forked from camunda/camunda-platform-helm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
values.yaml
1991 lines (1799 loc) · 107 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
# Default values for Camunda Platform helm.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# The values file follows helm best practices https://helm.sh/docs/chart_best_practices/values/
#
# This means:
# * Variable names should begin with a lowercase letter, and words should be separated with camelcase.
# * Every defined property in values.yaml should be documented. The documentation string should begin with the name of the property that it describes, and then give at least a one-sentence description
#
# Furthermore, we try to apply the following pattern: # [VarName] [conjunction] [definition]
#
# VarName:
#
# * In the documentation the variable name is started with a big letter, similar to kubernetes resource documentation.
# * If the variable is part of a subsection/object we use a json path expression (to make it more clear where the variable belongs to).
# The root (chart name) is omitted (e.g. zeebe). This is useful for using --set in helm.
#
# Conjunction:
# * [defines] for mandatory configuration
# * [can be used] for optional configuration
# * [if true] for toggles
# * [configuration] for section/group of variables
# Global configuration for variables which can be accessed by all sub charts
global:
# Annotations can be used to define common annotations, which should be applied to all deployments
annotations: {}
# Labels can be used to define common labels, which should be applied to all deployments
labels:
app: camunda-platform
# Image configuration to be used in each sub chart
# https://hub.docker.com/u/camunda
image:
# Image.registry can be used to set container image registry.
registry: ""
# Image.tag defines the tag / version which should be used in the chart
# Don't change the comment after the value, it's needed due to a bug yq. Check Makefile for more details.
# renovate: datasource=github-releases depName=camunda/camunda-platform versioning=semver
tag: 8.2.5 # global.image.tag
# Image.pullPolicy defines the image pull policy which should be used https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
pullPolicy: IfNotPresent
# Image.pullSecrets can be used to configure image pull secrets https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
pullSecrets: []
# Ingress configuration to configure the ingress resource
ingress:
# Ingress.enabled if true, an ingress resource is deployed. Only useful if an ingress controller is available, like Ingress-NGINX.
enabled: false
# Ingress.className defines the class or configuration of ingress which should be used by the controller
className: nginx
# Ingress.annotations defines the ingress related annotations, consumed mostly by the ingress controller
annotations:
ingress.kubernetes.io/rewrite-target: "/"
nginx.ingress.kubernetes.io/ssl-redirect: "false"
# Ingress.host can be used to define the host of the ingress rule. https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
# If not specified the rules applies to all inbound http traffic, if specified the rule applies to that host.
host: ""
# Ingress.tls configuration for tls on the ingress resource https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
tls:
# Ingress.tls.enabled if true, then tls is configured on the ingress resource. If enabled the Ingress.host need to be defined.
enabled: false
# Ingress.tls.secretName defines the secret name which contains the TLS private key and certificate
secretName: ""
# Elasticsearch configuration which is shared between the sub charts
elasticsearch:
# Elasticsearch.disableExporter if true, disables the elastic exporter in zeebe
disableExporter: false
# Elasticsearch.url can be used to configure the URL to access elasticsearch, if not set services fallback to host and port configuration
url:
# Elasticsearch.protocol defines the elasticsearch access protocol, by default HTTP.
protocol: http
# Elasticsearch.host defines the elasticsearch host, ideally the service name inside the namespace
host: "elasticsearch-master"
# Elasticsearch.port defines the elasticsearch port, under which elasticsearch can be accessed
port: 9200
# Elasticsearch.clusterName defines the cluster name which is used by Elasticsearch
clusterName: "elasticsearch"
# Elasticsearch.prefix defines the prefix which is used by the Zeebe Elasticsearch Exporter to create Elasticsearch indexes
prefix: zeebe-record
# ZeebeClusterName defines the cluster name for the Zeebe cluster. All Zeebe pods get this prefix in their name and the brokers uses that as cluster name.
zeebeClusterName: "{{ .Release.Name }}-zeebe"
# ZeebePort defines the port which is used for the Zeebe Gateway. This port accepts the GRPC Client messages and forwards them to the Zeebe Brokers.
zeebePort: 26500
# Identity configuration to configure identity specifics on global level, which can be accessed by other sub-charts
identity:
keycloak:
# Identity.keycloak.internal if true, it will configure an extra service with type "ExternalName".
# It's useful for using existing Keycloak in another namespace with and access it with the combined Ingress.
internal: false
# Identity.keycloak.url can be used incorporate with "identity.keycloak.enabled: false" to use your own Keycloak instead of the one comes with Camunda Platform Helm chart.
url: {}
# Example to produce the following URL "https://keycloak.prod.svc.cluster.local:8443":
# url:
# protocol: "https"
# host: "keycloak.prod.svc.cluster.local"
# port: "8443"
# Identity.keycloak.contextPath defines the endpoint of Keycloak which varies between Keycloak versions.
# In Keycloak v16.x.x it's hard-coded as '/auth', but in v19.x.x it's '/'.
contextPath: "/auth"
# Identity.keycloak.realm defines Keycloak realm path used for Camunda Platform.
realm: "/realms/camunda-platform"
# Identity.keycloak.auth same as "identity.keycloak.auth" but it's used for existing Keycloak.
auth: {}
# Identity.keycloak.auth.adminUser can be used to configure admin user to access existing Keycloak.
# adminUser: ""
# Identity.keycloak.auth.existingSecret can be used to configure existing Secret object which has admin password
# to access existing Keycloak.
# existingSecret: ""
# Identity.keycloak.auth.existingSecretKey can be used to configure the key inside existing Secret object
# which has admin password to access existing Keycloak.
# existingSecretKey: "admin-password"
# Identity.auth configuration, to configure Identity authentication setup
auth:
# Identity.auth.enabled if true, enables the Identity authentication otherwise basic-auth will be used on all services.
enabled: true
# Identity.auth.publicIssuerUrl defines the token issuer (Keycloak) URL, where the services can request JWT tokens.
# Should be publicly accessible, per default we assume a port-forward to Keycloak (18080) is created before login.
# Can be overwritten if ingress is in use and an external IP is available.
publicIssuerUrl: "http://localhost:18080/auth/realms/camunda-platform"
# Identity.auth.connectors configuration to configure Connectors authentication specifics on global level, which can be accessed by other sub-charts
connectors:
# Identity.auth.connectors.existingSecret can be used to use an own existing secret. If not set a random secret is generated.
# The existing secret should contain an `connectors-secret` field, which will be used as secret for the Identity-Connectors communication.
existingSecret: ""
# Identity.auth.operate configuration to configure Operate authentication specifics on global level, which can be accessed by other sub-charts
operate:
# Identity.auth.operate.existingSecret can be used to reference an existing secret. If not set, a random secret is generated.
# The existing secret should contain an `operate-secret` field, which will be used as secret for the Identity-Operate communication.
existingSecret:
# Identity.auth.operate.redirectUrl defines the redirect URL, which is used by Keycloak to access Operate.
# Should be publicly accessible, the default value works if a port-forward to Operate is created to 8081.
# Can be overwritten if ingress is in use and an external IP is available.
redirectUrl: "http://localhost:8081"
# Identity.auth.tasklist configuration to configure Tasklist authentication specifics on global level, which can be accessed by other sub-charts
tasklist:
# Identity.auth.tasklist.existingSecret can be used to use an own existing secret. If not set a random secret is generated.
# The existing secret should contain an `tasklist-secret` field, which will be used as secret for the Identity-Tasklist communication.
existingSecret:
# Identity.auth.tasklist.redirectUrl defines the root (or redirect) URL, which is used by Keycloak to access Tasklist.
# Should be publicly accessible, the default value works if a port-forward to Tasklist is created to 8082.
# Can be overwritten if ingress is in use and an external IP is available.
redirectUrl: "http://localhost:8082"
# Identity.auth.optimize configuration to configure Optimize authentication specifics on global level, which can be accessed by other sub-charts
optimize:
# Identity.auth.optimize.existingSecret can be used to use an own existing secret. If not set a random secret is generated.
# The existing secret should contain an `optimize-secret` field, which will be used as secret for the Identity-Optimize communication.
existingSecret:
# Identity.auth.optimize.redirectUrl defines the root (or redirect) URL, which is used by Keycloak to access Optimize.
# Should be publicly accessible, the default value works if a port-forward to Optimize is created to 8083.
# Can be overwritten if ingress is in use and an external IP is available.
redirectUrl: "http://localhost:8083"
# Identity.auth.webModeler configuration to configure Web Modeler authentication specifics on global level, which can be accessed by other sub-charts
webModeler:
# Identity.auth.webModeler.redirectUrl defines the root URL which is used by Keycloak to access Web Modeler.
# Should be publicly accessible, the default value works if a port-forward to Web Modeler is created to 8084.
# Can be overwritten if ingress is in use and an external IP is available.
redirectUrl: "http://localhost:8084"
# Identity.auth.zeebe configuration to configure Zeebe authentication specifics on global level, which can be accessed by other sub-charts
zeebe:
# Identity.auth.zeebe.existingSecret can be used to use an own existing secret. If not set a random secret is generated.
# The existing secret should contain an `zeebe-secret` field, which will be used as secret for the Identity-Zeebe communication.
existingSecret: ""
# Zeebe configuration for the Zeebe sub chart. Contains configuration for the Zeebe broker and related resources.
zeebe:
# Enabled if true, all zeebe related resources are deployed via the helm release
enabled: true
# Image configuration to configure the zeebe image specifics
image:
# Image.registry can be used to set container image registry.
registry: ""
# Image.repository defines which image repository to use
repository: camunda/zeebe
# Image.tag can be set to overwrite the global tag, which should be used in that chart
tag:
# Image.pullSecrets can be used to configure image pull secrets https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
pullSecrets: []
# ClusterSize defines the amount of brokers (=replicas), which are deployed via helm
clusterSize: "3"
# PartitionCount defines how many zeebe partitions are set up in the cluster
partitionCount: "3"
# ReplicationFactor defines how each partition is replicated, the value defines the number of nodes
replicationFactor: "3"
# Env can be used to set extra environment variables in each zeebe broker container
env:
- name: ZEEBE_BROKER_DATA_SNAPSHOTPERIOD
value: "5m"
- name: ZEEBE_BROKER_DATA_DISKUSAGECOMMANDWATERMARK
value: "0.85"
- name: ZEEBE_BROKER_DATA_DISKUSAGEREPLICATIONWATERMARK
value: "0.87"
# ConfigMap configuration which will be applied to the mounted config map.
configMap:
# ConfigMap.defaultMode can be used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
# See https://github.com/kubernetes/api/blob/master/core/v1/types.go#L1615-L1623
defaultMode: 0754
# Command can be used to override the default command provided by the container image. See https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/
command: []
# LogLevel defines the log level which is used by the zeebe brokers
logLevel: info
# Log4j2 can be used to overwrite the log4j2 configuration of the zeebe brokers
log4j2: ''
# JavaOpts can be used to set java options for the zeebe brokers
javaOpts: >-
-XX:+HeapDumpOnOutOfMemoryError
-XX:HeapDumpPath=/usr/local/zeebe/data
-XX:ErrorFile=/usr/local/zeebe/data/zeebe_error%p.log
-XX:+ExitOnOutOfMemoryError
# Service configuration for the broker service
service:
# Service.type defines the type of the service https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: ClusterIP
# Service.httpPort defines the port of the http endpoint, where for example metrics are provided
httpPort: 9600
# Service.httpName defines the name of the http endpoint, where for example metrics are provided
httpName: "http"
# Service.commandPort defines the port of the command api endpoint, where the broker commands are sent to
commandPort: 26501
# Service.commandName defines the name of the command api endpoint, where the broker commands are sent to
commandName: "command"
# Service.internalPort defines the port of the internal api endpoint, which is used for internal communication
internalPort: 26502
# Service.internalName defines the name of the internal api endpoint, which is used for internal communication
internalName: "internal"
# extraPorts can be used to expose any other ports which are required. Can be useful for exporters
extraPorts: []
# - name: hazelcast
# protocol: TCP
# port: 5701
# targetPort: 5701
# ServiceAccount configuration for the service account where the broker pods are assigned to
serviceAccount:
# ServiceAccount.enabled if true, enables the broker service account
enabled: true
# ServiceAccount.name can be used to set the name of the broker service account
name: ""
# ServiceAccount.annotations can be used to set the annotations of the broker service account
annotations: {}
# CpuThreadCount defines how many threads can be used for the processing on each broker pod
cpuThreadCount: "3"
# IoThreadCount defines how many threads can be used for the exporting on each broker pod
ioThreadCount: "3"
# Resources configuration to set request and limit configuration for the container https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits
resources:
requests:
cpu: 800m
memory: 1200Mi
limits:
cpu: 960m
memory: 1920Mi
# PersistenceType defines the type of persistence which is used by Zeebe. Possible values are: disk, local and memory.
# disk - means a persistence volume claim is configured and used
# local - means the data is stored into the container, no volumeMount nor volume nor claim is configured
# memory - means zeebe uses a tmpfs for the data persistence, be aware that this takes the limits into account
persistenceType: disk
# PvcSize defines the persistent volume claim size, which is used by each broker pod https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims
pvcSize: "32Gi"
# PvcAccessModes can be used to configure the persistent volume claim access mode https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes
pvcAccessModes: ["ReadWriteOnce"]
# PvcStorageClassName can be used to set the storage class name which should be used by the persistent volume claim. It is recommended to use a storage class, which is backed with a SSD.
pvcStorageClassName: ''
# ExtraVolumes can be used to define extra volumes for the broker pods, useful for additional exporters
extraVolumes: []
# ExtraVolumeMounts can be used to mount extra volumes for the broker pods, useful for additional exporters
extraVolumeMounts: []
# ExtraInitContainers can be used to set up extra init containers for the broker pods, useful for additional exporters
extraInitContainers: []
# PodAnnotations can be used to define extra broker pod annotations
podAnnotations: {}
# PodLabels can be used to define extra broker pod labels
podLabels: {}
# PodDisruptionBudget configuration to configure a pod disruption budget for the broker pods https://kubernetes.io/docs/tasks/run-application/configure-pdb/
podDisruptionBudget:
# PodDisruptionBudget.enabled if true a pod disruption budget is defined for the brokers
enabled: false
# PodDisruptionBudget.minAvailable can be used to set how many pods should be available. Be aware that if minAvailable is set, maxUnavailable will not be set (they are mutually exclusive).
minAvailable:
# podDisruptionBudget.maxUnavailable can be used to set how many pods should be at max. unavailable
maxUnavailable: 1
# PodSecurityContext defines the security options the Zeebe broker pod should be run with
podSecurityContext: {}
# ContainerSecurityContext defines the security options the Zeebe broker container should be run with
containerSecurityContext: {}
# StartupProbe configuration
startupProbe:
# StartupProbe.enabled if true, the startup probe is enabled in app container
enabled: false
# StartupProbe.probePath defines the startup probe route used on the app
probePath: /ready
# StartupProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# StartupProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# StartupProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# StartupProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# StartupProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# ReadinessProbe configuration
readinessProbe:
# ReadinessProbe.enabled if true, the readiness probe is enabled in app container
enabled: true
# ReadinessProbe.probePath defines the readiness probe route used on the app
probePath: /ready
# ReadinessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# ReadinessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# ReadinessProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# ReadinessProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# ReadinessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# LivenessProbe configuration
livenessProbe:
# LivenessProbe.enabled if true, the liveness probe is enabled in app container
enabled: false
# LivenessProbe.probePath defines the liveness probe route used on the app
probePath: /health
# LivenessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# LivenessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# LivenessProbe.successThreshold defines how often it needs to be true to be considered successful after having failed
successThreshold: 1
# LivenessProbe.failureThreshold defines when the probe is considered as failed so the container will be restarted
failureThreshold: 5
# LivenessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# NodeSelector can be used to define on which nodes the broker pods should run
nodeSelector: {}
# Tolerations can be used to define pod toleration's https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
tolerations: []
# Affinity can be used to define pod affinity or anti-affinity https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
# The default defined PodAntiAffinity allows constraining on which nodes the Zeebe pods are scheduled on https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
# It uses a hard requirement for scheduling and works based on the Zeebe pod labels
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "app.kubernetes.io/component"
operator: In
values:
- zeebe-broker
topologyKey: "kubernetes.io/hostname"
# PriorityClassName can be used to define the broker pods priority https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass
priorityClassName: ""
# Gateway configuration to define properties related to the standalone gateway
zeebe-gateway:
# Replicas defines how many standalone gateways are deployed
replicas: 2
# Image configuration to configure the zeebe-gateway image specifics
image:
# Image.registry can be used to set container image registry.
registry: ""
# Image.repository defines which image repository to use
repository: camunda/zeebe
# Image.tag can be set to overwrite the global tag, which should be used in that chart
tag:
# Image.pullSecrets can be used to configure image pull secrets https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
pullSecrets: []
# PodAnnotations can be used to define extra gateway pod annotations
podAnnotations: {}
# PodLabels can be used to define extra gateway pod labels
podLabels: {}
# LogLevel defines the log level which is used by the gateway
logLevel: info
# Log4j2 can be used to overwrite the log4j2 configuration of the gateway
log4j2: ''
# JavaOpts can be used to set java options for the zeebe gateways
javaOpts: >-
-XX:+ExitOnOutOfMemoryError
# Env can be used to set extra environment variables in each gateway container
env: []
# ConfigMap configuration which will be applied to the mounted config map.
configMap:
# ConfigMap.defaultMode can be used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
# See https://github.com/kubernetes/api/blob/master/core/v1/types.go#L1615-L1623
defaultMode: 0744
# Command can be used to override the default command provided by the container image. See https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/
command: []
# PodDisruptionBudget configuration to configure a pod disruption budget for the gateway pods https://kubernetes.io/docs/tasks/run-application/configure-pdb/
podDisruptionBudget:
# PodDisruptionBudget.enabled if true a pod disruption budget is defined for the gateways
enabled: false
# PodDisruptionBudget.minAvailable can be used to set how many pods should be available. Be aware that if minAvailable is set, maxUnavailable will not be set (they are mutually exclusive).
minAvailable: 1
# PodDisruptionBudget.maxUnavailable can be used to set how many pods should be at max. unavailable
maxUnavailable:
# Resources configuration to set request and limit configuration for the container https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits
resources:
requests:
cpu: 400m
memory: 450Mi
limits:
cpu: 400m
memory: 450Mi
# PriorityClassName can be used to define the gateway pods priority https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass
priorityClassName: ""
# PodSecurityContext defines the security options the gateway pod should be run with
podSecurityContext: {}
# ContainerSecurityContext defines the security options the gateway container should be run with
containerSecurityContext: {}
# StartupProbe configuration
startupProbe:
# StartupProbe.enabled if true, the startup probe is enabled in app container
enabled: false
# StartupProbe.probePath defines the startup probe route used on the app
probePath: /actuator/health/startup
# StartupProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# StartupProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# StartupProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# StartupProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# StartupProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# ReadinessProbe configuration
readinessProbe:
# ReadinessProbe.enabled if true, the readiness probe is enabled in app container
enabled: true
# ReadinessProbe.probePath defines the readiness probe route used on the app
probePath: /actuator/health
# ReadinessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# ReadinessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# ReadinessProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# ReadinessProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# ReadinessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# LivenessProbe configuration
livenessProbe:
# LivenessProbe.enabled if true, the liveness probe is enabled in app container
enabled: false
# LivenessProbe.probePath defines the liveness probe route used on the app
probePath: /actuator/health/liveness
# LivenessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# LivenessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# LivenessProbe.successThreshold defines how often it needs to be true to be considered successful after having failed
successThreshold: 1
# LivenessProbe.failureThreshold defines when the probe is considered as failed so the container will be restarted
failureThreshold: 5
# LivenessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# NodeSelector can be used to define on which nodes the gateway pods should run
nodeSelector: {}
# Tolerations can be used to define pod toleration's https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
tolerations: []
# Affinity can be used to define pod affinity or anti-affinity https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
# The default defined PodAntiAffinity allows constraining on which nodes the Zeebe gateway pods are scheduled on https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
# It uses a hard requirement for scheduling and works based on the Zeebe gateway pod labels
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "app.kubernetes.io/component"
operator: In
values:
- zeebe-gateway
topologyKey: "kubernetes.io/hostname"
# ExtraVolumeMounts can be used to mount extra volumes for the gateway pods, useful for enabling tls between gateway and broker
extraVolumeMounts: []
# ExtraVolumes can be used to define extra volumes for the gateway pods, useful for enabling tls between gateway and broker
extraVolumes: []
# ExtraInitContainers can be used to set up extra init containers for the gateway pods, useful for adding interceptors
extraInitContainers: []
# Service configuration for the gateway service
service:
# Service.type defines the type of the service https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: ClusterIP
# Service.loadBalancerIP defines public ip of the load balancer if the type is LoadBalancer
loadBalancerIP: ""
# Service.loadBalancerSourceRanges defines list of allowed source ip address ranges if the type is LoadBalancer
loadBalancerSourceRanges: []
# Service.httpPort defines the port of the http endpoint, where for example metrics are provided
httpPort: 9600
# Service.httpName defines the name of the http endpoint, where for example metrics are provided
httpName: "http"
# Service.gatewayPort defines the port of the gateway endpoint, where client commands (grpc) are sent to
gatewayPort: 26500
# Service.gatewayName defines the name of the gateway endpoint, where client commands (grpc) are sent to
gatewayName: "gateway"
# Service.internalPort defines the port of the internal api endpoint, which is used for internal communication
internalPort: 26502
# Service.internalName defines the name of the internal api endpoint, which is used for internal communication
internalName: "internal"
# Service.annotations can be used to define annotations, which will be applied to the zeebe-gateway service
annotations: {}
# ServiceAccount configuration for the service account where the gateway pods are assigned to
serviceAccount:
# ServiceAccount.enabled if true, enables the gateway service account
enabled: true
# ServiceAccount.name can be used to set the name of the gateway service account
name: ""
# ServiceAccount.annotations can be used to set the annotations of the gateway service account
annotations: {}
# Ingress configuration to configure the ingress resource
ingress:
# Ingress.enabled if true, an ingress resource is deployed with the Zeebe gateway deployment. Only useful if an ingress controller is available, like nginx.
enabled: false
# Ingress.className defines the class or configuration of ingress which should be used by the controller
className: nginx
# Ingress.annotations defines the ingress related annotations, consumed mostly by the ingress controller
annotations:
ingress.kubernetes.io/rewrite-target: "/"
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
# Ingress.path defines the path which is associated with the operate service and port https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
path: /
# Ingress.host can be used to define the host of the ingress rule. https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
# If not specified the rules applies to all inbound http traffic, if specified the rule applies to that host.
host: ""
# Ingress.tls configuration for tls on the ingress resource https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
tls:
# Ingress.tls.enabled if true, then tls is configured on the ingress resource. If enabled the Ingress.host need to be defined.
enabled: false
# Ingress.tls.secretName defines the secret name which contains the TLS private key and certificate
secretName: ""
# Operate configuration for the Operate sub chart.
operate:
# Enabled if true, the Operate deployment and its related resources are deployed via a helm release
enabled: true
# Image configuration to configure the Operate image specifics
image:
# Image.registry can be used to set container image registry.
registry: ""
# Image.repository defines which image repository to use
repository: camunda/operate
# Image.tag can be set to overwrite the global tag, which should be used in that chart
tag:
# Image.pullSecrets can be used to configure image pull secrets https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
pullSecrets: []
# ContextPath can be used to make Operate web application works on a custom sub-path. This is mainly used to run Camunda Platform web applications under a single domain.
# contextPath: "/operate"
# PodAnnotations can be used to define extra Operate pod annotations
podAnnotations: {}
# PodLabels can be used to define extra Operate pod labels
podLabels: {}
# Logging configuration for the Operate logging. This template will be directly included in the Operate configuration yaml file
logging:
level:
ROOT: INFO
io.camunda.operate: DEBUG
# Service configuration to configure the Operate service.
service:
# Service.type defines the type of the service https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: ClusterIP
# Service.port defines the port of the service, where the Operate web application will be available
port: 80
# Service.annotations can be used to define annotations, which will be applied to the Operate service
annotations: {}
# Resources configuration to set request and limit configuration for the container https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits
resources:
requests:
cpu: 600m
memory: 400Mi
limits:
cpu: 2000m
memory: 2Gi
# Env can be used to set extra environment variables in each Operate container
env: []
# ConfigMap configuration which will be applied to the mounted config map.
configMap:
# ConfigMap.defaultMode can be used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
# See https://github.com/kubernetes/api/blob/master/core/v1/types.go#L1615-L1623
defaultMode: 0744
# Command can be used to override the default command provided by the container image. See https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/
command: []
# ExtraVolumes can be used to define extra volumes for the Operate pods, useful for tls and self-signed certificates
extraVolumes: []
# ExtraVolumeMounts can be used to mount extra volumes for the Operate pods, useful for tls and self-signed certificates
extraVolumeMounts: []
# ServiceAccount configuration for the service account where the Operate pods are assigned to
serviceAccount:
# ServiceAccount.enabled if true, enables the Operate service account
enabled: true
# ServiceAccount.name can be used to set the name of the Operate service account
name: ""
# ServiceAccount.annotations can be used to set the annotations of the Operate service account
annotations: {}
# Ingress configuration to configure the ingress resource
ingress:
# Ingress.enabled if true, an ingress resource is deployed with the Operate deployment. Only useful if an ingress controller is available, like nginx.
enabled: false
# Ingress.className defines the class or configuration of ingress which should be used by the controller
className: nginx
# Ingress.annotations defines the ingress related annotations, consumed mostly by the ingress controller
annotations:
ingress.kubernetes.io/rewrite-target: "/"
nginx.ingress.kubernetes.io/ssl-redirect: "false"
# Ingress.path defines the path which is associated with the Operate service and port https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
path: /
# Ingress.host can be used to define the host of the ingress rule. https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
# If not specified the rules applies to all inbound http traffic, if specified the rule applies to that host.
host: ""
# Ingress.tls configuration for tls on the ingress resource https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
tls:
# Ingress.tls.enabled if true, then tls is configured on the ingress resource. If enabled the Ingress.host need to be defined.
enabled: false
# Ingress.tls.secretName defines the secret name which contains the TLS private key and certificate
secretName: ""
# PodSecurityContext defines the security options the Operate pod should be run with
podSecurityContext: {}
# ContainerSecurityContext defines the security options the Operate container should be run with
containerSecurityContext: {}
# StartupProbe configuration
startupProbe:
# StartupProbe.enabled if true, the startup probe is enabled in app container
enabled: false
# StartupProbe.probePath defines the startup probe route used on the app
probePath: /actuator/health/readiness
# StartupProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# StartupProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# StartupProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# StartupProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# StartupProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# ReadinessProbe configuration
readinessProbe:
# ReadinessProbe.enabled if true, the readiness probe is enabled in app container
enabled: true
# ReadinessProbe.probePath defines the readiness probe route used on the app
probePath: /actuator/health/readiness
# ReadinessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# ReadinessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# ReadinessProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# ReadinessProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# ReadinessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# LivenessProbe configuration
livenessProbe:
# LivenessProbe.enabled if true, the liveness probe is enabled in app container
enabled: false
# LivenessProbe.probePath defines the liveness probe route used on the app
probePath: /actuator/health/liveness
# LivenessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# LivenessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# LivenessProbe.successThreshold defines how often it needs to be true to be considered successful after having failed
successThreshold: 1
# LivenessProbe.failureThreshold defines when the probe is considered as failed so the container will be restarted
failureThreshold: 5
# LivenessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# NodeSelector can be used to define on which nodes the Operate pods should run
nodeSelector: {}
# Tolerations can be used to define pod toleration's https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
tolerations: []
# Affinity can be used to define pod affinity or anti-affinity https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
# Tasklist configuration for the tasklist sub chart.
tasklist:
# Enabled if true, the tasklist deployment and its related resources are deployed via a helm release
enabled: true
# Image configuration to configure the tasklist image specifics
image:
# Image.registry can be used to set container image registry.
registry: ""
# Image.repository defines which image repository to use
repository: camunda/tasklist
# Image.tag can be set to overwrite the global tag, which should be used in that chart
tag:
# Image.pullSecrets can be used to configure image pull secrets https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
pullSecrets: []
# ContextPath can be used to make Tasklist web application works on a custom sub-path. This is mainly used to run Camunda Platform web applications under a single domain.
# contextPath: "/tasklist"
# Env can be used to set extra environment variables on each Tasklist container
env: []
# PodAnnotations can be used to define extra Tasklist pod annotations
podAnnotations: {}
# PodLabels can be used to define extra tasklist pod labels
podLabels: {}
# ConfigMap configuration which will be applied to the mounted config map.
configMap:
# ConfigMap.defaultMode can be used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
# See https://github.com/kubernetes/api/blob/master/core/v1/types.go#L1615-L1623
defaultMode: 0744
# Command can be used to override the default command provided by the container image. See https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/
command: []
# Service configuration to configure the tasklist service.
service:
# Service.type defines the type of the service https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: ClusterIP
# Service.port defines the port of the service, where the tasklist web application will be available
port: 80
# GraphqlPlaygroundEnabled if true, enables the graphql playground
graphqlPlaygroundEnabled: ""
# GraphqlPlaygroundEnabled can be set to include the credentials in each request, should be set to "include" if graphql playground is enabled
graphqlPlaygroundRequestCredentials: ""
# ExtraVolumes can be used to define extra volumes for the Tasklist pods, useful for tls and self-signed certificates
extraVolumes: []
# ExtraVolumeMounts can be used to mount extra volumes for the Tasklist pods, useful for tls and self-signed certificates
extraVolumeMounts: []
# PodSecurityContext defines the security options the Tasklist pod should be run with
podSecurityContext: {}
# ContainerSecurityContext defines the security options the Tasklist container should be run with
containerSecurityContext: {}
# StartupProbe configuration
startupProbe:
# StartupProbe.enabled if true, the startup probe is enabled in app container
enabled: false
# StartupProbe.probePath defines the startup probe route used on the app
probePath: /actuator/health/readiness
# StartupProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# StartupProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# StartupProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# StartupProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# StartupProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# ReadinessProbe configuration
readinessProbe:
# ReadinessProbe.enabled if true, the readiness probe is enabled in app container
enabled: true
# ReadinessProbe.probePath defines the readiness probe route used on the app
probePath: /actuator/health/readiness
# ReadinessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# ReadinessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# ReadinessProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# ReadinessProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# ReadinessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# LivenessProbe configuration
livenessProbe:
# LivenessProbe.enabled if true, the liveness probe is enabled in app container
enabled: false
# LivenessProbe.probePath defines the liveness probe route used on the app
probePath: /actuator/health/liveness
# LivenessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# LivenessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# LivenessProbe.successThreshold defines how often it needs to be true to be considered successful after having failed
successThreshold: 1
# LivenessProbe.failureThreshold defines when the probe is considered as failed so the container will be restarted
failureThreshold: 5
# LivenessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# NodeSelector can be used to define on which nodes the Tasklist pods should run
nodeSelector: {}
# Tolerations can be used to define pod toleration's https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
tolerations: []
# Affinity can be used to define pod affinity or anti-affinity https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
# Resources configuration to set request and limit configuration for the container https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits
resources:
requests:
cpu: 400m
memory: 1Gi
limits:
cpu: 1000m
memory: 2Gi
# Ingress configuration to configure the ingress resource
ingress:
# Ingress.enabled if true, an ingress resource is deployed with the tasklist deployment. Only useful if an ingress controller is available, like nginx.
enabled: false
# Ingress.className defines the class or configuration of ingress which should be used by the controller
className: nginx
# Ingress.annotations defines the ingress related annotations, consumed mostly by the ingress controller
annotations:
ingress.kubernetes.io/rewrite-target: "/"
nginx.ingress.kubernetes.io/ssl-redirect: "false"
# Ingress.path defines the path which is associated with the operate service and port https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
path: /
# Ingress.host can be used to define the host of the ingress rule. https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
# If not specified the rules applies to all inbound http traffic, if specified the rule applies to that host.
host:
tls:
# Ingress.tls.enabled if true, then tls is configured on the ingress resource. If enabled the Ingress.host need to be defined.
enabled: false
# Ingress.tls.secretName defines the secret name which contains the TLS private key and certificate
secretName: ""
# Optimize configuration for the Optimize sub chart.
optimize:
# Enabled if true, the Optimize deployment and its related resources are deployed via a helm release
enabled: true
# Image configuration to configure the Optimize image specifics
# https://hub.docker.com/r/camunda/optimize/tags
image:
# Image.registry can be used to set container image registry.
registry: ""
# Image.repository defines which image repository to use
repository: camunda/optimize
# Image.tag can be set to overwrite the global tag, which should be used in that chart
# Don't change the comment after the value, it's needed due to a bug yq. Check Makefile for more details.
tag: 3.10.1 # optimize.image.tag
# Image.pullSecrets can be used to configure image pull secrets https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
pullSecrets: []
# ContextPath can be used to make Optimize web application works on a custom sub-path. This is mainly used to run Camunda Platform web applications under a single domain.
# contextPath: "/optimize"
# PodAnnotations can be used to define extra Optimize pod annotations
podAnnotations: {}
# PodLabels can be used to define extra Optimize pod labels
podLabels: {}
# PartitionCount defines how many Zeebe partitions are set up in the cluster and which should be imported by Optimize
partitionCount: "3"
# Env can be used to set extra environment variables in each Optimize container
env: []
# Command can be used to override the default command provided by the container image. See https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/
command: []
# ExtraVolumes can be used to define extra volumes for the Optimize pods, useful for tls and self-signed certificates
extraVolumes: []
# ExtraVolumeMounts can be used to mount extra volumes for the Optimize pods, useful for tls and self-signed certificates
extraVolumeMounts: []
# ServiceAccount configuration for the service account where the Optimize pods are assigned to
serviceAccount:
# ServiceAccount.enabled if true, enables the Optimize service account
enabled: true
# ServiceAccount.name can be used to set the name of the Optimize service account
name: ""
# ServiceAccount.annotations can be used to set the annotations of the Optimize service account
annotations: {}
# Service configuration to configure the Optimize service.
service:
# Service.type defines the type of the service https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: ClusterIP
# Service.port defines the port of the service, where the Optimize web application will be available
port: 80
# Service.annotations can be used to define annotations, which will be applied to the Optimize service
annotations: {}
# Service.managementPort defines the port where actuator will be available. Also required to reach backup API
managementPort: 8092
# PodSecurityContext defines the security options the Optimize pod should be run with
podSecurityContext: {}
# ContainerSecurityContext defines the security options the Optimize container should be run with
containerSecurityContext: {}
# StartupProbe configuration
startupProbe:
# StartupProbe.enabled if true, the startup probe is enabled in app container
enabled: false
# StartupProbe.probePath defines the startup probe route used on the app
probePath: /api/readyz
# StartupProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# StartupProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# StartupProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# StartupProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# StartupProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# ReadinessProbe configuration
readinessProbe:
# ReadinessProbe.enabled if true, the readiness probe is enabled in app container
enabled: true
# ReadinessProbe.probePath defines the readiness probe route used on the app
probePath: /api/readyz
# ReadinessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# ReadinessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# ReadinessProbe.successThreshold defines how often it needs to be true to be marked as ready, after failure
successThreshold: 1
# ReadinessProbe.failureThreshold defines when the probe is considered as failed so the Pod will be marked Unready
failureThreshold: 5
# ReadinessProbe.timeoutSeconds defines the seconds after the probe times out
timeoutSeconds: 1
# LivenessProbe configuration
livenessProbe:
# LivenessProbe.enabled if true, the liveness probe is enabled in app container
enabled: false
# LivenessProbe.probePath defines the liveness probe route used on the app
probePath: /api/readyz
# LivenessProbe.initialDelaySeconds defines the number of seconds after the container has started before
# the probe is initiated.
initialDelaySeconds: 30
# LivenessProbe.periodSeconds defines how often the probe is executed
periodSeconds: 30
# LivenessProbe.successThreshold defines how often it needs to be true to be considered successful after having failed
successThreshold: 1