Nautobot is a Network Source of Truth and Network Automation Platform.
- Kubernetes 1.12+
- Helm 3.1.x
- Persistent Volume (PV) provisioning support (Required if deploying the PostgreSQL chart)
helm repo add nautobot https://nautobot.github.io/helm-charts/
To install the chart with the release name nautobot (NOTE: the release name is a label completely up to the user) DB and Redis passwords are required:
helm install nautobot nautobot/nautobot --set postgresql.postgresqlPassword="change-me" --set redis.auth.password="change-me"
This command deploys Nautobot, on the Kubernetes cluster, in the default configuration. The Values section lists the parameters that can be customized during installation.
Tip: List all releases using
helm list
Immediately after install Helm will present the user with help text similar to the following:
*********************************************************************
*** PLEASE BE PATIENT: Nautobot may take a few minutes to install ***
*********************************************************************
1. Get the Nautobot URL:
echo "Nautobot URL: http://127.0.0.1:8080/"
kubectl port-forward --namespace default svc/nautobot 8080:80
2. Get your Nautobot login admin credentials by running:
echo Username: admin
echo Password: $(kubectl get secret --namespace default nautobot-env -o jsonpath="{.data.NAUTOBOT_SUPERUSER_PASSWORD}" | base64 --decode)
echo api-token: $(kubectl get secret --namespace default nautobot-env -o jsonpath="{.data.NAUTOBOT_SUPERUSER_API_TOKEN}" | base64 --decode)
This message should include basic information about connecting to Nautobot as well as accessing the superuser credentials if they were created. Nautobot can take several minutes to deploy, you will need to wait until that is complete before accessing Nautobot.
After several minutes, by default, a Nautobot super user will be created and you will be able to log in to Nautobot. The default username is admin and the default password
was randomly generated by helm, you can find the password by running the following command:
kubectl get secret nautobot-env -o jsonpath="{.data.NAUTOBOT_SUPERUSER_PASSWORD}" | base64 --decode
When deploying a helm chart there are several different methods to apply alternate configuration values. One option is via the command line using the
--set argument, however, changing multiple variables becomes tedious, a better approach to changing multiple values is to create a YAML file and add the --values custom_values.yaml argument.
The following examples/recommendations demonstrate the usage of a custom YAML file to apply these values. All of the available options are documented in the values section, however,
the Nautobot application-specific values are summarized in the Nautobot Application Values section below.
The following settings are the bare minimum required values to deploy this chart:
postgresql:
postgresqlPassword: "change-me"
redis:
auth:
password: "change-me"This will deploy a PostgreSQL database and a Redis instance for Nautobot in the same namespace.
To utilize an external database the following values are available for configuration:
nautobot:
db:
engine: "django.db.backends.postgresql"
host: "db.example.com"
name: "nautobot_db_name"
password: "nautobot_db_user_password"
port: 5432
timeout: 300
user: "nautobot_db_username"
postgresql:
enabled: falseTo enable TLS within the deployment of Nautobot and the embedded Bitnami PostgreSQL subchart set the following helm values:
postgresql:
volumePermissions:
enabled: true
tls:
enabled: true
autoGenerated: true
# certificatesSecret: "nautobot-postgres-crt"
# certFilename: "tls.crt"
# certKeyFilename: "tls.key"
# certCAFilename: "ca.crt"This will autogenerate certificates for use with Postgres. Unfortunately, to force Nautobot to use Postgres over SSL a custom nautobot_config.py must be created and the following values set in nautobot_config.py:
DATABASES["default"]["OPTIONS"] = {"sslmode": "require"}To utilize an external redis deployment the following values are available for configuration:
nautobot:
redis:
host: "redis.example.com"
password: "nautobot_redis_user_password"
port: 6379
ssl: true
username: "nautobot_redis_username"
redis:
enabled: falseTo enable TLS within the deployment of Nautobot and the embedded Bitnami Redis subchart set the following helm values:
nautobot:
redis:
ssl: true
extraVolumeMounts:
- mountPath: "/opt/nautobot/redis"
name: "redis-tls"
extraVolumes:
- name: "redis-tls"
secret:
secretName: "nautobot-redis-crt"
celeryBeat:
extraVolumeMounts:
- mountPath: "/opt/nautobot/redis"
name: "redis-tls"
extraVolumes:
- name: "redis-tls"
secret:
secretName: "nautobot-redis-crt"
celeryWorker:
replicaCount: 1
resources: {}
extraVolumeMounts:
- mountPath: "/opt/nautobot/redis"
name: "redis-tls"
extraVolumes:
- name: "redis-tls"
secret:
secretName: "nautobot-redis-crt"
redis:
tls:
enabled: true
authClients: false
autoGenerated: true
# certificatesSecret: "nautobot-redis-crt"
# certFilename: "tls.crt"
# certKeyFilename: "tls.key"
# certCAFilename: "ca.crt"This will autogenerate certificates for use with Redis. Unfortunately, this CA will not be trusted by Nautobot. In order to trust these certificates in Nautobot, a custom nautobot_config.py must be created and the following values set in nautobot_config.py:
import ssl
DATABASES["default"]["OPTIONS"] = {"sslmode": "require"}
CACHES["default"]["OPTIONS"]["CONNECTION_POOL_KWARGS"] = {
"ssl_cert_reqs": ssl.CERT_REQUIRED,
"ssl_ca_certs": "/opt/nautobot/redis/ca.crt",
"ssl_certfile": "/opt/nautobot/redis/tls.crt",
"ssl_keyfile": "/opt/nautobot/redis/tls.key",
}
CELERY_REDIS_BACKEND_USE_SSL = {
"ssl_cert_reqs": ssl.CERT_REQUIRED,
"ssl_ca_certs": "/opt/nautobot/redis/ca.crt",
"ssl_certfile": "/opt/nautobot/redis/tls.crt",
"ssl_keyfile": "/opt/nautobot/redis/tls.key",
}
CELERY_BROKER_USE_SSL = CELERY_REDIS_BACKEND_USE_SSL
CACHEOPS_REDIS = {
"host": os.getenv("NAUTOBOT_REDIS_HOST", "localhost"),
"port": int(os.getenv("NAUTOBOT_REDIS_PORT", 6379)),
"password": os.getenv("NAUTOBOT_REDIS_PASSWORD", ""),
"ssl": True,
"ssl_cert_reqs": ssl.CERT_REQUIRED,
"ssl_ca_certs": "/opt/nautobot/redis/ca.crt",
"ssl_certfile": "/opt/nautobot/redis/tls.crt",
"ssl_keyfile": "/opt/nautobot/redis/tls.key",
}The secret name will change based on your Helm release name. It is also possible and likely more secure to generate your own certificates and secrets, doing so is beyond the scope of this documentation, however, is described in the additional resources listed below.
- Redis TLS Encryption
- Bitnami Redis Helm Chart Administration - Enabling TLS
- Bitnami Redis Helm Chart Readme - Using TLS
Redis Sentinel provides a highly available Redis implementation. To enable Sentinel with the Bitnami Redis subchart set the following helm values:
redis:
architecture: "replication"
sentinel:
enabled: true
masterSet: nautobotNautobot requires some additional configuration via a custom nautobot_config.py with the following values set in nautobot_config.py:
DJANGO_REDIS_CONNECTION_FACTORY = "django_redis.pool.SentinelConnectionFactory"
CACHES = {
"default": {
"BACKEND": "django_redis.cache.RedisCache",
"LOCATION": "redis://nautobot/0",
"OPTIONS": {
"CLIENT_CLASS": "django_redis.client.SentinelClient",
"SENTINELS": [(os.getenv("NAUTOBOT_REDIS_HOST"), 26379)],
"PASSWORD": os.getenv("NAUTOBOT_REDIS_PASSWORD"),
"SENTINEL_KWARGS": {"password": os.getenv("NAUTOBOT_REDIS_PASSWORD")},
"CONNECTION_POOL_CLASS": "redis.sentinel.SentinelConnectionPool",
},
},
}
CACHEOPS_REDIS = False
CACHEOPS_SENTINEL = {
"locations": [(os.getenv("NAUTOBOT_REDIS_HOST"), 26379)],
"service_name": "nautobot",
"socket_timeout": 10,
"db": 1,
"sentinel_kwargs": {"password": os.getenv("NAUTOBOT_REDIS_PASSWORD")},
"password": os.getenv("NAUTOBOT_REDIS_PASSWORD"),
}
CELERY_BROKER_URL = (
f"sentinel://:{os.getenv('NAUTOBOT_REDIS_PASSWORD')}@{os.getenv('NAUTOBOT_REDIS_HOST')}:26379"
)
CELERY_BROKER_TRANSPORT_OPTIONS = {
"master_name": "nautobot",
"sentinel_kwargs": {"password": os.getenv("NAUTOBOT_REDIS_PASSWORD")},
}
CELERY_RESULT_BACKEND = CELERY_BROKER_URL
CELERY_RESULT_BACKEND_TRANSPORT_OPTIONS = CELERY_BROKER_TRANSPORT_OPTIONSSee the Nautobot caching documentation for more information on configuring Nautobot with Sentinel.
This helm chart's support for Redis Sentinel is still in an early alpha/beta phase you should use this feature cautiously.
If you don't want to pass values through helm for either Redis or PostgreSQL there are a few options. If you want to deploy PostgreSQL and Redis with this chart:
-
Create a secret with both PostgreSQL and Redis passwords:
kubectl create secret generic my-secret --from-literal=postgresql-password=change-me --from-literal=NAUTOBOT_REDIS_PASSWORD=change-me -
Use the following values to install the helm chart:
postgresql: existingSecret: "my-secret" redis: auth: existingSecret: "my-secret" existingSecretPasswordKey: "NAUTOBOT_REDIS_PASSWORD"
If you are using external PostgreSQL and Redis servers you can use the following values:
nautobot:
db:
existingSecret: "my-secret"
existingSecretPasswordKey: "postgresql-password"
redis:
existingSecret: "my-secret"
postgresql:
enabled: false
redis:
enabled: falseYou can use various combinations of existingSecret and existingSecretPasswordKey options depending on the existing secrets you have deployed. (NOTE: The Bitnami PostgreSQL chart does require the key name to be "postgresql-password")
MySQL support was added in Nautobot 1.1.0 and is optionally supported with this helm chart. This support is provided by the Bitnami MariaDB chart. To enable MariaDB use the following values:
postgresql:
enabled: false
mariadb:
enabled: true
auth:
password: "change-me"MariaDB supports an existing secret as well:
mariadb:
auth:
existingSecret: "my-secret"Use existing secret for password details (auth.rootPassword, auth.password, auth.replicationPassword will be ignored and picked up from this secret). The secret has to contain the keys mariadb-root-password, mariadb-replication-password and mariadb-password
This chart supports the deployment of PostgreSQL in a Highly Available (HA) fasion as provided by the Bitnami PostgreSQL-HA chart. To enable HA PostgreSQL use the following values:
postgresql:
enabled: false
postgresqlha:
enabled: true
postgresql:
password: "change-me"
repmgrPassword: "change-me"
postgresPassword: "change-me"
pgpool:
adminPassword: "change-me"It is important to note all 4 passwords as they will be required during an upgrade. PostgreSQL supports existing secrets as well when configured with the following values:
postgresqlha:
postgresql:
existingSecret: "my-secret"
pgpool:
existingSecret: "my-secret"This secret can be created with:
kubectl create secret generic my-secret --from-literal=admin-password=change-me --from-literal=postgresql-password=change-me --from-literal=postgresql-postgres-password=change-me --from-literal=repmgr-password=change-me
This helm chart's support for PosgreSQL HA is still in an early alpha/beta phase you should use this feature cautiously.
In Nautobot 1.1.0 the RQ worker was deprecated by the Celery worker, there are some use cases where the RQ worker may still be necessary. To enable it:
rqWorker:
enabled: trueTo enable ingress, the following values are available for configuration:
ingress:
enabled: true
hostname: nautobot.example.com
tls: true
secretName: myingress-cert
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrdThe Helm chart supports configuring annotations for your ingress provider if needed. The annotations provided above are an example for the Traefik ingress provider.
If you are using the AWS Load Balancer Controller the following values are an example of how an ALB might be deployed:
ingress:
enabled: true
hostname: nautobot.example.com
pathType: "Prefix"
annotations:
kubernetes.io/ingress.class: "alb"
alb.ingress.kubernetes.io/tags: "Name=nautobot-loadbalancer,Organization=IT"
alb.ingress.kubernetes.io/scheme: "internet-facing"
alb.ingress.kubernetes.io/ip-address-type: "dualstack"
alb.ingress.kubernetes.io/target-type: "ip"
alb.ingress.kubernetes.io/backend-protocol: "HTTPS"
alb.ingress.kubernetes.io/healthcheck-protocol: "HTTP"
alb.ingress.kubernetes.io/healthcheck-port: "8080"
alb.ingress.kubernetes.io/healthcheck-path: "/health/"
alb.ingress.kubernetes.io/healthcheck-interval-seconds: "10"
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "8"
alb.ingress.kubernetes.io/healthy-threshold-count: "2"
alb.ingress.kubernetes.io/unhealthy-threshold-count: "2"
alb.ingress.kubernetes.io/security-groups: "nautobot-alb-sg"
alb.ingress.kubernetes.io/group.name: "nautobot-loadbalancer"
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:us-west-2:xxxxx:certificate/xxxxxxx"
extraPaths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotationNot all of the annotations are required, please see the AWS Load Balancer Controller documentation for more information.
To replace the entire nautobot_config.py configuration file with a custom file use the nautobot.config value. For example, if your custom nautobot_config.py file is located at ./path/to/nautobot_config.py with other helm values in ./my_values.yaml you can install the chart using:
helm install nautobot nautobot/nautobot -f ./my_values.yaml --set-file nautobot.config=./path/to/nautobot_config.py
To replace the entire uwsgi.ini file with a custom file use the nautobot.uWSGIini value. For example, if your custom uwsgi.ini file is located at ./path/to/uwsgi.ini with other helm values in ./my_values.yaml you can install the chart using:
helm install nautobot nautobot/nautobot -f ./my_values.yaml --set-file nautobot.uWSGIini=./path/to/uwsgi.ini
If you have the Prometheus Operator installed the following values can be used to deploy ServiceMonitor resources:
metrics:
enabled: true
prometheusRule:
enabled: true
postgresql:
metrics:
enabled: true
serviceMonitor:
enabled: true
redis:
metrics:
enabled: true
serviceMonitor:
enabled: trueWhen deploying this chart in production, it is recommended to set or at least be aware of the following values:
nautobot:
replicaCount: 2 # In production this should be >= 2
metrics: true
secretKey: "" # In a production system this value should be recorded and used when restoring the DB if necessary
superUser:
enabled: false # In production a superuser should be created manually
extraVars:
- name: "NAUTOBOT_BANNER_TOP"
value: "Production"
postgresql:
enabled: true # Consider utilizing an external HA database rather than the built-in database
postgresqlPassword: "change-me"
redis:
enabled: true # Consider utilizing an external HA redis rather than the built-in redis
auth:
password: "change-me"PostgreSQL HA and Redis Sentinel should be considered when deploying in production, however, support for these services within this helm chart are in early alpha/beta stages, use cautiously.
| Key | Type | Default | Description |
|---|---|---|---|
| nautobot.allowedHosts | string | "*" |
ref Space seperated list of Nautobot allowed hosts (NAUTOBOT_ALLOWED_HOSTS) |
| nautobot.config | string | "" |
ref Replace the entire nautobot_config.py file with this value |
| nautobot.db.engine | string | "django.db.backends.postgresql" |
ref Nautobot database engine, valid values: django.db.backends.postgresql and django.db.backends.mysql (NAUTOBOT_DB_ENGINE) |
| nautobot.db.existingSecret | string | "" |
Name of existing secret to use for Database passwords |
| nautobot.db.existingSecretPasswordKey | string | "NAUTOBOT_DB_PASSWORD" |
Password key to be retrieved from existing secret |
| nautobot.db.host | string | "postgres" |
ref Nautobot external database hostname, ignored if postgresql.enabled is true (NAUTOBOT_DB_HOST) |
| nautobot.db.name | string | "nautobot" |
ref Nautobot external database name, ignored if postgresql.enabled is true (NAUTOBOT_DB_NAME) |
| nautobot.db.password | string | "" |
ref Nautobot external database password, ignored if postgresql.enabled is true (NAUTOBOT_DB_PASSWORD) |
| nautobot.db.port | int | 5432 |
ref Nautobot external database port, ignored if postgresql.enabled is true (NAUTOBOT_DB_PORT) |
| nautobot.db.timeout | int | 300 |
ref Nautobot database timeout (NAUTOBOT_DB_TIMEOUT) |
| nautobot.db.user | string | "nautobot" |
ref Nautobot external database username, ignored if postgresql.enabled is true (NAUTOBOT_DB_USER) |
| nautobot.debug | bool | false |
ref Enable Nautobot Debug (NAUTOBOT_DEBUG) |
| nautobot.extraVars | list | [] |
An array of envirnoment variable objects (name and value are required) to add to ALL Nautobot related deployments (i.e. celeryWorker and rqWorker) |
| nautobot.logLevel | string | "INFO" |
Log Level used for Celery logging, valid values: CRITICAL, ERROR, WARNING, INFO, DEBUG |
| nautobot.metrics | bool | true |
ref Enable Prometheus metrics endpoint (NAUTOBOT_METRICS_ENABLED) |
| nautobot.redis.existingSecret | string | "" |
Name of existing secret to use for Redis passwords |
| nautobot.redis.existingSecretPasswordKey | string | "NAUTOBOT_REDIS_PASSWORD" |
Password key to be retrieved from existing secret |
| nautobot.redis.host | string | "" |
ref Nautobot external redis hostname, ignored if redis.enabled is true (NAUTOBOT_REDIS_HOST) |
| nautobot.redis.password | string | "" |
ref Nautobot external redis password, ignored if redis.enabled is true (NAUTOBOT_REDIS_PASSWORD) |
| nautobot.redis.port | int | 6379 |
ref Nautobot external redis port, ignored if redis.enabled is true (NAUTOBOT_REDIS_PORT) |
| nautobot.redis.ssl | bool | false |
ref Nautobot external redis ssl enabled, ignored if redis.enabled is true (NAUTOBOT_REDIS_SSL) |
| nautobot.redis.username | string | "" |
ref Nautobot external redis username, ignored if redis.enabled is true (NAUTOBOT_REDIS_USERNAME) |
| nautobot.secretKey | string | "" |
ref Nautobot Secret Key (NAUTOBOT_SECRET_KEY) |
| nautobot.superUser.apitoken | string | "" |
ref Configure an API key for the super user if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_API_TOKEN) |
| nautobot.superUser.email | string | "[email protected]" |
ref Configure an email address for the super user if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_EMAIL) |
| nautobot.superUser.enabled | bool | true |
ref Create a new super user account in Nautobot once deployed (NAUTOBOT_CREATE_SUPERUSER) |
| nautobot.superUser.password | string | "" |
ref Password to use for the super user to be created if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_NAME), if unset a random password will be generated |
| nautobot.superUser.username | string | "admin" |
ref User name to use for the super user to be created if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_NAME) |
| nautobot.uWSGIini | string | "" |
ref Replace the entire uwsgi.ini file with this value |
The Nautobot helm chart uses the Bitnami PostgreSQL chart as a subchart. To configure PostgreSQL use
the postgresql key, any postgresql.* values are passed directly to that chart.
The Nautobot helm chart uses the Bitnami Redis chart as a subchart. To configure PostgreSQL use
the redis key, any redis.* values are passed directly to that chart.
The recommended method of backing up Nautobot is simply to get a database dump from PostgreSQL:
export POSTGRES_PASSWORD=$(kubectl get secret --namespace nautobot nautobot-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode)
echo $POSTGRES_PASSWORD | kubectl exec -itn nautobot statefulset.apps/nautobot-postgresql -- pg_dump --username nautobot --clean --if-exists nautobot > backup.sql
NOTE: The name of the secret is dependent on the helm release name and may be different in your envirnoment.
Make sure to save your NAUTOBOT_SECRET_KEY in a safe place as well:
kubectl get secret nautobot-env -o jsonpath="{.data.NAUTOBOT_SECRET_KEY}" | base64 --decode
These commands specific to your deployment can be found by inspecting the notes provided after the install:
helm status nautobot
In addition please make sure to note ALL values used to deploy this helm chart:
helm get values -o yaml nautobot > nautobot.values.yaml
As with any backup procedure, these steps should be validated in your environment before relying on them in production.
This procedure assumes the Backup Nautobot procedure was followed from above.
Install Nautobot using the previous helm values:
helm install nautobot nautobot/nautobot -f nautobot.values.yaml
Upload the backup and restore:
kubectl cp backup.sql nautobot-postgresql-0:/tmp
export POSTGRES_PASSWORD=$(kubectl get secret --namespace nautobot nautobot-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode)
echo $POSTGRES_PASSWORD | kubectl exec -itn default statefulset.apps/nautobot-postgresql -- psql -U nautobot -f /tmp/backup.sql
Following the normal helm upgrade procedures is sufficient for upgrading during this release:
helm repo update nautobot
helm upgrade nautobot nautobot/nautobot -f nautobot.values.yaml
When using Nautobot as a subchart make sure to include the following in your Chart.yaml:
dependencies:
- condition: "nautobot.enabled"
name: "nautobot"
repository: "https://nautobot.github.io/helm-charts/"
version: "1.x.x"The global values will be shared between the parent and child charts. Nautobot can be enabled by setting nautobot.enabled to true. Other Nautobot settings would then be found under the nautobot key in your parent chart's yaml file. For more information on subcharts checkout the helm documentation.
Running nautobot-server invalidate all will invalidate the Redis for Nautobot. If Redis is deployed as part of this chart you will run into an error:
redis.exceptions.ResponseError: unknown command `FLUSHDB`, with args beginning with:
This is because by default the FLUSHDB command is disabled in the Bitnami Redis chart. To enable this use the following values:
redis:
master:
disableCommands: []
replica:
disableCommands: []To uninstall/delete the nautobot deployment:
helm delete nautobot
| Repository | Name | Version |
|---|---|---|
| https://charts.bitnami.com/bitnami | common | 1.x.x |
| https://charts.bitnami.com/bitnami | mariadb | 10.x.x |
| https://charts.bitnami.com/bitnami | postgresql | 10.x.x |
| https://charts.bitnami.com/bitnami | postgresqlha(postgresql-ha) | 8.x.x |
| https://charts.bitnami.com/bitnami | redis | 16.x.x |
| Key | Type | Default | Description |
|---|---|---|---|
| celeryBeat.affinity | object | {} |
ref Affinity for Nautobot Celery Beat pods assignment |
| celeryBeat.args | list | [] |
Override default Nautobot Celery Beat container args (useful when using custom images) |
| celeryBeat.command | list | See values.yaml | Override default Nautobot Celery Beat container command (useful when using custom images) |
| celeryBeat.containerSecurityContext | object | See values.yaml | ref Nautobot Celery Beat Container Security Context |
| celeryBeat.enabled | bool | true |
Enables the Celery Beat (scheduled jobs) for Nautobot |
| celeryBeat.extraEnvVars | list | [] |
Extra Env Vars to set only on the Nautobot Celery Beat pods |
| celeryBeat.extraEnvVarsCM | list | [] |
List of names of existing ConfigMaps containing extra env vars for Nautobot Celery Beat pods |
| celeryBeat.extraEnvVarsSecret | list | [] |
List of names of existing Secrets containing extra env vars for Nautobot Celery Beat pods |
| celeryBeat.extraVolumeMounts | list | [] |
List of additional volumeMounts for the Nautobot Celery Beat containers |
| celeryBeat.extraVolumes | list | [] |
List of additional volumes for the Nautobot Celery Beat pod |
| celeryBeat.hostAliases | list | [] |
ref Nautobot Celery Beat pods host aliases |
| celeryBeat.initContainers | list | [] |
ref Add additional init containers to the Nautobot Celery Beat pods |
| celeryBeat.lifecycleHooks | object | {} |
lifecycleHooks for the Nautobot Celery Beat container(s) to automate configuration before or after startup |
| celeryBeat.livenessProbe | object | See values.yaml | ref Nautobot Celery Beat liveness probe |
| celeryBeat.nodeAffinityPreset | object | See values.yaml | ref Nautobot Celery Beat Node Affinity preset |
| celeryBeat.nodeAffinityPreset.key | string | "" |
Node label key to match. Ignored if nautobot.affinity is set |
| celeryBeat.nodeAffinityPreset.type | string | "" |
Nautobot Celery Beat Node affinity preset type. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| celeryBeat.nodeAffinityPreset.values | list | [] |
Node label values to match. Ignored if nautobot.affinity is set |
| celeryBeat.nodeSelector | object | {} |
ref Node labels for Nautobot Celery Beat pods assignment |
| celeryBeat.podAffinityPreset | string | "" |
ref Nautobot Celery Beat Pod affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| celeryBeat.podAnnotations | object | {} |
ref Annotations for Nautobot Celery Beat pods |
| celeryBeat.podAntiAffinityPreset | string | "soft" |
ref Nautobot Celery Beat Pod anti-affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| celeryBeat.podLabels | object | {} |
ref Extra labels for Nautobot Celery Beat pods |
| celeryBeat.podSecurityContext | object | See values.yaml | ref Nautobot Celery Beat Pods Security Context |
| celeryBeat.priorityClassName | string | "" |
Nautobot Celery Beat pods' priorityClassName |
| celeryBeat.readinessProbe | object | See values.yaml | ref Nautobot Celery Beat readiness probe |
| celeryBeat.resources | object | See values.yaml | ref Nautobot Celery Beat resource requests and limits |
| celeryBeat.revisionHistoryLimit | int | 3 |
ref Number of old ReplicaSets to retain |
| celeryBeat.sidecars | list | [] |
Add additional sidecar containers to the Nautobot Celery Beat pods |
| celeryBeat.tolerations | list | [] |
ref Tolerations for Nautobot Celery Beat pods assignment |
| celeryBeat.updateStrategy.type | string | "RollingUpdate" |
ref Nautobot Celery Beat Deployment strategy type |
| celeryWorker.affinity | object | {} |
ref Affinity for Nautobot Celery Worker pods assignment |
| celeryWorker.args | list | [] |
Override default Nautobot Celery Worker container args (useful when using custom images) |
| celeryWorker.autoscaling | object | See values.yaml | ref Define a horizontal pod autoscaler |
| celeryWorker.autoscaling.enabled | bool | false |
Add an horizontal pod autoscaler for the Celery Worker (beta) |
| celeryWorker.command | list | See values.yaml | Override default Nautobot Celery Worker container command (useful when using custom images) |
| celeryWorker.containerSecurityContext | object | See values.yaml | ref Nautobot Celery Worker Container Security Context |
| celeryWorker.enabled | bool | true |
Enables the Celery Worker for Nautobot |
| celeryWorker.extraEnvVars | list | [] |
Extra Env Vars to set only on the Nautobot Celery Worker pods |
| celeryWorker.extraEnvVarsCM | list | [] |
List of names of existing ConfigMaps containing extra env vars for Nautobot Celery Worker pods |
| celeryWorker.extraEnvVarsSecret | list | [] |
List of names of existing Secrets containing extra env vars for Nautobot Celery Worker pods |
| celeryWorker.extraVolumeMounts | list | [] |
List of additional volumeMounts for the Nautobot Celery Worker containers |
| celeryWorker.extraVolumes | list | [] |
List of additional volumes for the Nautobot Celery Worker pod |
| celeryWorker.hostAliases | list | [] |
ref Nautobot Celery Worker pods host aliases |
| celeryWorker.initContainers | list | [] |
ref Add additional init containers to the Nautobot Celery Worker pods |
| celeryWorker.lifecycleHooks | object | {} |
lifecycleHooks for the Nautobot Celery Worker container(s) to automate configuration before or after startup |
| celeryWorker.livenessProbe | object | See values.yaml | ref Nautobot Celery Worker liveness probe |
| celeryWorker.nodeAffinityPreset | object | See values.yaml | ref Nautobot Celery Worker Node Affinity preset |
| celeryWorker.nodeAffinityPreset.key | string | "" |
Node label key to match. Ignored if nautobot.affinity is set |
| celeryWorker.nodeAffinityPreset.type | string | "" |
Nautobot Celery Worker Node affinity preset type. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| celeryWorker.nodeAffinityPreset.values | list | [] |
Node label values to match. Ignored if nautobot.affinity is set |
| celeryWorker.nodeSelector | object | {} |
ref Node labels for Nautobot Celery Worker pods assignment |
| celeryWorker.pdb | object | See values.yaml | ref Nautobot Pod Distribution Budget |
| celeryWorker.podAffinityPreset | string | "" |
ref Nautobot Celery Worker Pod affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| celeryWorker.podAnnotations | object | {} |
ref Annotations for Nautobot Celery Worker pods |
| celeryWorker.podAntiAffinityPreset | string | "soft" |
ref Nautobot Celery Worker Pod anti-affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| celeryWorker.podLabels | object | {} |
ref Extra labels for Nautobot Celery Worker pods |
| celeryWorker.podSecurityContext | object | See values.yaml | ref Nautobot Celery Worker Pods Security Context |
| celeryWorker.priorityClassName | string | "" |
Nautobot Celery Worker pods' priorityClassName |
| celeryWorker.readinessProbe | object | See values.yaml | ref Nautobot Celery Worker readiness probe |
| celeryWorker.replicaCount | int | 2 |
Number of Nautobot Celery Workers replicas to deploy |
| celeryWorker.resources | object | See values.yaml | ref Nautobot Celery Worker resource requests and limits |
| celeryWorker.revisionHistoryLimit | int | 3 |
ref Number of old ReplicaSets to retain |
| celeryWorker.sidecars | list | [] |
Add additional sidecar containers to the Nautobot Celery Worker pods |
| celeryWorker.tolerations | list | [] |
ref Tolerations for Nautobot Celery Worker pods assignment |
| celeryWorker.updateStrategy.type | string | "RollingUpdate" |
ref Nautobot Celery Worker Deployment strategy type |
| commonAnnotations | object | {} |
Annotations to be applied to ALL resources created by this chart |
| ingress.annotations | object | {} |
Ingress annotations defined as key:value pairs, see the documentation for your specific Ingress provider for more details |
| ingress.apiVersion | string | nil |
Override API Version (automatically detected if not set) |
| ingress.backendProtocol | string | "https" |
The backend protocol to for the Ingress to communicate with the Nautobot containers, valid values: http, and https |
| ingress.enabled | bool | false |
Enable Ingress resource creation |
| ingress.extraHosts | list | [] |
The list of additional hostnames to be covered with this ingress record. Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array |
| ingress.extraPaths | list | [] |
Any additional arbitrary paths that may need to be added to the ingress under the main host. For example: The ALB ingress controller requires a special rule for handling SSL redirection. |
| ingress.extraTls | list | [] |
ref The tls configuration for additional hostnames to be covered with this ingress record. |
| ingress.hostname | string | "nautobot.local" |
Ingress Hostname |
| ingress.ingressClassName | string | "" |
Ingress Class Name |
| ingress.path | string | "/" |
The Path to Nautobot. You may need to set this to '/*' in order to use this with ALB ingress controllers. |
| ingress.pathType | string | "Prefix" |
Ingress resource pathType valid values ImplementationSpecific, Exact, or Prefix |
| ingress.secretName | string | "nautobot-tls" |
The name of the secret to use for the TLS certificate |
| ingress.tls | bool | false |
Enable TLS configuration for the hostname defined at ingress.hostname parameter |
| mariadb.auth.database | string | "nautobot" |
ref MariaDB database name |
| mariadb.auth.password | string | "" |
ref MariaDB user password |
| mariadb.auth.rootPassword | string | "" |
ref MariaDB root user password |
| mariadb.auth.username | string | "nautobot" |
ref MariaDB username |
| mariadb.enabled | bool | false |
Enable deployment of the Bitnami mariadb chart, all other redis.* parameters will be passed directly to that chart |
| mariadb.image.pullPolicy | string | "Always" |
|
| mariadb.metrics.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| mariadb.metrics.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| mariadb.metrics.containerSecurityContext.readOnlyRootFilesystem | bool | true |
|
| mariadb.primary.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| mariadb.primary.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| mariadb.primary.containerSecurityContext.readOnlyRootFilesystem | bool | false |
|
| mariadb.primary.extraEnvVars[0].name | string | "MARIADB_CHARACTER_SET" |
|
| mariadb.primary.extraEnvVars[0].value | string | "utf8mb4" |
|
| mariadb.primary.extraEnvVars[1].name | string | "MARIADB_COLLATE" |
|
| mariadb.primary.extraEnvVars[1].value | string | "utf8mb4_bin" |
|
| mariadb.primary.podSecurityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| mariadb.secondary.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| mariadb.secondary.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| mariadb.secondary.containerSecurityContext.readOnlyRootFilesystem | bool | false |
|
| mariadb.secondary.extraEnvVars[0].name | string | "MARIADB_CHARACTER_SET" |
|
| mariadb.secondary.extraEnvVars[0].value | string | "utf8mb4" |
|
| mariadb.secondary.extraEnvVars[1].name | string | "MARIADB_COLLATE" |
|
| mariadb.secondary.extraEnvVars[1].value | string | "utf8mb4_bin" |
|
| mariadb.secondary.podSecurityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| metrics.capacityMetrics.enabled | bool | false |
Enable serviceMonitor for Nautobot Capacity Metrics (Requires custom image) |
| metrics.capacityMetrics.interval | string | "5m" |
ref Prometheus scrape interval for Nautobot Capacity Metrics serviceMonitor |
| metrics.capacityMetrics.labels | object | {} |
Additional labels for the for Nautobot Capacity Metrics serviceMonitor Object |
| metrics.capacityMetrics.scrapeTimeout | string | "1m" |
ref Prometheus scrape timeout for Nautobot Capacity Metrics serviceMonitor |
| metrics.enabled | bool | false |
Enable and configure a Prometheus serviceMonitor (requires the Prometheus Operator) |
| metrics.prometheusRule | object | See values.yaml | Enable and configure Prometheus Rules. |
| metrics.prometheusRule.rules | list | See alerting rules documentation | Configure additional rules for the chart. |
| metrics.serviceMonitor.interval | string | "1m" |
ref Prometheus scrape interval |
| metrics.serviceMonitor.labels | object | {} |
Additional labels for the serviceMonitor Object |
| metrics.serviceMonitor.scrapeTimeout | string | "30s" |
ref Prometheus scrape timeout |
| nautobot.affinity | object | {} |
ref Affinity for Nautobot pods assignment |
| nautobot.allowedHosts | string | "*" |
ref Space seperated list of Nautobot allowed hosts (NAUTOBOT_ALLOWED_HOSTS) |
| nautobot.args | list | [] |
Override default Nautobot container args (useful when using custom images) |
| nautobot.autoscaling | object | See values.yaml | ref Define a horizontal pod autoscaler |
| nautobot.autoscaling.enabled | bool | false |
Add an horizontal pod autoscaler for Nautobot (beta) |
| nautobot.command | list | [] |
Override default Nautobot container command (useful when using custom images) |
| nautobot.config | string | "" |
ref Replace the entire nautobot_config.py file with this value |
| nautobot.containerSecurityContext | object | See values.yaml | ref Nautobot Container Security Context |
| nautobot.db.engine | string | "django.db.backends.postgresql" |
ref Nautobot database engine, valid values: django.db.backends.postgresql and django.db.backends.mysql (NAUTOBOT_DB_ENGINE) |
| nautobot.db.existingSecret | string | "" |
Name of existing secret to use for Database passwords |
| nautobot.db.existingSecretPasswordKey | string | "NAUTOBOT_DB_PASSWORD" |
Password key to be retrieved from existing secret |
| nautobot.db.host | string | "postgres" |
ref Nautobot external database hostname, ignored if postgresql.enabled is true (NAUTOBOT_DB_HOST) |
| nautobot.db.name | string | "nautobot" |
ref Nautobot external database name, ignored if postgresql.enabled is true (NAUTOBOT_DB_NAME) |
| nautobot.db.password | string | "" |
ref Nautobot external database password, ignored if postgresql.enabled is true (NAUTOBOT_DB_PASSWORD) |
| nautobot.db.port | int | 5432 |
ref Nautobot external database port, ignored if postgresql.enabled is true (NAUTOBOT_DB_PORT) |
| nautobot.db.timeout | int | 300 |
ref Nautobot database timeout (NAUTOBOT_DB_TIMEOUT) |
| nautobot.db.user | string | "nautobot" |
ref Nautobot external database username, ignored if postgresql.enabled is true (NAUTOBOT_DB_USER) |
| nautobot.debug | bool | false |
ref Enable Nautobot Debug (NAUTOBOT_DEBUG) |
| nautobot.extraEnvVars | list | [] |
Extra Env Vars to set only on the Nautobot server pods |
| nautobot.extraEnvVarsCM | list | [] |
List of names of existing ConfigMaps containing extra env vars for Nautobot server pods |
| nautobot.extraEnvVarsSecret | list | [] |
List of names of existing Secrets containing extra env vars for Nautobot server pods |
| nautobot.extraVars | list | [] |
An array of envirnoment variable objects (name and value are required) to add to ALL Nautobot related deployments (i.e. celeryWorker and rqWorker) |
| nautobot.extraVolumeMounts | list | [] |
List of additional volumeMounts for the Nautobot containers |
| nautobot.extraVolumes | list | [] |
List of additional volumes for the Nautobot server pod |
| nautobot.hostAliases | list | [] |
ref Nautobot pods host aliases |
| nautobot.image.pullPolicy | string | "Always" |
Kubernetes image pull policy, common to all deployments valid values: Always, Never, or IfNotPresent |
| nautobot.image.pullSecrets | list | [] |
List of secret names to be used as image pull secrets, common to all deployments |
| nautobot.image.registry | string | "ghcr.io" |
Nautobot image registry, common to all deployments |
| nautobot.image.repository | string | "nautobot/nautobot" |
Nautobot image name, common to all deployments |
| nautobot.image.tag | string | "1.4.5-py3.10" |
Nautobot image tag, common to all deployments |
| nautobot.initContainers | list | [] |
ref Add additional init containers to the Nautobot server pods |
| nautobot.lifecycleHooks | object | {} |
lifecycleHooks for the Nautobot container(s) to automate configuration before or after startup |
| nautobot.livenessProbe | object | See values.yaml | ref Nautobot liveness probe |
| nautobot.logLevel | string | "INFO" |
Log Level used for Celery logging, valid values: CRITICAL, ERROR, WARNING, INFO, DEBUG |
| nautobot.metrics | bool | true |
ref Enable Prometheus metrics endpoint (NAUTOBOT_METRICS_ENABLED) |
| nautobot.nodeAffinityPreset | object | See values.yaml | ref Nautobot Node Affinity preset |
| nautobot.nodeAffinityPreset.key | string | "" |
Node label key to match. Ignored if nautobot.affinity is set |
| nautobot.nodeAffinityPreset.type | string | "" |
Nautobot Node affinity preset type. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| nautobot.nodeAffinityPreset.values | list | [] |
Node label values to match. Ignored if nautobot.affinity is set |
| nautobot.nodeSelector | object | {} |
ref Node labels for Nautobot pods assignment |
| nautobot.pdb | object | See values.yaml | ref Nautobot Pod Distribution Budget |
| nautobot.podAffinityPreset | string | "" |
ref Nautobot Pod affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| nautobot.podAnnotations | object | {} |
ref Annotations for Nautobot pods |
| nautobot.podAntiAffinityPreset | string | "soft" |
ref Nautobot Pod anti-affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| nautobot.podLabels | object | {} |
ref Extra labels for Nautobot pods |
| nautobot.podSecurityContext | object | See values.yaml | ref Nautobot Pods Security Context |
| nautobot.priorityClassName | string | "" |
Nautobot pods' priorityClassName |
| nautobot.readinessProbe | object | See values.yaml | ref Nautobot readiness probe |
| nautobot.redis.existingSecret | string | "" |
Name of existing secret to use for Redis passwords |
| nautobot.redis.existingSecretPasswordKey | string | "NAUTOBOT_REDIS_PASSWORD" |
Password key to be retrieved from existing secret |
| nautobot.redis.host | string | "" |
ref Nautobot external Redis hostname, ignored if redis.enabled is true (NAUTOBOT_REDIS_HOST) |
| nautobot.redis.password | string | "" |
ref Nautobot external Redis password, ignored if redis.enabled is true (NAUTOBOT_REDIS_PASSWORD) |
| nautobot.redis.port | int | 6379 |
ref Nautobot external Redis port, ignored if redis.enabled is true (NAUTOBOT_REDIS_PORT) |
| nautobot.redis.ssl | bool | false |
ref Nautobot external Redis ssl enabled, ignored if redis.enabled is true (NAUTOBOT_REDIS_SSL) |
| nautobot.redis.username | string | "" |
ref Nautobot external Redis username, ignored if redis.enabled is true (NAUTOBOT_REDIS_USERNAME) |
| nautobot.replicaCount | int | 2 |
Number of Nautobot server replicas to deploy |
| nautobot.resources | object | See values.yaml | ref Nautobot resource requests and limits |
| nautobot.revisionHistoryLimit | int | 3 |
ref Number of old ReplicaSets to retain |
| nautobot.secretKey | string | "" |
ref Nautobot Secret Key (NAUTOBOT_SECRET_KEY) |
| nautobot.sidecars | list | [] |
Add additional sidecar containers to the Nautobot server pods |
| nautobot.superUser.apitoken | string | "" |
ref Configure an API key for the super user if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_API_TOKEN) |
| nautobot.superUser.email | string | "[email protected]" |
ref Configure an email address for the super user if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_EMAIL) |
| nautobot.superUser.enabled | bool | true |
ref Create a new super user account in Nautobot once deployed (NAUTOBOT_CREATE_SUPERUSER) |
| nautobot.superUser.password | string | "" |
ref Password to use for the super user to be created if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_NAME), if unset a random password will be generated |
| nautobot.superUser.username | string | "admin" |
ref User name to use for the super user to be created if nautobot.superUser.enabled is true (NAUTOBOT_SUPERUSER_NAME) |
| nautobot.tolerations | list | [] |
ref Tolerations for Nautobot pods assignment |
| nautobot.uWSGIini | string | "" |
ref Replace the entire uwsgi.ini file with this value |
| nautobot.updateStrategy.type | string | "RollingUpdate" |
ref Nautobot Deployment strategy type |
| postgresql.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| postgresql.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| postgresql.containerSecurityContext.readOnlyRootFilesystem | bool | false |
|
| postgresql.enabled | bool | true |
Enable deployment of the Bitnami postgresql chart, all other postgresql.* parameters will be passed directly to that chart |
| postgresql.image.pullPolicy | string | "Always" |
|
| postgresql.postgresqlDatabase | string | "nautobot" |
ref PostgreSQL database name |
| postgresql.postgresqlPassword | string | "" |
ref PostgreSQL user password |
| postgresql.postgresqlUsername | string | "nautobot" |
ref PostgreSQL username |
| postgresql.securityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| postgresqlha.enabled | bool | false |
Enable deployment of the Bitnami postgresql-ha chart, all other postgresql-ha.* parameters will be passed directly to that chart |
| postgresqlha.image.pullPolicy | string | "Always" |
|
| postgresqlha.metrics.securityContext.allowPrivilegeEscalation | bool | false |
|
| postgresqlha.metrics.securityContext.capabilities.drop[0] | string | "ALL" |
|
| postgresqlha.metrics.securityContext.readOnlyRootFilesystem | bool | true |
|
| postgresqlha.metrics.securityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| postgresqlha.metricsImage.pullPolicy | string | "Always" |
|
| postgresqlha.pgpool.adminPassword | string | "" |
ref Pgpool Admin password |
| postgresqlha.pgpool.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| postgresqlha.pgpool.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| postgresqlha.pgpool.containerSecurityContext.readOnlyRootFilesystem | bool | false |
|
| postgresqlha.pgpool.containerSecurityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| postgresqlha.pgpool.pdb.create | bool | true |
ref Enable a Pod Distribution Budget for Pgpool |
| postgresqlha.pgpool.replicaCount | int | 2 |
ref The number of replicas to deploy |
| postgresqlha.pgpool.srCheckDatabase | string | "nautobot" |
ref Name of the database to perform streaming replication checks |
| postgresqlha.pgpool.updateStrategy | object | See values.yaml | ref Strategy used to replace old Pgpool Pods by new ones |
| postgresqlha.pgpoolImage.pullPolicy | string | "Always" |
|
| postgresqlha.postgresql.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| postgresqlha.postgresql.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| postgresqlha.postgresql.containerSecurityContext.readOnlyRootFilesystem | bool | false |
|
| postgresqlha.postgresql.containerSecurityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| postgresqlha.postgresql.database | string | "nautobot" |
ref PostgreSQL database name |
| postgresqlha.postgresql.password | string | "" |
ref PostgreSQL user password |
| postgresqlha.postgresql.pdb.create | bool | true |
ref Enable a Pod Distribution Budget for Postgres |
| postgresqlha.postgresql.postgresPassword | string | "" |
ref PostgreSQL postgres user password |
| postgresqlha.postgresql.repmgrPassword | string | "" |
ref PostgreSQL Repmgr password |
| postgresqlha.postgresql.securityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| postgresqlha.postgresql.username | string | "nautobot" |
ref PostgreSQL username |
| postgresqlha.postgresqlImage.pullPolicy | string | "Always" |
|
| redis.architecture | string | "standalone" |
ref Redis Architecture valid values: standalone or replication |
| redis.auth.enabled | bool | true |
ref Enable password authentication |
| redis.auth.password | string | "" |
ref Redis password |
| redis.enabled | bool | true |
Enable deployment of the Bitnami redis chart, all other redis.* parameters will be passed directly to that chart |
| redis.image.pullPolicy | string | "Always" |
|
| redis.master.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| redis.master.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| redis.master.containerSecurityContext.readOnlyRootFilesystem | bool | true |
|
| redis.master.podSecurityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| redis.replica.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| redis.replica.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| redis.replica.containerSecurityContext.readOnlyRootFilesystem | bool | true |
|
| redis.replica.podSecurityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| redis.sentinel.containerSecurityContext.allowPrivilegeEscalation | bool | false |
|
| redis.sentinel.containerSecurityContext.capabilities.drop[0] | string | "ALL" |
|
| redis.sentinel.containerSecurityContext.readOnlyRootFilesystem | bool | false |
|
| redis.sentinel.podSecurityContext.seccompProfile.type | string | "RuntimeDefault" |
|
| redis.serviceAccount.automountServiceAccountToken | bool | false |
|
| rqWorker.affinity | object | {} |
ref Affinity for Nautobot RQ Worker pods assignment |
| rqWorker.args | list | [] |
Override default Nautobot RQ Worker container args (useful when using custom images) |
| rqWorker.autoscaling | object | See values.yaml | ref Define a horizontal pod autoscaler |
| rqWorker.autoscaling.enabled | bool | false |
Add an horizontal pod autoscaler for the RQ Worker (beta) |
| rqWorker.command | list | See values.yaml | Override default Nautobot RQ Worker container command (useful when using custom images) |
| rqWorker.containerSecurityContext | object | See values.yaml | ref Nautobot RQ Worker Container Security Context |
| rqWorker.enabled | bool | false |
Enables the RQ Worker for Nautobot |
| rqWorker.extraEnvVars | list | [] |
Extra Env Vars to set only on the Nautobot RQ Worker pods |
| rqWorker.extraEnvVarsCM | list | [] |
List of names of existing ConfigMaps containing extra env vars for Nautobot RQ Worker pods |
| rqWorker.extraEnvVarsSecret | list | [] |
List of names of existing Secrets containing extra env vars for Nautobot RQ Worker pods |
| rqWorker.extraVolumeMounts | list | [] |
List of additional volumeMounts for the Nautobot RQ Worker containers |
| rqWorker.extraVolumes | list | [] |
List of additional volumes for the Nautobot RQ Worker pod |
| rqWorker.hostAliases | list | [] |
ref Nautobot RQ Worker pods host aliases |
| rqWorker.initContainers | list | [] |
ref Add additional init containers to the Nautobot RQ Worker pods |
| rqWorker.lifecycleHooks | object | {} |
lifecycleHooks for the Nautobot RQ Worker container(s) to automate configuration before or after startup |
| rqWorker.livenessProbe | object | See values.yaml | ref Nautobot RQ Worker liveness probe |
| rqWorker.nodeAffinityPreset | object | See values.yaml | ref Nautobot RQ Worker Node Affinity preset |
| rqWorker.nodeAffinityPreset.key | string | "" |
Node label key to match. Ignored if nautobot.affinity is set |
| rqWorker.nodeAffinityPreset.type | string | "" |
Nautobot RQ Worker Node affinity preset type. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| rqWorker.nodeAffinityPreset.values | list | [] |
Node label values to match. Ignored if nautobot.affinity is set |
| rqWorker.nodeSelector | object | {} |
ref Node labels for Nautobot RQ Worker pods assignment |
| rqWorker.podAffinityPreset | string | "" |
ref Nautobot RQ Worker Pod affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| rqWorker.podAnnotations | object | {} |
ref Annotations for Nautobot RQ Worker pods |
| rqWorker.podAntiAffinityPreset | string | "soft" |
ref Nautobot RQ Worker Pod anti-affinity preset. Ignored if nautobot.affinity is set. Valid values: soft or hard |
| rqWorker.podLabels | object | {} |
ref Extra labels for Nautobot RQ Worker pods |
| rqWorker.podSecurityContext | object | See values.yaml | ref Nautobot RQ Worker Pods Security Context |
| rqWorker.priorityClassName | string | "" |
Nautobot RQ Worker pods' priorityClassName |
| rqWorker.readinessProbe | object | See values.yaml | ref Nautobot RQ Worker readiness probe |
| rqWorker.replicaCount | int | 2 |
Number of Nautobot RQ Workers replicas to deploy |
| rqWorker.resources | object | See values.yaml | ref Nautobot RQ Worker resource requests and limits |
| rqWorker.revisionHistoryLimit | int | 3 |
ref Number of old ReplicaSets to retain |
| rqWorker.sidecars | list | [] |
Add additional sidecar containers to the Nautobot RQ Worker pods |
| rqWorker.tolerations | list | [] |
ref Tolerations for Nautobot RQ Worker pods assignment |
| rqWorker.updateStrategy.type | string | "RollingUpdate" |
ref Nautobot RQ Worker Deployment strategy type |
| service.annotations | object | {} |
Annotations to be applied to the service resource |
| service.clusterIP | string | nil |
IP address to use as the clusterIP |
| service.externalTrafficPolicy | string | "Cluster" |
Kubernetes externalTrafficPolicy valid values: Cluster or Local |
| service.extraPorts | list | [] |
Extra ports to expose in the nautobot service (normally used with the sidecars value) |
| service.httpsPort | int | 443 |
Port to expose for Nautobot https access |
| service.loadBalancerIP | string | nil |
IP address to use as the loadBalancerIP |
| service.loadBalancerSourceRanges | list | [] |
List of allowed CIDRs to access the load balancer default 0.0.0.0/0, cloud provider dependent |
| service.nodePorts.http | string | nil |
Node port for Nautobot http choose port in Kubernetes --service-node-port-range typically 30000-32767 |
| service.nodePorts.https | string | nil |
Node port for Nautobot https choose port in Kubernetes --service-node-port-range typically 30000-32767 |
| service.port | int | 80 |
Port to expose for Nautobot http access |
| service.type | string | "ClusterIP" |
ref Kubernetes service type, valid values: ExternalName, ClusterIP, NodePort, or LoadBalancer |
| serviceAccount.annotations | object | {} |
Service account annotations |
| serviceAccount.create | bool | true |
Enable creation of a Kubernetes Service Account for Nautobot |
| serviceAccount.name | string | $release_name |
Name of the Kubernetes Service Account for Nautobot |