920 lines
37 KiB
YAML
920 lines
37 KiB
YAML
# Copyright VMware, Inc.
|
|
# SPDX-License-Identifier: APACHE-2.0
|
|
|
|
## @section Global parameters
|
|
## Global Docker image parameters
|
|
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
|
|
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
|
|
|
|
## @param global.imageRegistry Global Docker image registry
|
|
## @param global.imagePullSecrets Global Docker registry secret names as an array
|
|
## @param global.storageClass Global StorageClass for Persistent Volume(s)
|
|
##
|
|
global:
|
|
imageRegistry: ""
|
|
## E.g.
|
|
## imagePullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
imagePullSecrets: []
|
|
storageClass: ""
|
|
|
|
## @section Common parameters
|
|
|
|
## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set)
|
|
##
|
|
kubeVersion: ""
|
|
## @param extraDeploy Array of extra objects to deploy with the release
|
|
##
|
|
extraDeploy: []
|
|
## @param nameOverride String to partially override grafana.fullname template (will maintain the release name)
|
|
##
|
|
nameOverride: ""
|
|
## @param fullnameOverride String to fully override grafana.fullname template
|
|
##
|
|
fullnameOverride: ""
|
|
## @param clusterDomain Default Kubernetes cluster domain
|
|
##
|
|
clusterDomain: cluster.local
|
|
## @param commonLabels Labels to add to all deployed objects
|
|
##
|
|
commonLabels: {}
|
|
## @param commonAnnotations Annotations to add to all deployed objects
|
|
##
|
|
commonAnnotations: {}
|
|
|
|
## @section Grafana parameters
|
|
|
|
## Bitnami Grafana image version
|
|
## ref: https://hub.docker.com/r/bitnami/grafana/tags/
|
|
## @param image.registry [default: REGISTRY_NAME] Grafana image registry
|
|
## @param image.repository [default: REPOSITORY_NAME/grafana] Grafana image repository
|
|
## @skip image.tag Grafana image tag (immutable tags are recommended)
|
|
## @param image.digest Grafana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param image.pullPolicy Grafana image pull policy
|
|
## @param image.pullSecrets Grafana image pull secrets
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/grafana
|
|
tag: 10.2.3-debian-11-r0
|
|
digest: ""
|
|
## Specify a imagePullPolicy
|
|
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
|
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
##
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
pullSecrets: []
|
|
## Admin credentials configuration
|
|
##
|
|
admin:
|
|
## @param admin.user Grafana admin username
|
|
##
|
|
user: "admin"
|
|
## @param admin.password Admin password. If a password is not provided a random password will be generated
|
|
##
|
|
password: ""
|
|
## @param admin.existingSecret Name of the existing secret containing admin password
|
|
##
|
|
existingSecret: ""
|
|
## @param admin.existingSecretPasswordKey Password key on the existing secret
|
|
##
|
|
existingSecretPasswordKey: password
|
|
## SMTP configuration
|
|
##
|
|
smtp:
|
|
## @param smtp.enabled Enable SMTP configuration
|
|
##
|
|
enabled: false
|
|
## @param smtp.user SMTP user
|
|
##
|
|
user: user
|
|
## @param smtp.password SMTP password
|
|
##
|
|
password: password
|
|
## @param smtp.host Custom host for the smtp server
|
|
## e.g:
|
|
## host: mysmtphost.com
|
|
##
|
|
host: ""
|
|
## @param smtp.fromAddress From address
|
|
##
|
|
fromAddress: ""
|
|
## @param smtp.fromName From name
|
|
##
|
|
fromName: ""
|
|
## @param smtp.skipVerify Enable skip verify
|
|
##
|
|
skipVerify: "false"
|
|
## @param smtp.existingSecret Name of existing secret containing SMTP credentials (user and password)
|
|
##
|
|
existingSecret: ""
|
|
## @param smtp.existingSecretUserKey User key on the existing secret
|
|
##
|
|
existingSecretUserKey: user
|
|
## @param smtp.existingSecretPasswordKey Password key on the existing secret
|
|
##
|
|
existingSecretPasswordKey: password
|
|
## @param plugins Grafana plugins to be installed in deployment time separated by commas
|
|
## Specify plugins as a list separated by commas ( you will need to scape them when specifying from command line )
|
|
## Example:
|
|
## plugins: grafana-kubernetes-app,grafana-example-app
|
|
##
|
|
plugins: ""
|
|
## Ldap configuration for Grafana
|
|
##
|
|
ldap:
|
|
## @param ldap.enabled Enable LDAP for Grafana
|
|
##
|
|
enabled: false
|
|
## @param ldap.allowSignUp Allows LDAP sign up for Grafana
|
|
##
|
|
allowSignUp: false
|
|
## @param ldap.configuration Specify content for ldap.toml configuration file
|
|
## e.g:
|
|
## configuration: |-
|
|
## [[servers]]
|
|
## host = "127.0.0.1"
|
|
## port = 389
|
|
## use_ssl = false
|
|
## ...
|
|
##
|
|
configuration: ""
|
|
## @param ldap.configMapName Name of the ConfigMap with the ldap.toml configuration file for Grafana
|
|
## NOTE: When it's set the ldap.configuration parameter is ignored
|
|
##
|
|
configMapName: ""
|
|
## @param ldap.secretName Name of the Secret with the ldap.toml configuration file for Grafana
|
|
## NOTE: When it's set the ldap.configuration parameter is ignored
|
|
##
|
|
secretName: ""
|
|
## @param ldap.uri Server URI, eg. ldap://ldap_server:389
|
|
##
|
|
uri: ""
|
|
## @param ldap.binddn DN of the account used to search in the LDAP server.
|
|
##
|
|
binddn: ""
|
|
## @param ldap.bindpw Password for binddn account.
|
|
##
|
|
bindpw: ""
|
|
## @param ldap.basedn Base DN path where binddn account will search for the users.
|
|
##
|
|
basedn: ""
|
|
## @param ldap.searchAttribute Field used to match with the user name (uid, samAccountName, cn, etc). This value will be ignored if 'ldap.searchFilter' is set
|
|
##
|
|
searchAttribute: "uid"
|
|
## @param ldap.searchFilter User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(|(sAMAccountName=%s)(userPrincipalName=%s)"
|
|
##
|
|
searchFilter: ""
|
|
## @param ldap.extraConfiguration Extra ldap configuration.
|
|
## Example:
|
|
## extraConfiguration: |-
|
|
## # set to true if you want to skip SSL cert validation
|
|
## ssl_skip_verify = false
|
|
## # group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
|
|
## # group_search_filter_user_attribute = "distinguishedName"
|
|
## # group_search_base_dns = ["ou=groups,dc=grafana,dc=org"]
|
|
## # Specify names of the LDAP attributes your LDAP uses
|
|
## [servers.attributes]
|
|
## # member_of = "memberOf"
|
|
## # email = "email"
|
|
##
|
|
extraConfiguration: ""
|
|
## @param ldap.tls.enabled Enabled TLS configuration.
|
|
## @param ldap.tls.startTls Use STARTTLS instead of LDAPS.
|
|
## @param ldap.tls.skipVerify Skip any SSL verification (hostanames or certificates)
|
|
## @param ldap.tls.certificatesMountPath Where LDAP certifcates are mounted.
|
|
## @param ldap.tls.certificatesSecret Secret with LDAP certificates.
|
|
## @param ldap.tls.CAFilename CA certificate filename. Should match with the CA entry key in the ldap.tls.certificatesSecret.
|
|
## @param ldap.tls.certFilename Client certificate filename to authenticate against the LDAP server. Should match with certificate the entry key in the ldap.tls.certificatesSecret.
|
|
## @param ldap.tls.certKeyFilename Client Key filename to authenticate against the LDAP server. Should match with certificate the entry key in the ldap.tls.certificatesSecret.
|
|
##
|
|
tls:
|
|
enabled: false
|
|
startTls: false
|
|
skipVerify: false
|
|
certificatesMountPath: /opt/bitnami/grafana/conf/ldap/
|
|
certificatesSecret: ""
|
|
CAFilename: ""
|
|
certFilename: ""
|
|
certKeyFilename: ""
|
|
## Grafana Image Renderer configuration for Grafana
|
|
##
|
|
imageRenderer:
|
|
## @param imageRenderer.enabled Enable using a remote rendering service to render PNG images
|
|
##
|
|
enabled: false
|
|
## @param imageRenderer.serverURL URL of the remote rendering service
|
|
##
|
|
serverURL: ""
|
|
## @param imageRenderer.callbackURL URL of the callback service
|
|
##
|
|
callbackURL: ""
|
|
|
|
## Parameters to override the default grafana.ini file.
|
|
## It is needed to create a configmap or a secret containing the grafana.ini file.
|
|
## @param config.useGrafanaIniFile Allows to load a `grafana.ini` file
|
|
## @param config.grafanaIniConfigMap Name of the ConfigMap containing the `grafana.ini` file
|
|
## @param config.grafanaIniSecret Name of the Secret containing the `grafana.ini` file
|
|
##
|
|
config:
|
|
useGrafanaIniFile: false
|
|
grafanaIniConfigMap: ""
|
|
grafanaIniSecret: ""
|
|
## Create dasboard provider to load dashboards, a default one is created to load dashboards
|
|
## from "/opt/bitnami/grafana/dashboards"
|
|
## @param dashboardsProvider.enabled Enable the use of a Grafana dashboard provider
|
|
## @param dashboardsProvider.configMapName Name of a ConfigMap containing a custom dashboard provider
|
|
##
|
|
dashboardsProvider:
|
|
enabled: false
|
|
## Important to set the Path to "/opt/bitnami/grafana/dashboards"
|
|
## Evaluated as a template.
|
|
##
|
|
configMapName: ""
|
|
## @param dashboardsConfigMaps Array with the names of a series of ConfigMaps containing dashboards files
|
|
## They will be mounted by the default dashboard provider if it is enabled
|
|
## Use an array with the configMap names.
|
|
## In order to use subfolders, uncomment "#foldersFromFilesStructure: true" line in default provider config. or create your own dashboard provider.
|
|
## Example:
|
|
## dashboardsConfigMaps:
|
|
## - configMapName: mydashboard
|
|
## folderName: foo
|
|
## fileName: mydashboard.json
|
|
## - configMapName: myotherdashboard
|
|
## folderName: bar
|
|
## fileName: myotherdashboard.json
|
|
##
|
|
dashboardsConfigMaps: []
|
|
## Import datasources from an externally-managed secret, or a secret definition set via Helm values.
|
|
##
|
|
datasources:
|
|
## @param datasources.secretName The name of an externally-managed secret containing custom datasource files.
|
|
##
|
|
secretName: ""
|
|
## @param datasources.secretDefinition The contents of a secret defining a custom datasource file. Only used if datasources.secretName is empty or not defined.
|
|
## Example:
|
|
## secretDefinition:
|
|
## apiVersion: 1
|
|
## datasources:
|
|
## - name: Prometheus
|
|
## type: prometheus
|
|
## url: http://prometheus-prometheus-server
|
|
## access: proxy
|
|
## isDefault: true
|
|
##
|
|
secretDefinition: {}
|
|
|
|
## Create notifiers from a configMap
|
|
## The notifiersName must contain the files
|
|
## @param notifiers.configMapName Name of a ConfigMap containing Grafana notifiers configuration
|
|
##
|
|
notifiers:
|
|
configMapName: ""
|
|
|
|
## Create alerting rules, contact points, notification policies, templates, and mute timings from a configMap
|
|
## @param alerting.configMapName Name of a ConfigMap containing Grafana alerting configuration
|
|
##
|
|
alerting:
|
|
configMapName: ""
|
|
|
|
## @section Grafana Deployment parameters
|
|
|
|
grafana:
|
|
## @param grafana.replicaCount Number of Grafana nodes
|
|
##
|
|
replicaCount: 1
|
|
## @param grafana.updateStrategy.type Set up update strategy for Grafana installation.
|
|
## Set to Recreate if you use persistent volume that cannot be mounted by more than one pods to make sure the pods is destroyed first.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
|
|
## Example:
|
|
## updateStrategy:
|
|
## type: RollingUpdate
|
|
## rollingUpdate:
|
|
## maxSurge: 25%
|
|
## maxUnavailable: 25%
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
## @param grafana.hostAliases Add deployment host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param grafana.schedulerName Alternative scheduler
|
|
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param grafana.terminationGracePeriodSeconds In seconds, time the given to the Grafana pod needs to terminate gracefully
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
|
|
##
|
|
terminationGracePeriodSeconds: ""
|
|
## @param grafana.priorityClassName Priority class name
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
##
|
|
priorityClassName: ""
|
|
## @param grafana.podLabels Extra labels for Grafana pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param grafana.podAnnotations Grafana Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param grafana.podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param grafana.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## @param grafana.containerPorts.grafana Grafana container port
|
|
##
|
|
containerPorts:
|
|
grafana: 3000
|
|
## @param grafana.extraPorts Extra ports for Grafana deployment
|
|
##
|
|
extraPorts: []
|
|
## Node affinity preset
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
## @param grafana.nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## @param grafana.nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set.
|
|
## @param grafana.nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set.
|
|
##
|
|
nodeAffinityPreset:
|
|
type: ""
|
|
## E.g.
|
|
## key: "kubernetes.io/e2e-az-name"
|
|
##
|
|
key: ""
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param grafana.affinity Affinity for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param grafana.nodeSelector Node labels for pod assignment
|
|
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
|
|
##
|
|
nodeSelector: {}
|
|
## @param grafana.tolerations Tolerations for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param grafana.topologySpreadConstraints Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in
|
|
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
|
##
|
|
## topologySpreadConstraints:
|
|
## - maxSkew: 1
|
|
## topologyKey: failure-domain.beta.kubernetes.io/zone
|
|
## whenUnsatisfiable: DoNotSchedule
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param grafana.podSecurityContext.enabled Enable securityContext on for Grafana deployment
|
|
## @param grafana.podSecurityContext.fsGroup Group to configure permissions for volumes
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroup: 1001
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param grafana.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param grafana.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param grafana.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param grafana.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param grafana.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param grafana.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param grafana.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param grafana.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
runAsUser: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: false
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## Grafana containers' resource requests and limits
|
|
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param grafana.resources.limits The resources limits for Grafana containers
|
|
## @param grafana.resources.requests The requested resources for Grafana containers
|
|
##
|
|
resources:
|
|
## Example:
|
|
## limits:
|
|
## cpu: 500m
|
|
## memory: 1Gi
|
|
limits: {}
|
|
## Examples:
|
|
## requests:
|
|
## cpu: 250m
|
|
## memory: 256Mi
|
|
requests: {}
|
|
## Grafana containers' liveness probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param grafana.livenessProbe.enabled Enable livenessProbe
|
|
## @param grafana.livenessProbe.path Path for livenessProbe
|
|
## @param grafana.livenessProbe.scheme Scheme for livenessProbe
|
|
## @param grafana.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param grafana.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param grafana.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param grafana.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param grafana.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
path: /api/health
|
|
scheme: HTTP
|
|
initialDelaySeconds: 120
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Grafana containers' readinessProbe probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param grafana.readinessProbe.enabled Enable readinessProbe
|
|
## @param grafana.readinessProbe.path Path for readinessProbe
|
|
## @param grafana.readinessProbe.scheme Scheme for readinessProbe
|
|
## @param grafana.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param grafana.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param grafana.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param grafana.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param grafana.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
path: /api/health
|
|
scheme: HTTP
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## @param grafana.startupProbe.enabled Enable startupProbe
|
|
## @param grafana.startupProbe.path Path for readinessProbe
|
|
## @param grafana.startupProbe.scheme Scheme for readinessProbe
|
|
## @param grafana.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param grafana.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param grafana.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param grafana.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param grafana.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
path: /api/health
|
|
scheme: HTTP
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## @param grafana.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param grafana.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param grafana.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## @param grafana.lifecycleHooks for the Grafana container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param grafana.sidecars Attach additional sidecar containers to the Grafana pod
|
|
## Example:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param grafana.initContainers Add additional init containers to the Grafana pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
|
## e.g:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## command: ['sh', '-c', 'echo "hello world"']
|
|
##
|
|
initContainers: []
|
|
## @param grafana.extraVolumes Additional volumes for the Grafana pod
|
|
## Example:
|
|
## extraVolumes:
|
|
## - name: my-volume
|
|
## emptyDir: {}
|
|
##
|
|
extraVolumes: []
|
|
## @param grafana.extraVolumeMounts Additional volume mounts for the Grafana container
|
|
## Example:
|
|
## extraVolumeMounts:
|
|
## - name: my-volume
|
|
## mountPath: /opt/bitnami/grafana/my-stuff
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param grafana.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Grafana nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param grafana.extraEnvVarsSecret Name of existing Secret containing extra env vars for Grafana nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param grafana.extraEnvVars Array containing extra env vars to configure Grafana
|
|
## For example:
|
|
## extraEnvVars:
|
|
## - name: GF_DEFAULT_INSTANCE_NAME
|
|
## value: my-instance
|
|
##
|
|
extraEnvVars: []
|
|
## @param grafana.extraConfigmaps Array to mount extra ConfigMaps to configure Grafana
|
|
## For example:
|
|
## extraConfigmaps:
|
|
## - name: myconfigmap
|
|
## mountPath: /opt/bitnami/desired-path
|
|
## subPath: file-name.extension (optional)
|
|
## readOnly: true
|
|
##
|
|
extraConfigmaps: []
|
|
## @param grafana.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param grafana.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
|
|
## @section Persistence parameters
|
|
|
|
## Enable persistence using Persistent Volume Claims
|
|
## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/
|
|
## @param persistence.enabled Enable persistence
|
|
## @param persistence.annotations Persistent Volume Claim annotations
|
|
## @param persistence.accessMode Persistent Volume Access Mode
|
|
## @param persistence.accessModes Persistent Volume Access Modes
|
|
## @param persistence.storageClass Storage class to use with the PVC
|
|
## @param persistence.existingClaim If you want to reuse an existing claim, you can pass the name of the PVC using the existingClaim variable
|
|
## @param persistence.size Size for the PV
|
|
##
|
|
persistence:
|
|
enabled: true
|
|
## If defined, storageClassName: <storageClass>
|
|
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
## If undefined (the default) or set to null, no storageClassName spec is
|
|
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
|
## GKE, AWS & OpenStack)
|
|
##
|
|
storageClass: ""
|
|
annotations: {}
|
|
existingClaim: ""
|
|
accessMode: ReadWriteOnce
|
|
accessModes: []
|
|
size: 10Gi
|
|
|
|
## @section RBAC parameters
|
|
|
|
## @param serviceAccount.create Specifies whether a ServiceAccount should be created
|
|
## @param serviceAccount.name The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template
|
|
## @param serviceAccount.annotations Annotations to add to the ServiceAccount Metadata
|
|
## @param serviceAccount.automountServiceAccountToken Automount service account token for the application controller service account
|
|
serviceAccount:
|
|
create: true
|
|
name: ""
|
|
annotations: {}
|
|
automountServiceAccountToken: false
|
|
|
|
## @section Traffic exposure parameters
|
|
|
|
## Service parameters
|
|
##
|
|
service:
|
|
## @param service.type Kubernetes Service type
|
|
##
|
|
type: ClusterIP
|
|
## @param service.clusterIP Grafana service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param service.ports.grafana Grafana service port
|
|
##
|
|
ports:
|
|
grafana: 3000
|
|
## @param service.nodePorts.grafana Specify the nodePort value for the LoadBalancer and NodePort service types
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
|
|
##
|
|
nodePorts:
|
|
grafana: ""
|
|
## @param service.loadBalancerIP loadBalancerIP if Grafana service type is `LoadBalancer` (optional, cloud specific)
|
|
## ref: https://kubernetes.io/docs/user-guide/services/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param service.loadBalancerClass loadBalancerClass if Grafana service type is `LoadBalancer` (optional, cloud specific)
|
|
## ref: https://kubernetes.io/docs/user-guide/services/#type-loadbalancer
|
|
##
|
|
loadBalancerClass: ""
|
|
## @param service.loadBalancerSourceRanges loadBalancerSourceRanges if Grafana service type is `LoadBalancer` (optional, cloud specific)
|
|
## ref: https://kubernetes.io/docs/user-guide/services/#type-loadbalancer
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param service.annotations Provide any additional annotations which may be required.
|
|
## This can be used to set the LoadBalancer service type to internal only.
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
|
|
##
|
|
annotations: {}
|
|
## @param service.externalTrafficPolicy Grafana service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param service.extraPorts Extra port to expose on Grafana service
|
|
##
|
|
extraPorts: []
|
|
## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
|
|
## If "ClientIP", consecutive client requests will be directed to the same Pod
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
|
|
##
|
|
sessionAffinity: None
|
|
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## Configure the ingress resource that allows you to access the
|
|
## Grafana installation. Set up the URL
|
|
## ref: https://kubernetes.io/docs/user-guide/ingress/
|
|
##
|
|
ingress:
|
|
## @param ingress.enabled Set to true to enable ingress record generation
|
|
##
|
|
enabled: false
|
|
## DEPRECATED: Use ingress.annotations instead of ingress.certManager
|
|
## certManager: false
|
|
##
|
|
|
|
## @param ingress.pathType Ingress Path type
|
|
##
|
|
pathType: ImplementationSpecific
|
|
## @param ingress.apiVersion Override API Version (automatically detected if not set)
|
|
##
|
|
apiVersion: ""
|
|
## @param ingress.hostname When the ingress is enabled, a host pointing to this will be created
|
|
##
|
|
hostname: grafana.local
|
|
## @param ingress.path Default path for the ingress resource
|
|
## The Path to Grafana. You may need to set this to '/*' in order to use this with ALB ingress controllers.
|
|
##
|
|
path: /
|
|
## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
|
|
## For a full list of possible ingress annotations, please see
|
|
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
|
|
## Use this parameter to set the required annotations for cert-manager, see
|
|
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
|
|
##
|
|
## e.g:
|
|
## annotations:
|
|
## kubernetes.io/ingress.class: nginx
|
|
## cert-manager.io/cluster-issuer: cluster-issuer-name
|
|
##
|
|
annotations: {}
|
|
## @param ingress.tls Enable TLS configuration for the hostname defined at ingress.hostname parameter
|
|
## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }}
|
|
## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it
|
|
##
|
|
tls: false
|
|
## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record.
|
|
## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array
|
|
## extraHosts:
|
|
## - name: grafana.local
|
|
## path: /
|
|
##
|
|
extraHosts: []
|
|
## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host.
|
|
## For example: The ALB ingress controller requires a special rule for handling SSL redirection.
|
|
## extraPaths:
|
|
## - path: /*
|
|
## backend:
|
|
## serviceName: ssl-redirect
|
|
## servicePort: use-annotation
|
|
##
|
|
extraPaths: []
|
|
## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record.
|
|
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
|
|
## extraTls:
|
|
## - hosts:
|
|
## - grafana.local
|
|
## secretName: grafana.local-tls
|
|
##
|
|
extraTls: []
|
|
## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets
|
|
## key and certificate should start with -----BEGIN CERTIFICATE----- or
|
|
## -----BEGIN RSA PRIVATE KEY-----
|
|
##
|
|
## name should line up with a tlsSecret set further up
|
|
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
|
|
##
|
|
## @param ingress.secrets It is also possible to create and manage the certificates outside of this helm chart
|
|
## Please see README.md for more information
|
|
## e.g:
|
|
## - name: grafana.local-tls
|
|
## key:
|
|
## certificate:
|
|
##
|
|
secrets: []
|
|
## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
|
|
##
|
|
selfSigned: false
|
|
## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
|
|
ingressClassName: ""
|
|
## @param ingress.extraRules Additional rules to be covered with this ingress record
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
|
|
## e.g:
|
|
## extraRules:
|
|
## - host: example.local
|
|
## http:
|
|
## path: /
|
|
## backend:
|
|
## service:
|
|
## name: example-svc
|
|
## port:
|
|
## name: http
|
|
##
|
|
extraRules: []
|
|
|
|
## @section Metrics parameters
|
|
|
|
## Prometheus metrics
|
|
##
|
|
metrics:
|
|
## @param metrics.enabled Enable the export of Prometheus metrics
|
|
##
|
|
enabled: false
|
|
## Prometheus Operator ServiceMonitor configuration
|
|
## @param metrics.service.annotations [object] Annotations for Prometheus metrics service
|
|
##
|
|
service:
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "3000"
|
|
prometheus.io/path: "/metrics"
|
|
serviceMonitor:
|
|
## @param metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)
|
|
##
|
|
enabled: false
|
|
## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
|
|
##
|
|
namespace: ""
|
|
## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
## e.g:
|
|
## interval: 10s
|
|
##
|
|
interval: ""
|
|
## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
## e.g:
|
|
## scrapeTimeout: 10s
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
## e.g:
|
|
## selector:
|
|
## prometheus: my-prometheus
|
|
##
|
|
selector: {}
|
|
## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
|
|
##
|
|
relabelings: []
|
|
## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
|
|
##
|
|
metricRelabelings: []
|
|
## @param metrics.serviceMonitor.honorLabels Labels to honor to add to the scrape endpoint
|
|
##
|
|
honorLabels: false
|
|
## DEPRECATED metrics.serviceMonitor.additionalLabels - It will be removed in a future release, please use metrics.serviceMonitor.labels instead
|
|
## @param metrics.serviceMonitor.labels Additional custom labels for the ServiceMonitor
|
|
##
|
|
labels: {}
|
|
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## Prometheus Operator PrometheusRule configuration
|
|
##
|
|
prometheusRule:
|
|
## @param metrics.prometheusRule.enabled if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`)
|
|
##
|
|
enabled: false
|
|
## @param metrics.prometheusRule.namespace Namespace for the PrometheusRule Resource (defaults to the Release Namespace)
|
|
##
|
|
namespace: ""
|
|
## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so PrometheusRule will be discovered by Prometheus
|
|
##
|
|
additionalLabels: {}
|
|
## @param metrics.prometheusRule.rules PrometheusRule rules to configure
|
|
## e.g:
|
|
## - alert: Grafana-Down
|
|
## annotations:
|
|
## message: 'Grafana instance is down'
|
|
## summary: Grafana instance is down
|
|
## expr: absent(up{job="grafana"} == 1)
|
|
## labels:
|
|
## severity: warning
|
|
## service: grafana
|
|
## for: 5m
|
|
##
|
|
rules: []
|
|
|
|
## @section Volume permissions init Container Parameters
|
|
|
|
## 'volumePermissions' init container parameters
|
|
## Changes the owner and group of the persistent volume mount point to runAsUser:fsGroup values
|
|
## based on the `grafana:podSecurityContext`/`grafana:containerSecurityContext`` parameters
|
|
## May require setting `grafana:podSecurityContext:runAsNonRoot` to false
|
|
##
|
|
volumePermissions:
|
|
## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup`
|
|
##
|
|
enabled: false
|
|
## OS Shell + Utility image
|
|
## ref: https://hub.docker.com/r/bitnami/os-shell/tags/
|
|
## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry
|
|
## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository
|
|
## @skip volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended)
|
|
## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy
|
|
## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/os-shell
|
|
tag: 11-debian-11-r92
|
|
digest: ""
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## e.g:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## Init container's resource requests and limits
|
|
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
|
|
## @param volumePermissions.resources.limits The resources limits for the init container
|
|
## @param volumePermissions.resources.requests The requested resources for the init container
|
|
##
|
|
resources:
|
|
limits: {}
|
|
requests: {}
|
|
## Init container Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param volumePermissions.containerSecurityContext.runAsUser Set init container's Security Context runAsUser
|
|
## NOTE: when runAsUser is set to special value "auto", init container will try to chown the
|
|
## data folder to auto-determined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
|
|
## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed)
|
|
##
|
|
containerSecurityContext:
|
|
runAsUser: 0
|
|
|
|
## @section Diagnostic Mode Parameters
|
|
|
|
## Enable diagnostic mode in the deployment
|
|
##
|
|
diagnosticMode:
|
|
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
|
|
##
|
|
enabled: false
|
|
## @param diagnosticMode.command Command to override all containers in the deployment
|
|
##
|
|
command:
|
|
- sleep
|
|
## @param diagnosticMode.args Args to override all containers in the deployment
|
|
##
|
|
args:
|
|
- infinity
|