connectors:
- type: oidc
id: google
name: Google
config:
issuer: {{ .Values.auth.dex.providerURL }}
clientID: {{ .Values.auth.oidcAuth.clientID }}
clientSecret: {{ .Values.auth.oidcAuth.clientSecret }}
redirectURI: {{ .Values.auth.dex.redirectURL }}
scopes:
- openid
- profile
- email
oauth2:
skipApprovalScreen: true
staticClients:
- name: 'K10'
id: {{ .Values.auth.oidcAuth.clientID }}
secret: {{ .Values.auth.oidcAuth.clientSecret }}
redirectURIs:
- {{ printf "%s/k10/auth-svc/v0/oidc/redirect" .Values.auth.oidcAuth.redirectURL }}
enablePasswordDB: true
staticPasswords:
{{ end }}
{{ if .Values.auth.openshift.enabled }}
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
{{ include "helm.labels" . | indent 4 }}
name: k10-dex
namespace: {{ .Release.Namespace }}
data:
config.yaml: |
issuer: {{ printf "%s/dex" (trimSuffix "/" .Values.auth.openshift.dashboardURL) }}
storage:
type: memory
web:
http: 0.0.0.0:8080
logger:
level: info
format: text
connectors:
- type: openshift
id: openshift
name: OpenShift
config:
issuer: {{ .Values.auth.openshift.openshiftURL }}
clientID: {{printf "system:serviceaccount:%s:%s" .Release.Namespace .Values.auth.openshift.serviceAccount }}
clientSecret: {{ .Values.auth.openshift.clientSecret }}
redirectURI: {{ printf "%s/dex/callback" (trimSuffix "/" .Values.auth.openshift.dashboardURL) }}
insecureCA: {{ .Values.auth.openshift.insecureCA }}
{{- if and (eq (include "check.cacertconfigmap" .) "false") .Values.auth.openshift.useServiceAccountCA }}
rootCA: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
{{- end }}
oauth2:
skipApprovalScreen: true
staticClients:
- name: 'K10'
id: kasten
secret: kastensecret
redirectURIs:
- {{ printf "%s/auth-svc/v0/oidc/redirect" (trimSuffix "/" .Values.auth.openshift.dashboardURL) }}
{{ end }}
{{ if .Values.auth.ldap.enabled }}
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
{{ include "helm.labels" . | indent 4 }}
name: k10-dex
namespace: {{ .Release.Namespace }}
data:
config.yaml: |
issuer: {{ printf "%s/dex" (trimSuffix "/" .Values.auth.ldap.dashboardURL) }}
storage:
type: memory
web:
http: 0.0.0.0:8080
frontend:
dir: {{ include "k10.dexFrontendDir" . }}
theme: custom
logoURL: theme/kasten-logo.svg
logger:
level: info
format: text
connectors:
- type: ldap
id: ldap
name: LDAP
config:
host: {{ .Values.auth.ldap.host }}
insecureNoSSL: {{ .Values.auth.ldap.insecureNoSSL }}
insecureSkipVerify: {{ .Values.auth.ldap.insecureSkipVerifySSL }}
startTLS: {{ .Values.auth.ldap.startTLS }}
bindDN: {{ .Values.auth.ldap.bindDN }}
bindPW: BIND_PASSWORD_PLACEHOLDER
userSearch:
baseDN: {{ .Values.auth.ldap.userSearch.baseDN }}
filter: {{ .Values.auth.ldap.userSearch.filter }}
username: {{ .Values.auth.ldap.userSearch.username }}
idAttr: {{ .Values.auth.ldap.userSearch.idAttr }}
emailAttr: {{ .Values.auth.ldap.userSearch.emailAttr }}
nameAttr: {{ .Values.auth.ldap.userSearch.nameAttr }}
preferredUsernameAttr: {{ .Values.auth.ldap.userSearch.preferredUsernameAttr }}
groupSearch:
baseDN: {{ .Values.auth.ldap.groupSearch.baseDN }}
filter: {{ .Values.auth.ldap.groupSearch.filter }}
nameAttr: {{ .Values.auth.ldap.groupSearch.nameAttr }}
{{- with .Values.auth.ldap.groupSearch.userMatchers }}
userMatchers:
{{ toYaml . | indent 10 }}
{{- end }}
oauth2:
skipApprovalScreen: true
staticClients:
- name: 'K10'
id: kasten
secret: kastensecret
redirectURIs:
- {{ printf "%s/auth-svc/v0/oidc/redirect" (trimSuffix "/" .Values.auth.ldap.dashboardURL) }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: k10-logos-dex
namespace: {{ .Release.Namespace }}
binaryData:
{{- $files := .Files }}
{{- range tuple "files/favicon.png" "files/kasten-logo.svg" "files/styles.css" }}
{{ trimPrefix "files/" . }}: |-
{{ $files.Get . | b64enc }}
{{- end }}
{{ end }}
Reference in New Issue View Git Blame Copy Permalink