clickhouse
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# This file has been modified by Chainguard, Inc.
2
#
3
# Copyright Chainguard, Inc. All Rights Reserved.
4
# Chainguard, Inc. modifications are subject to the license
5
# available at: https://www.chainguard.dev/legal/software-license-agreement
6
#
7
# Copyright Broadcom, Inc. All Rights Reserved.
8
# SPDX-License-Identifier: APACHE-2.0
9
10
## @section Global parameters
11
## Global Docker image parameters
12
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
13
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
14
##
15
16
## @param global.imageRegistry Global Docker image registry
17
## @param global.imagePullSecrets Global Docker registry secret names as an array
18
## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)
19
##
20
global:
21
imageRegistry: ""
22
## E.g.
23
## imagePullSecrets:
24
## - myRegistryKeySecretName
25
##
26
imagePullSecrets: []
27
defaultStorageClass: ""
28
## Security parameters
29
##
30
security:
31
## @param global.security.allowInsecureImages Allows skipping image verification
32
allowInsecureImages: false
33
## Compatibility adaptations for Kubernetes platforms
34
##
35
compatibility:
36
## Compatibility adaptations for Openshift
37
##
38
openshift:
39
## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
40
##
41
adaptSecurityContext: auto
42
org: ""
43
## @section Common parameters
44
45
## @param kubeVersion Override Kubernetes version
46
##
47
kubeVersion: ""
48
## @param apiVersions Override Kubernetes API versions reported by .Capabilities
49
##
50
apiVersions: []
51
## @param nameOverride String to partially override common.names.name
52
##
53
nameOverride: ""
54
## @param fullnameOverride String to fully override common.names.fullname
55
##
56
fullnameOverride: ""
57
## @param namespaceOverride String to fully override common.names.namespace
58
##
59
namespaceOverride: ""
60
## @param commonLabels Labels to add to all deployed objects
61
##
62
commonLabels: {}
63
## @param commonAnnotations Annotations to add to all deployed objects
64
##
65
commonAnnotations: {}
66
## @param clusterDomain Kubernetes cluster domain name
67
##
68
clusterDomain: cluster.local
69
## @param extraDeploy Array of extra objects to deploy with the release
70
##
71
extraDeploy: []
72
## @param usePasswordFiles Mount credentials as files instead of using environment variables
73
##
74
usePasswordFiles: true
75
## Enable diagnostic mode in the deployment
76
##
77
diagnosticMode:
78
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
79
##
80
enabled: false
81
## @param diagnosticMode.command Command to override all containers in the deployment
82
##
83
command:
84
- sleep
85
## @param diagnosticMode.args Args to override all containers in the deployment
86
##
87
args:
88
- infinity
89
## @section Default Init Container Parameters
90
defaultInitContainers:
91
## 'volume-permissions' init container
92
## Used to change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node
93
##
94
volumePermissions:
95
## @param defaultInitContainers.volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume
96
##
97
enabled: false
98
## @param defaultInitContainers.volumePermissions.image.registry [default: REGISTRY_NAME] "volume-permissions" init-containers' image registry
99
## @param defaultInitContainers.volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] "volume-permissions" init-containers' image repository
100
## @skip defaultInitContainers.volumePermissions.image.tag "volume-permissions" init-containers' image tag (immutable tags are recommended)
101
## @param defaultInitContainers.volumePermissions.image.digest "volume-permissions" init-containers' image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
102
## @param defaultInitContainers.volumePermissions.image.pullPolicy "volume-permissions" init-containers' image pull policy
103
## @param defaultInitContainers.volumePermissions.image.pullSecrets "volume-permissions" init-containers' image pull secrets
104
##
105
image:
106
registry: docker.io
107
repository: iamguarded/os-shell
108
tag: 12-debian-12-r51
109
digest: ""
110
pullPolicy: IfNotPresent
111
## Optionally specify an array of imagePullSecrets.
112
## Secrets must be manually created in the namespace.
113
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
114
## Example:
115
## pullSecrets:
116
## - myRegistryKeySecretName
117
##
118
pullSecrets: []
119
## Configure "volume-permissions" init-container Security Context
120
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
121
## @param defaultInitContainers.volumePermissions.containerSecurityContext.enabled Enabled "volume-permissions" init-containers' Security Context
122
## @param defaultInitContainers.volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in "volume-permissions" init-containers
123
## @param defaultInitContainers.volumePermissions.containerSecurityContext.runAsUser Set runAsUser in "volume-permissions" init-containers' Security Context
124
## @param defaultInitContainers.volumePermissions.containerSecurityContext.privileged Set privileged in "volume-permissions" init-containers' Security Context
125
## @param defaultInitContainers.volumePermissions.containerSecurityContext.allowPrivilegeEscalation Set allowPrivilegeEscalation in "volume-permissions" init-containers' Security Context
126
## @param defaultInitContainers.volumePermissions.containerSecurityContext.capabilities.add List of capabilities to be added in "volume-permissions" init-containers
127
## @param defaultInitContainers.volumePermissions.containerSecurityContext.capabilities.drop List of capabilities to be dropped in "volume-permissions" init-containers
128
## @param defaultInitContainers.volumePermissions.containerSecurityContext.seccompProfile.type Set seccomp profile in "volume-permissions" init-containers
129
##
130
containerSecurityContext:
131
enabled: true
132
seLinuxOptions: {}
133
runAsUser: 0
134
privileged: false
135
allowPrivilegeEscalation: false
136
capabilities:
137
add: ["CHOWN"]
138
drop: ["ALL"]
139
seccompProfile:
140
type: "RuntimeDefault"
141
## ClickHouse Keeper "volume-permissions" init container resource requests and limits
142
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
143
## @param defaultInitContainers.volumePermissions.resourcesPreset Set ClickHouse Keeper "volume-permissions" init container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if defaultInitContainers.volumePermissions.resources is set (defaultInitContainers.volumePermissions.resources is recommended for production).
144
## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15
145
##
146
resourcesPreset: "nano"
147
## @param defaultInitContainers.volumePermissions.resources Set ClickHouse Keeper "volume-permissions" init container requests and limits for different resources like CPU or memory (essential for production workloads)
148
## E.g:
149
## resources:
150
## requests:
151
## cpu: 2
152
## memory: 512Mi
153
## limits:
154
## cpu: 3
155
## memory: 1024Mi
156
##
157
resources: {}
158
## @section ClickHouse parameters
159
160
## Iamguarded ClickHouse image
161
## ref: https://hub.docker.com/r/iamguarded/clickhouse/tags/
162
## @param image.registry [default: REGISTRY_NAME] ClickHouse image registry
163
## @param image.repository [default: REPOSITORY_NAME/clickhouse] ClickHouse image repository
164
## @skip image.tag ClickHouse image tag (immutable tags are recommended)
165
## @param image.digest ClickHouse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
166
## @param image.pullPolicy ClickHouse image pull policy
167
## @param image.pullSecrets ClickHouse image pull secrets
168
## @param image.debug Enable ClickHouse image debug mode
169
##
170
image:
171
registry: cgr.dev
172
repository: chainguard-private/clickhouse-iamguarded
173
tag: 26.1.4
174
digest: ""
175
## Specify a imagePullPolicy
176
## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
177
##
178
pullPolicy: IfNotPresent
179
## Optionally specify an array of imagePullSecrets.
180
## Secrets must be manually created in the namespace.
181
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
182
## e.g:
183
## pullSecrets:
184
## - myRegistryKeySecretName
185
##
186
pullSecrets: []
187
## Enable debug mode
188
##
189
debug: false
190
## @param clusterName ClickHouse cluster name
191
##
192
clusterName: default
193
## Authentication
194
## @param auth.username ClickHouse Admin username
195
## @param auth.password ClickHouse Admin password
196
## @param auth.existingSecret Name of a secret containing the Admin password
197
## @param auth.existingSecretKey Name of the key inside the existing secret
198
##
199
auth:
200
username: default
201
password: ""
202
existingSecret: ""
203
existingSecretKey: ""
204
## @param tls.enabled Enable TLS configuration for ClickHouse
205
## @param tls.autoGenerated.enabled Enable automatic generation of TLS certificates
206
## @param tls.autoGenerated.engine Mechanism to generate the certificates (allowed values: helm, cert-manager)
207
## @param tls.autoGenerated.certManager.existingIssuer The name of an existing Issuer to use for generating the certificates (only for `cert-manager` engine)
208
## @param tls.autoGenerated.certManager.existingIssuerKind Existing Issuer kind, defaults to Issuer (only for `cert-manager` engine)
209
## @param tls.autoGenerated.certManager.keyAlgorithm Key algorithm for the certificates (only for `cert-manager` engine)
210
## @param tls.autoGenerated.certManager.keySize Key size for the certificates (only for `cert-manager` engine)
211
## @param tls.autoGenerated.certManager.duration Duration for the certificates (only for `cert-manager` engine)
212
## @param tls.autoGenerated.certManager.renewBefore Renewal period for the certificates (only for `cert-manager` engine)
213
## @param tls.ca CA certificate for TLS. Ignored if `tls.existingCASecret` is set
214
## @param tls.existingCASecret The name of an existing Secret containing the CA certificate for TLS
215
## @param tls.server.cert TLS certificate for ClickHouse servers. Ignored if `tls.server.existingSecret` is set
216
## @param tls.server.key TLS key for ClickHouse servers. Ignored if `tls.server.existingSecret` is set
217
## @param tls.server.existingSecret The name of an existing Secret containing the TLS certificates for ClickHouse servers
218
## @param tls.keeper.cert TLS certificate for ClickHouse Keeper. Ignored if `tls.keeper.existingSecret` is set
219
## @param tls.keeper.key TLS key for ClickHouse Keeper. Ignored if `tls.keeper.existingSecret` is set
220
## @param tls.keeper.existingSecret The name of an existing Secret containing the TLS certificates for ClickHouse Keeper
221
##
222
tls:
223
enabled: false
224
autoGenerated:
225
enabled: true
226
engine: helm
227
certManager:
228
existingIssuer: ""
229
existingIssuerKind: ""
230
keySize: 2048
231
keyAlgorithm: RSA
232
duration: 2160h
233
renewBefore: 360h
234
ca: ""
235
existingCASecret: ""
236
server:
237
cert: ""
238
key: ""
239
existingSecret: ""
240
keeper:
241
cert: ""
242
key: ""
243
existingSecret: ""
244
## @param logLevel Logging level
245
##
246
logLevel: information
247
## @param sampling.enabled Enable logging tables collected by sampling query profiler
248
##
249
sampling:
250
enabled: false
251
## @param configuration Specify content for ClickHouse configuration (basic one auto-generated based on other values otherwise)
252
##
253
configuration: {}
254
## @param existingConfigmap The name of an existing ConfigMap with your custom configuration for ClickHouse
255
##
256
existingConfigmap: ""
257
## @param configdFiles Extra configuration files to be mounted at config.d
258
## ref: https://clickhouse.com/docs/operations/configuration-files
259
##
260
configdFiles: {}
261
## @param existingConfigdConfigmap The name of an existing ConfigMap with extra configuration files for ClickHouse
262
##
263
existingConfigdConfigmap: ""
264
## @param usersdFiles Extra users configuration files to be mounted at users.d
265
## ref: https://clickhouse.com/docs/operations/configuration-files#user-settings
266
##
267
usersdFiles: {}
268
## @param existingUsersdConfigmap The name of an existing ConfigMap with extra users configuration files for ClickHouse
269
##
270
existingUsersdConfigmap: ""
271
## @param existingUsersdSecret The name of an existing Secret with extra users configuration files for ClickHouse
272
##
273
existingUsersdSecret: ""
274
## @param initdbScripts Dictionary of initdb scripts
275
## Specify dictionary of scripts to be run at first boot
276
## Example:
277
## initdbScripts:
278
## my_init_script.sh: |
279
## #!/bin/bash
280
## echo "Do something."
281
##
282
initdbScripts: {}
283
## @param initdbScriptsSecret ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`)
284
##
285
initdbScriptsSecret: ""
286
## @param startdbScripts Dictionary of startdb scripts
287
## Specify dictionary of scripts to be run on every start
288
## Example:
289
## startdbScripts:
290
## my_start_script.sh: |
291
## #!/bin/bash
292
## echo "Do something."
293
##
294
startdbScripts: {}
295
## @param startdbScriptsSecret ConfigMap with the startdb scripts (Note: Overrides `startdbScripts`)
296
##
297
startdbScriptsSecret: ""
298
## @param shards Number of ClickHouse shards to deploy
299
##
300
shards: 2
301
## @param replicaCount Number of ClickHouse replicas per shard to deploy
302
## if keeper enable, same as keeper count, keeper cluster by shards.
303
##
304
replicaCount: 3
305
## @param distributeReplicasByZone Schedules replicas of the same shard to different availability zones
306
##
307
distributeReplicasByZone: false
308
## @param exposeMysql Expose MySQL port container port
309
## @param exposePostgresql Expose PostgreSQL port container port
310
##
311
exposeMysql: true
312
exposePostgresql: true
313
## @param containerPorts.http ClickHouse HTTP container port
314
## @param containerPorts.https ClickHouse HTTPS container port
315
## @param containerPorts.tcp ClickHouse TCP container port
316
## @param containerPorts.tcpSecure ClickHouse TCP (secure) container port
317
## @param containerPorts.mysql ClickHouse MySQL container port
318
## @param containerPorts.postgresql ClickHouse PostgreSQL container port
319
## @param containerPorts.interserver ClickHouse Interserver container port
320
## @param containerPorts.metrics ClickHouse metrics container port
321
##
322
containerPorts:
323
http: 8123
324
https: 8443
325
tcp: 9000
326
tcpSecure: 9440
327
mysql: 9004
328
postgresql: 9005
329
interserver: 9009
330
metrics: 8001
331
## Configure extra options for ClickHouse containers' liveness and readiness probes
332
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
333
## @param livenessProbe.enabled Enable livenessProbe on ClickHouse containers
334
## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
335
## @param livenessProbe.periodSeconds Period seconds for livenessProbe
336
## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
337
## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
338
## @param livenessProbe.successThreshold Success threshold for livenessProbe
339
##
340
livenessProbe:
341
enabled: true
342
failureThreshold: 3
343
initialDelaySeconds: 10
344
periodSeconds: 10
345
successThreshold: 1
346
timeoutSeconds: 1
347
## @param readinessProbe.enabled Enable readinessProbe on ClickHouse containers
348
## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
349
## @param readinessProbe.periodSeconds Period seconds for readinessProbe
350
## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
351
## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
352
## @param readinessProbe.successThreshold Success threshold for readinessProbe
353
##
354
readinessProbe:
355
enabled: true
356
failureThreshold: 3
357
initialDelaySeconds: 10
358
periodSeconds: 10
359
successThreshold: 1
360
timeoutSeconds: 1
361
## @param startupProbe.enabled Enable startupProbe on ClickHouse containers
362
## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
363
## @param startupProbe.periodSeconds Period seconds for startupProbe
364
## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
365
## @param startupProbe.failureThreshold Failure threshold for startupProbe
366
## @param startupProbe.successThreshold Success threshold for startupProbe
367
##
368
startupProbe:
369
enabled: false
370
failureThreshold: 3
371
initialDelaySeconds: 10
372
periodSeconds: 10
373
successThreshold: 1
374
timeoutSeconds: 1
375
## @param customLivenessProbe Custom livenessProbe that overrides the default one
376
##
377
customLivenessProbe: {}
378
## @param customReadinessProbe Custom readinessProbe that overrides the default one
379
##
380
customReadinessProbe: {}
381
## @param customStartupProbe Custom startupProbe that overrides the default one
382
##
383
customStartupProbe: {}
384
## ClickHouse resource requests and limits
385
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
386
## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
387
## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15
388
##
389
resourcesPreset: "small"
390
## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
391
## Example:
392
## resources:
393
## requests:
394
## cpu: 2
395
## memory: 512Mi
396
## limits:
397
## cpu: 3
398
## memory: 1024Mi
399
##
400
resources: {}
401
## Configure Pods Security Context
402
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
403
## @param podSecurityContext.enabled Enabled ClickHouse pods' Security Context
404
## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
405
## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface
406
## @param podSecurityContext.supplementalGroups Set filesystem extra groups
407
## @param podSecurityContext.fsGroup Set ClickHouse pod's Security Context fsGroup
408
## If you are using Kubernetes 1.18, the following code needs to be commented out.
409
##
410
podSecurityContext:
411
enabled: true
412
fsGroupChangePolicy: Always
413
sysctls: []
414
supplementalGroups: []
415
fsGroup: 1001
416
## Configure Container Security Context
417
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
418
## @param containerSecurityContext.enabled Enable containers' Security Context
419
## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
420
## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
421
## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
422
## @param containerSecurityContext.runAsNonRoot Set containers' Security Context runAsNonRoot
423
## @param containerSecurityContext.readOnlyRootFilesystem Set read only root file system pod's
424
## @param containerSecurityContext.privileged Set ClickHouse container's Security Context privileged
425
## @param containerSecurityContext.allowPrivilegeEscalation Set ClickHouse container's Security Context allowPrivilegeEscalation
426
## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
427
## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
428
##
429
containerSecurityContext:
430
enabled: true
431
seLinuxOptions: {}
432
runAsUser: 1001
433
runAsGroup: 1001
434
runAsNonRoot: true
435
privileged: false
436
allowPrivilegeEscalation: false
437
readOnlyRootFilesystem: true
438
capabilities:
439
drop: ["ALL"]
440
seccompProfile:
441
type: "RuntimeDefault"
442
## @param command Override default container command (useful when using custom images)
443
##
444
command: []
445
## @param args Override default container args (useful when using custom images)
446
##
447
args: []
448
## @param automountServiceAccountToken Mount Service Account token in pod
449
##
450
automountServiceAccountToken: false
451
## @param hostAliases ClickHouse pods host aliases
452
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
453
##
454
hostAliases: []
455
## @param podLabels Extra labels for ClickHouse pods
456
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
457
##
458
podLabels: {}
459
## @param podAnnotations Annotations for ClickHouse pods
460
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
461
##
462
podAnnotations: {}
463
## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
464
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
465
##
466
podAffinityPreset: ""
467
## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
468
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
469
##
470
podAntiAffinityPreset: soft
471
## Node affinity preset
472
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
473
##
474
nodeAffinityPreset:
475
## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
476
##
477
type: ""
478
## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set
479
##
480
key: ""
481
## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set
482
## E.g.
483
## values:
484
## - e2e-az1
485
## - e2e-az2
486
##
487
values: []
488
## @param affinity Affinity for ClickHouse pods assignment
489
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
490
## NOTE: `podAffinityPreset`, `podAntiAffinityPreset`, and `nodeAffinityPreset` will be ignored when it's set
491
##
492
affinity: {}
493
## @param nodeSelector Node labels for ClickHouse pods assignment
494
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
495
##
496
nodeSelector: {}
497
## @param tolerations Tolerations for ClickHouse pods assignment
498
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
499
##
500
tolerations: []
501
## @param updateStrategy.type ClickHouse StatefulSet strategy type
502
## @param updateStrategy.rollingUpdate ClickHouse StatefulSet rolling update configuration parameters
503
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
504
##
505
updateStrategy:
506
type: RollingUpdate
507
rollingUpdate: {}
508
## @param podManagementPolicy Statefulset Pod management policy, it needs to be Parallel to be able to complete the cluster join
509
## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
510
##
511
podManagementPolicy: Parallel
512
## @param priorityClassName ClickHouse pods' priorityClassName
513
##
514
priorityClassName: ""
515
## @param topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
516
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
517
##
518
topologySpreadConstraints: []
519
## @param schedulerName Name of the k8s scheduler (other than default) for ClickHouse pods
520
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
521
##
522
schedulerName: ""
523
## @param terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully
524
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
525
##
526
terminationGracePeriodSeconds: ""
527
## @param lifecycleHooks for the ClickHouse container(s) to automate configuration before or after startup
528
##
529
lifecycleHooks: {}
530
## @param extraEnvVars Array with extra environment variables to add to ClickHouse nodes
531
## e.g:
532
## extraEnvVars:
533
## - name: FOO
534
## value: "bar"
535
##
536
extraEnvVars: []
537
## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars for ClickHouse nodes
538
##
539
extraEnvVarsCM: ""
540
## @param extraEnvVarsSecret Name of existing Secret containing extra env vars for ClickHouse nodes
541
##
542
extraEnvVarsSecret: ""
543
## @param extraVolumes Optionally specify extra list of additional volumes for the ClickHouse pod(s)
544
##
545
extraVolumes: []
546
## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for the ClickHouse container(s)
547
##
548
extraVolumeMounts: []
549
## @param extraVolumeClaimTemplates Optionally specify extra list of additional volumeClaimTemplates for the ClickHouse container(s)
550
##
551
extraVolumeClaimTemplates: []
552
## @param sidecars Add additional sidecar containers to the ClickHouse pod(s)
553
## e.g:
554
## sidecars:
555
## - name: your-image-name
556
## image: your-image
557
## imagePullPolicy: Always
558
## ports:
559
## - name: portname
560
## containerPort: 1234
561
##
562
sidecars: []
563
## @param initContainers Add additional init containers to the ClickHouse pod(s)
564
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
565
## e.g:
566
## initContainers:
567
## - name: your-image-name
568
## image: your-image
569
## imagePullPolicy: Always
570
## command: ['sh', '-c', 'echo "hello world"']
571
##
572
initContainers: []
573
## Pod Disruption Budget configuration
574
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
575
## @param pdb.create Enable/disable a Pod Disruption Budget creation
576
## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled
577
## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty.
578
##
579
pdb:
580
create: true
581
minAvailable: ""
582
maxUnavailable: ""
583
## ClickHouse Autoscaling configuration
584
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
585
##
586
autoscaling:
587
vpa:
588
## @param autoscaling.vpa.enabled Enable VPA
589
##
590
enabled: false
591
## @param autoscaling.vpa.annotations Annotations for VPA resource
592
##
593
annotations: {}
594
## @param autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
595
##
596
controlledResources: []
597
## @param autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
598
## cpu: 200m
599
## memory: 100Mi
600
maxAllowed: {}
601
## @param autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
602
## cpu: 200m
603
## memory: 100Mi
604
minAllowed: {}
605
updatePolicy:
606
## @param autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
607
## Possible values are "Off", "Initial", "Recreate", and "Auto".
608
##
609
updateMode: Auto
610
## @section ClickHouse Traffic Exposure parameters
611
612
## ClickHouse service parameters
613
##
614
service:
615
## @param service.type ClickHouse service type
616
##
617
type: ClusterIP
618
## @param service.perReplicaAccess Enable per-replica service creation
619
## This is useful for exposing individual replicas externally via LoadBalancer or NodePort
620
##
621
perReplicaAccess: false
622
## @param service.ports.http ClickHouse service HTTP port
623
## @param service.ports.https ClickHouse service HTTPS port
624
## @param service.ports.tcp ClickHouse service TCP port
625
## @param service.ports.tcpSecure ClickHouse service TCP (secure) port
626
## @param service.ports.mysql ClickHouse service MySQL port
627
## @param service.ports.postgresql ClickHouse service PostgreSQL port
628
## @param service.ports.interserver ClickHouse service Interserver port
629
## @param service.ports.metrics ClickHouse service metrics port
630
##
631
ports:
632
http: 8123
633
https: 443
634
tcp: 9000
635
tcpSecure: 9440
636
mysql: 9004
637
postgresql: 9005
638
interserver: 9009
639
metrics: 8001
640
## Node ports to expose
641
## @param service.nodePorts.http Node port for HTTP
642
## @param service.nodePorts.https Node port for HTTPS
643
## @param service.nodePorts.tcp Node port for TCP
644
## @param service.nodePorts.tcpSecure Node port for TCP (with TLS)
645
## @param service.nodePorts.mysql Node port for MySQL
646
## @param service.nodePorts.postgresql Node port for PostgreSQL
647
## @param service.nodePorts.interserver Node port for Interserver
648
## @param service.nodePorts.metrics Node port for metrics
649
## NOTE: choose port between <30000-32767>
650
##
651
nodePorts:
652
http: ""
653
https: ""
654
tcp: ""
655
tcpSecure: ""
656
mysql: ""
657
postgresql: ""
658
interserver: ""
659
metrics: ""
660
## @param service.clusterIP ClickHouse service Cluster IP
661
## e.g.:
662
## clusterIP: None
663
##
664
clusterIP: ""
665
## @param service.loadBalancerIP ClickHouse service Load Balancer IP (only if per-replica access is disabled)
666
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
667
##
668
loadBalancerIP: ""
669
## @param service.loadBalancerIPs Array of ClickHouse service Load Balancer IPs (only if per-replica access is enabled). Length must be the same as shards multiplied by replicaCount
670
## e.g:
671
## loadBalancerIPs:
672
## - X.X.X.X
673
## - Y.Y.Y.Y
674
##
675
loadBalancerIPs: []
676
## @param service.loadBalancerAnnotations Array of ClickHouse service Load Balancer annotations (only if per-replica access is enabled). Length must be the same as shards multiplied by replicaCount
677
## e.g:
678
## loadBalancerAnnotations:
679
## - external-dns.alpha.kubernetes.io/hostname: 1.external.example.com.
680
## - external-dns.alpha.kubernetes.io/hostname: 2.external.example.com.
681
##
682
loadBalancerAnnotations: []
683
## @param service.loadBalancerSourceRanges ClickHouse service Load Balancer sources
684
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
685
## e.g:
686
## loadBalancerSourceRanges:
687
## - 10.10.10.0/24
688
##
689
loadBalancerSourceRanges: []
690
## @param service.externalTrafficPolicy ClickHouse service external traffic policy
691
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
692
##
693
externalTrafficPolicy: Cluster
694
## @param service.annotations Additional custom annotations for ClickHouse service
695
##
696
annotations: {}
697
## @param service.extraPorts Extra ports to expose in ClickHouse service (normally used with the `sidecars` value)
698
##
699
extraPorts: []
700
## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin
701
## Values: ClientIP or None
702
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
703
##
704
sessionAffinity: None
705
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
706
## sessionAffinityConfig:
707
## clientIP:
708
## timeoutSeconds: 300
709
##
710
sessionAffinityConfig: {}
711
## Headless service properties
712
##
713
headless:
714
## @param service.headless.annotations Annotations for the headless service.
715
##
716
annotations: {}
717
## @param service.headless.extraPorts Optionally specify extra ports to expose for the headless service.
718
##
719
extraPorts: []
720
## ClickHouse Ingress parameters
721
## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/
722
##
723
ingress:
724
## @param ingress.enabled Enable ingress record generation for ClickHouse
725
##
726
enabled: false
727
## @param ingress.pathType Ingress path type
728
##
729
pathType: ImplementationSpecific
730
## @param ingress.apiVersion Force Ingress API version (automatically detected if not set)
731
##
732
apiVersion: ""
733
## @param ingress.hostname Default host for the ingress record
734
##
735
hostname: clickhouse.local
736
## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
737
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
738
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
739
##
740
ingressClassName: ""
741
## @param ingress.path Default path for the ingress record
742
## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
743
##
744
path: /
745
## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
746
## Use this parameter to set the required annotations for cert-manager, see
747
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
748
## e.g:
749
## annotations:
750
## kubernetes.io/ingress.class: nginx
751
## cert-manager.io/cluster-issuer: cluster-issuer-name
752
##
753
annotations: {}
754
## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter
755
## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
756
## You can:
757
## - Use the `ingress.secrets` parameter to create this TLS secret
758
## - Rely on cert-manager to create it by setting the corresponding annotations
759
## - Rely on Helm to create self-signed certificates by setting `ingress.selfSigned=true`
760
##
761
tls: false
762
## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
763
##
764
selfSigned: false
765
## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record
766
## e.g:
767
## extraHosts:
768
## - name: clickhouse.local
769
## path: /
770
##
771
extraHosts: []
772
## @param ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host
773
## e.g:
774
## extraPaths:
775
## - path: /*
776
## backend:
777
## serviceName: ssl-redirect
778
## servicePort: use-annotation
779
##
780
extraPaths: []
781
## @param ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record
782
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
783
## e.g:
784
## extraTls:
785
## - hosts:
786
## - clickhouse.local
787
## secretName: clickhouse.local-tls
788
##
789
extraTls: []
790
## @param ingress.secrets Custom TLS certificates as secrets
791
## NOTE: 'key' and 'certificate' are expected in PEM format
792
## NOTE: 'name' should line up with a 'secretName' set further up
793
## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates
794
## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days
795
## It is also possible to create and manage the certificates outside of this helm chart
796
## Please see README.md for more information
797
## e.g:
798
## secrets:
799
## - name: clickhouse.local-tls
800
## key: |-
801
## -----BEGIN RSA PRIVATE KEY-----
802
## ...
803
## -----END RSA PRIVATE KEY-----
804
## certificate: |-
805
## -----BEGIN CERTIFICATE-----
806
## ...
807
## -----END CERTIFICATE-----
808
##
809
secrets: []
810
## @param ingress.extraRules Additional rules to be covered with this ingress record
811
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
812
## e.g:
813
## extraRules:
814
## - host: example.local
815
## http:
816
## path: /
817
## backend:
818
## service:
819
## name: example-svc
820
## port:
821
## name: http
822
##
823
extraRules: []
824
## ClickHouse Network Policies
825
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
826
##
827
networkPolicy:
828
## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created
829
##
830
enabled: true
831
## @param networkPolicy.allowExternal Don't require client label for connections
832
## The Policy model to apply. When set to false, only pods with the correct
833
## client label will have network access to the ports ClickHouse is listening
834
## on. When true, ClickHouse will accept connections from any source
835
## (with the correct destination port).
836
##
837
allowExternal: true
838
## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
839
##
840
allowExternalEgress: true
841
## @param networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `networkPolicy.allowExternal` is true.
842
##
843
addExternalClientAccess: true
844
## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
845
## e.g:
846
## extraIngress:
847
## - ports:
848
## - port: 1234
849
## from:
850
## - podSelector:
851
## - matchLabels:
852
## - role: frontend
853
## - podSelector:
854
## - matchExpressions:
855
## - key: role
856
## operator: In
857
## values:
858
## - frontend
859
extraIngress: []
860
## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
861
## e.g:
862
## extraEgress:
863
## - ports:
864
## - port: 1234
865
## to:
866
## - podSelector:
867
## - matchLabels:
868
## - role: frontend
869
## - podSelector:
870
## - matchExpressions:
871
## - key: role
872
## operator: In
873
## values:
874
## - frontend
875
##
876
extraEgress: []
877
## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
878
## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
879
##
880
ingressNSMatchLabels: {}
881
ingressNSPodMatchLabels: {}
882
## @section ClickHouse Persistence parameters
883
884
## persistentVolumeClaimRetentionPolicy
885
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention
886
## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet
887
## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced
888
## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted
889
##
890
persistentVolumeClaimRetentionPolicy:
891
enabled: false
892
whenScaled: Retain
893
whenDeleted: Retain
894
## Enable persistence using Persistent Volume Claims
895
## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
896
##
897
persistence:
898
## @param persistence.enabled Enable persistence using Persistent Volume Claims
899
##
900
enabled: true
901
## @param persistence.volumeName Name to assign the volume
902
##
903
volumeName: data
904
## @param persistence.existingClaim Name of an existing PVC to use
905
##
906
existingClaim: ""
907
## @param persistence.storageClass Storage class of backing PVC
908
## If defined, storageClassName: <storageClass>
909
## If set to "-", storageClassName: "", which disables dynamic provisioning
910
## If undefined (the default) or set to null, no storageClassName spec is
911
## set, choosing the default provisioner. (gp2 on AWS, standard on
912
## GKE, AWS & OpenStack)
913
##
914
storageClass: ""
915
## @param persistence.labels Persistent Volume Claim labels
916
##
917
labels: {}
918
## @param persistence.annotations Persistent Volume Claim annotations
919
##
920
annotations: {}
921
## @param persistence.accessModes Persistent Volume Access Modes
922
##
923
accessModes:
924
- ReadWriteOnce
925
## @param persistence.size Size of data volume
926
##
927
size: 8Gi
928
## @param persistence.selector Selector to match an existing Persistent Volume for ClickHouse data PVC
929
## If set, the PVC can't have a PV dynamically provisioned for it
930
## E.g.
931
## selector:
932
## matchLabels:
933
## app: my-app
934
##
935
selector: {}
936
## @param persistence.dataSource Custom PVC data source
937
##
938
dataSource: {}
939
## @param persistence.mountPath Mount path of the ClickHouse data volume
940
##
941
mountPath: /iamguarded/clickhouse
942
## @section ClickHouse Keeper parameters
943
keeper:
944
## @param keeper.enabled Deploy ClickHouse Keeper to provide coordination capabilities
945
##
946
enabled: true
947
## Iamguarded ClickHouse Keeper image
948
## ref: https://hub.docker.com/r/iamguarded/clickhouse-keeper/tags/
949
## @param keeper.image.registry [default: REGISTRY_NAME] ClickHouse Keeper image registry
950
## @param keeper.image.repository [default: REPOSITORY_NAME/clickhouse-keeper] ClickHouse Keeper image repository
951
## @skip keeper.image.tag ClickHouse Keeper image tag (immutable tags are recommended)
952
## @param keeper.image.digest ClickHouse Keeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)
953
## @param keeper.image.pullPolicy ClickHouse Keeper image pull policy
954
## @param keeper.image.pullSecrets ClickHouse Keeper image pull secrets
955
## @param keeper.image.debug Enable ClickHouse image debug mode
956
##
957
image:
958
registry: cgr.dev
959
repository: chainguard-private/clickhouse-keeper-iamguarded
960
tag: 26.1.4
961
digest: ""
962
## Specify a imagePullPolicy
963
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
964
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
965
##
966
pullPolicy: IfNotPresent
967
## Optionally specify an array of imagePullSecrets.
968
## Secrets must be manually created in the namespace.
969
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
970
## e.g:
971
## pullSecrets:
972
## - myRegistryKeySecretName
973
##
974
pullSecrets: []
975
## Set to true if you would like to see extra information on logs
976
##
977
debug: false
978
## @param keeper.replicaCount Number of ClickHouse Keeper replicas to deploy
979
##
980
replicaCount: 3
981
## @param keeper.configuration Specify content for ClickHouse Keeper configuration (basic one auto-generated based on other values otherwise)
982
##
983
configuration: {}
984
## @param keeper.existingConfigmap The name of an existing ConfigMap with your custom configuration for ClickHouse Keeper
985
##
986
existingConfigmap: ""
987
## @param keeper.configdFiles Extra configuration files to be mounted at keeper_config.d
988
## ref: https://clickhouse.com/docs/operations/configuration-files
989
##
990
configdFiles: {}
991
## @param keeper.existingConfigdConfigmap The name of an existing ConfigMap with extra configuration files for ClickHouse Keeper
992
##
993
existingConfigdConfigmap: ""
994
## @param keeper.usersdFiles Extra users configuration files to be mounted at users.d
995
## ref: https://clickhouse.com/docs/operations/configuration-files#user-settings
996
##
997
usersdFiles: {}
998
## @param keeper.existingUsersdConfigmap The name of an existing ConfigMap with extra users configuration files for ClickHouse Keeper
999
##
1000
existingUsersdConfigmap: ""
1001
## @param keeper.existingUsersdSecret The name of an existing Secret with extra users configuration files for ClickHouse Keeper
1002
##
1003
existingUsersdSecret: ""
1004
## @param keeper.containerPorts.tcp ClickHouse Keeper TCP container port
1005
## @param keeper.containerPorts.tcpSecure ClickHouse TCP (secure) container port
1006
## @param keeper.containerPorts.raft ClickHouse Keeper Raft container port
1007
##
1008
containerPorts:
1009
tcp: 9181
1010
tcpSecure: 9281
1011
raft: 9234
1012
## @param keeper.extraContainerPorts ClickHouse Keeper extra containerPorts
1013
##
1014
extraContainerPorts: []
1015
## Configure extra options for ClickHouse Keeper containers' liveness and readiness probes
1016
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
1017
## @param keeper.livenessProbe.enabled Enable livenessProbe on ClickHouse Keeper containers
1018
## @param keeper.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
1019
## @param keeper.livenessProbe.periodSeconds Period seconds for livenessProbe
1020
## @param keeper.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
1021
## @param keeper.livenessProbe.failureThreshold Failure threshold for livenessProbe
1022
## @param keeper.livenessProbe.successThreshold Success threshold for livenessProbe
1023
##
1024
livenessProbe:
1025
enabled: true
1026
failureThreshold: 3
1027
initialDelaySeconds: 10
1028
periodSeconds: 10
1029
successThreshold: 1
1030
timeoutSeconds: 1
1031
## @param keeper.readinessProbe.enabled Enable readinessProbe on ClickHouse Keeper containers
1032
## @param keeper.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
1033
## @param keeper.readinessProbe.periodSeconds Period seconds for readinessProbe
1034
## @param keeper.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
1035
## @param keeper.readinessProbe.failureThreshold Failure threshold for readinessProbe
1036
## @param keeper.readinessProbe.successThreshold Success threshold for readinessProbe
1037
##
1038
readinessProbe:
1039
enabled: true
1040
failureThreshold: 3
1041
initialDelaySeconds: 10
1042
periodSeconds: 10
1043
successThreshold: 1
1044
timeoutSeconds: 1
1045
## @param keeper.startupProbe.enabled Enable startupProbe on ClickHouse Keeper containers
1046
## @param keeper.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
1047
## @param keeper.startupProbe.periodSeconds Period seconds for startupProbe
1048
## @param keeper.startupProbe.timeoutSeconds Timeout seconds for startupProbe
1049
## @param keeper.startupProbe.failureThreshold Failure threshold for startupProbe
1050
## @param keeper.startupProbe.successThreshold Success threshold for startupProbe
1051
##
1052
startupProbe:
1053
enabled: false
1054
failureThreshold: 3
1055
initialDelaySeconds: 10
1056
periodSeconds: 10
1057
successThreshold: 1
1058
timeoutSeconds: 1
1059
## @param keeper.customLivenessProbe Custom livenessProbe that overrides the default one
1060
##
1061
customLivenessProbe: {}
1062
## @param keeper.customReadinessProbe Custom readinessProbe that overrides the default one
1063
##
1064
customReadinessProbe: {}
1065
## @param keeper.customStartupProbe Custom startupProbe that overrides the default one
1066
##
1067
customStartupProbe: {}
1068
## ClickHouse Keeper resource requests and limits
1069
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
1070
## @param keeper.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if keeper.resources is set (keeper.resources is recommended for production).
1071
## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15
1072
##
1073
resourcesPreset: "small"
1074
## @param keeper.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
1075
## Example:
1076
## resources:
1077
## requests:
1078
## cpu: 2
1079
## memory: 512Mi
1080
## limits:
1081
## cpu: 3
1082
## memory: 1024Mi
1083
##
1084
resources: {}
1085
## Configure ClickHouse Keeper pods Security Context
1086
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
1087
## @param keeper.podSecurityContext.enabled Enabled ClickHouse Keeper pods' Security Context
1088
## @param keeper.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
1089
## @param keeper.podSecurityContext.sysctls Set kernel settings using the sysctl interface
1090
## @param keeper.podSecurityContext.supplementalGroups Set filesystem extra groups
1091
## @param keeper.podSecurityContext.fsGroup Set ClickHouse Keeper pod's Security Context fsGroup
1092
##
1093
podSecurityContext:
1094
enabled: true
1095
fsGroupChangePolicy: Always
1096
sysctls: []
1097
supplementalGroups: []
1098
fsGroup: 1001
1099
## Configure ClickHouse Keeper containers (only main one) Security Context
1100
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
1101
## @param keeper.containerSecurityContext.enabled Enabled ClickHouse Keeper containers' Security Context
1102
## @param keeper.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
1103
## @param keeper.containerSecurityContext.runAsUser Set ClickHouse Keeper containers' Security Context runAsUser
1104
## @param keeper.containerSecurityContext.runAsGroup Set ClickHouse Keeper containers' Security Context runAsGroup
1105
## @param keeper.containerSecurityContext.runAsNonRoot Set ClickHouse Keeper containers' Security Context runAsNonRoot
1106
## @param keeper.containerSecurityContext.privileged Set web container's Security Context privileged
1107
## @param keeper.containerSecurityContext.allowPrivilegeEscalation Set web container's Security Context allowPrivilegeEscalation
1108
## @param keeper.containerSecurityContext.readOnlyRootFilesystem Set web container's Security Context readOnlyRootFilesystem
1109
## @param keeper.containerSecurityContext.capabilities.drop List of capabilities to be dropped
1110
## @param keeper.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
1111
##
1112
containerSecurityContext:
1113
enabled: true
1114
seLinuxOptions: {}
1115
runAsUser: 1001
1116
runAsGroup: 1001
1117
runAsNonRoot: true
1118
privileged: false
1119
allowPrivilegeEscalation: false
1120
readOnlyRootFilesystem: true
1121
capabilities:
1122
drop: ["ALL"]
1123
seccompProfile:
1124
type: "RuntimeDefault"
1125
## @param keeper.command Override default container command (useful when using custom images)
1126
##
1127
command: []
1128
## @param keeper.args Override default container args (useful when using custom images)
1129
##
1130
args: []
1131
## @param keeper.extraEnvVars Array with extra environment variables to add to ClickHouse Keeper container(s)
1132
## e.g:
1133
## extraEnvVars:
1134
## - name: FOO
1135
## value: "bar"
1136
##
1137
extraEnvVars: []
1138
## @param keeper.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for ClickHouse Keeper container(s)
1139
##
1140
extraEnvVarsCM: ""
1141
## @param keeper.extraEnvVarsSecret Name of existing Secret containing extra env vars for ClickHouse Keeper container(s)
1142
##
1143
extraEnvVarsSecret: ""
1144
## @param keeper.automountServiceAccountToken Mount Service Account token in pod
1145
##
1146
automountServiceAccountToken: false
1147
## @param keeper.hostAliases ClickHouse Keeper pods host aliases
1148
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
1149
##
1150
hostAliases: []
1151
## @param keeper.podLabels Extra labels for ClickHouse Keeper pods
1152
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
1153
##
1154
podLabels: {}
1155
## @param keeper.podAnnotations Annotations for ClickHouse Keeper pods
1156
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
1157
##
1158
podAnnotations: {}
1159
## @param keeper.podAffinityPreset Pod affinity preset. Ignored if `keeper.affinity` is set. Allowed values: `soft` or `hard`
1160
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
1161
##
1162
podAffinityPreset: ""
1163
## @param keeper.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `keeper.affinity` is set. Allowed values: `soft` or `hard`
1164
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
1165
##
1166
podAntiAffinityPreset: soft
1167
## Node affinity preset
1168
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
1169
## @param keeper.nodeAffinityPreset.key Node label key to match. Ignored if `keeper.affinity` is set.
1170
## @param keeper.nodeAffinityPreset.type Node affinity preset type. Ignored if `keeper.affinity` is set. Allowed values: `soft` or `hard`
1171
## @param keeper.nodeAffinityPreset.values Node label values to match. Ignored if `keeper.affinity` is set.
1172
##
1173
nodeAffinityPreset:
1174
## e.g:
1175
## key: "kubernetes.io/e2e-az-name"
1176
##
1177
key: ""
1178
type: ""
1179
## e.g:
1180
## values:
1181
## - e2e-az1
1182
## - e2e-az2
1183
##
1184
values: []
1185
## @param keeper.affinity Affinity for ClickHouse Keeper pods assignment
1186
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
1187
## NOTE: `keeper.podAffinityPreset`, `keeper.podAntiAffinityPreset`, and `keeper.nodeAffinityPreset` will be ignored when it's set
1188
##
1189
affinity: {}
1190
## @param keeper.nodeSelector Node labels for ClickHouse Keeper pods assignment
1191
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
1192
##
1193
nodeSelector: {}
1194
## @param keeper.tolerations Tolerations for ClickHouse Keeper pods assignment
1195
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
1196
##
1197
tolerations: []
1198
## @param keeper.updateStrategy.type ClickHouse Keeper StatefulSet strategy type
1199
## @param keeper.updateStrategy.rollingUpdate ClickHouse Keeper StatefulSet rolling update configuration parameters
1200
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
1201
##
1202
updateStrategy:
1203
type: RollingUpdate
1204
rollingUpdate: {}
1205
## @param keeper.podManagementPolicy StatefulSet Pod management policy, it needs to be Parallel to be able to complete the cluster join
1206
## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
1207
##
1208
podManagementPolicy: Parallel
1209
## @param keeper.priorityClassName ClickHouse Keeper pods' priorityClassName
1210
##
1211
priorityClassName: ""
1212
## @param keeper.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
1213
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
1214
##
1215
topologySpreadConstraints: []
1216
## @param keeper.schedulerName Name of the k8s scheduler (other than default) for ClickHouse pods
1217
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
1218
##
1219
schedulerName: ""
1220
## @param keeper.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully
1221
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
1222
##
1223
terminationGracePeriodSeconds: ""
1224
## @param keeper.lifecycleHooks for the ClickHouse Keeper container(s) to automate configuration before or after startup
1225
##
1226
lifecycleHooks: {}
1227
## @param keeper.extraVolumes Optionally specify extra list of additional volumes for the ClickHouse Keeper pod(s)
1228
##
1229
extraVolumes: []
1230
## @param keeper.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the ClickHouse Keeper container(s)
1231
##
1232
extraVolumeMounts: []
1233
## @param keeper.sidecars Add additional sidecar containers to the ClickHouse Keeper pod(s)
1234
## e.g:
1235
## sidecars:
1236
## - name: your-image-name
1237
## image: your-image
1238
## imagePullPolicy: Always
1239
## ports:
1240
## - name: portname
1241
## containerPort: 1234
1242
##
1243
sidecars: []
1244
## @param keeper.initContainers Add additional init containers to the ClickHouse Keeper pod(s)
1245
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
1246
## e.g:
1247
## initContainers:
1248
## - name: your-image-name
1249
## image: your-image
1250
## imagePullPolicy: Always
1251
## command: ['sh', '-c', 'echo "hello world"']
1252
##
1253
initContainers: []
1254
## ClickHouse Keeper Pod Disruption Budget
1255
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
1256
## @param keeper.pdb.create Deploy a pdb object for the ClickHouse Keeper pods
1257
## @param keeper.pdb.minAvailable Maximum number/percentage of unavailable ClickHouse Keeper replicas
1258
## @param keeper.pdb.maxUnavailable Maximum number/percentage of unavailable ClickHouse Keeper replicas
1259
##
1260
pdb:
1261
create: true
1262
minAvailable: ""
1263
maxUnavailable: ""
1264
## ClickHouse Keeper Autoscaling configuration
1265
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
1266
##
1267
autoscaling:
1268
vpa:
1269
## @param keeper.autoscaling.vpa.enabled Enable VPA
1270
##
1271
enabled: false
1272
## @param keeper.autoscaling.vpa.annotations Annotations for VPA resource
1273
##
1274
annotations: {}
1275
## @param keeper.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
1276
##
1277
controlledResources: []
1278
## @param keeper.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
1279
## cpu: 200m
1280
## memory: 100Mi
1281
maxAllowed: {}
1282
## @param keeper.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
1283
## cpu: 200m
1284
## memory: 100Mi
1285
minAllowed: {}
1286
updatePolicy:
1287
## @param keeper.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
1288
## Possible values are "Off", "Initial", "Recreate", and "Auto".
1289
##
1290
updateMode: Auto
1291
## @section ClickHouse Keeper Traffic Exposure parameters
1292
1293
## ClickHouse Keeper service parameters
1294
##
1295
service:
1296
## @param keeper.service.type ClickHouse Keeper service type
1297
##
1298
type: ClusterIP
1299
## @param keeper.service.ports.tcp ClickHouse Keeper service TCP port
1300
## @param keeper.service.ports.tcpSecure ClickHouse Keeper service TCP (secure) port
1301
## @param keeper.service.ports.raft ClickHouse Keeper service Raft port
1302
##
1303
ports:
1304
tcp: 9181
1305
tcpSecure: 9281
1306
raft: 9234
1307
## Node ports to expose
1308
## @param keeper.service.nodePorts.tcp Node port for ClickHouse Keeper service TCP port
1309
## @param keeper.service.nodePorts.tcpSecure Node port for ClickHouse Keeper service TCP (secure) port
1310
## @param keeper.service.nodePorts.raft Node port for ClickHouse Keeper service Raft port
1311
## NOTE: choose port between <30000-32767>
1312
##
1313
nodePorts:
1314
tcp: ""
1315
tcpSecure: ""
1316
raft: ""
1317
## @param keeper.service.clusterIP ClickHouse Keeper service Cluster IP
1318
## e.g.:
1319
## clusterIP: None
1320
##
1321
clusterIP: ""
1322
## @param keeper.service.loadBalancerIP ClickHouse Keeper service Load Balancer IP
1323
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
1324
##
1325
loadBalancerIP: ""
1326
## @param keeper.service.loadBalancerSourceRanges ClickHouse Keeper service Load Balancer sources
1327
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
1328
## e.g:
1329
## loadBalancerSourceRanges:
1330
## - 10.10.10.0/24
1331
##
1332
loadBalancerSourceRanges: []
1333
## @param keeper.service.externalTrafficPolicy ClickHouse Keeper service external traffic policy
1334
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
1335
##
1336
externalTrafficPolicy: Cluster
1337
## @param keeper.service.annotations Additional custom annotations for ClickHouse Keeper service
1338
##
1339
annotations: {}
1340
## @param keeper.service.extraPorts Extra ports to expose in ClickHouse Keeper service (normally used with the `sidecars` value)
1341
##
1342
extraPorts: []
1343
## @param keeper.service.sessionAffinity Control where client requests go, to the same pod or round-robin
1344
## Values: ClientIP or None
1345
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
1346
##
1347
sessionAffinity: None
1348
## @param keeper.service.sessionAffinityConfig Additional settings for the sessionAffinity
1349
## sessionAffinityConfig:
1350
## clientIP:
1351
## timeoutSeconds: 300
1352
##
1353
sessionAffinityConfig: {}
1354
## Headless service properties
1355
##
1356
headless:
1357
## @param keeper.service.headless.annotations Annotations for the headless service.
1358
##
1359
annotations: {}
1360
## @param keeper.service.headless.extraPorts Optionally specify extra ports to expose for the headless service.
1361
##
1362
extraPorts: []
1363
## ClickHouse Keeper Network Policies
1364
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
1365
##
1366
networkPolicy:
1367
## @param keeper.networkPolicy.enabled Specifies whether a NetworkPolicy should be created
1368
##
1369
enabled: true
1370
## @param keeper.networkPolicy.allowExternal Don't require client label for connections
1371
## The Policy model to apply. When set to false, only pods with the correct
1372
## client label will have network access to the ports ClickHouse Keeper is listening
1373
## on. When true, ClickHouse Keeper will accept connections from any source
1374
## (with the correct destination port).
1375
##
1376
allowExternal: true
1377
## @param keeper.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
1378
##
1379
allowExternalEgress: true
1380
## @param keeper.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `keeper.networkPolicy.allowExternal` is true.
1381
##
1382
addExternalClientAccess: true
1383
## @param keeper.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
1384
## e.g:
1385
## extraIngress:
1386
## - ports:
1387
## - port: 1234
1388
## from:
1389
## - podSelector:
1390
## - matchLabels:
1391
## - role: frontend
1392
## - podSelector:
1393
## - matchExpressions:
1394
## - key: role
1395
## operator: In
1396
## values:
1397
## - frontend
1398
extraIngress: []
1399
## @param keeper.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
1400
## e.g:
1401
## extraEgress:
1402
## - ports:
1403
## - port: 1234
1404
## to:
1405
## - podSelector:
1406
## - matchLabels:
1407
## - role: frontend
1408
## - podSelector:
1409
## - matchExpressions:
1410
## - key: role
1411
## operator: In
1412
## values:
1413
## - frontend
1414
##
1415
extraEgress: []
1416
## @param keeper.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
1417
## @param keeper.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
1418
##
1419
ingressNSMatchLabels: {}
1420
ingressNSPodMatchLabels: {}
1421
## @section ClickHouse Keeper Persistence parameters
1422
1423
## persistentVolumeClaimRetentionPolicy
1424
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention
1425
## @param keeper.persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet
1426
## @param keeper.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced
1427
## @param keeper.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted
1428
##
1429
persistentVolumeClaimRetentionPolicy:
1430
enabled: false
1431
whenScaled: Retain
1432
whenDeleted: Retain
1433
## Enable persistence using Persistent Volume Claims
1434
## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
1435
##
1436
persistence:
1437
## @param keeper.persistence.enabled Enable ClickHouse Keeper data persistence using PVC
1438
##
1439
enabled: true
1440
## @param keeper.persistence.existingClaim A manually managed Persistent Volume and Claim
1441
## If defined, PVC must be created manually before volume will be bound
1442
## The value is evaluated as a template
1443
##
1444
existingClaim: ""
1445
## @param keeper.persistence.storageClass PVC Storage Class for ClickHouse Keeper data volume
1446
## If defined, storageClassName: <storageClass>
1447
## If set to "-", storageClassName: "", which disables dynamic provisioning
1448
## If undefined (the default) or set to null, no storageClassName spec is
1449
## set, choosing the default provisioner.
1450
##
1451
storageClass: ""
1452
## @param keeper.persistence.accessModes Persistent Volume Access Modes
1453
##
1454
accessModes:
1455
- ReadWriteOnce
1456
## @param keeper.persistence.size PVC Storage Request for ClickHouse Keeper data volume
1457
##
1458
size: 8Gi
1459
## @param keeper.persistence.annotations Annotations for the PVC
1460
##
1461
annotations: {}
1462
## @param keeper.persistence.labels Labels for the PVC
1463
##
1464
labels: {}
1465
## @param keeper.persistence.selector Selector to match an existing Persistent Volume for ClickHouse Keeper data PVC. If set, the PVC can't have a PV dynamically provisioned for it
1466
## selector:
1467
## matchLabels:
1468
## app: my-app
1469
##
1470
selector: {}
1471
## @param keeper.persistence.dataSource Custom PVC data source
1472
##
1473
dataSource: {}
1474
## @param keeper.persistence.mountPath Mount path of the ClickHouse Keeper data volume
1475
##
1476
mountPath: /iamguarded/clickhouse-keeper
1477
## @section Other Parameters
1478
1479
## ServiceAccount configuration
1480
##
1481
serviceAccount:
1482
## @param serviceAccount.create Specifies whether a ServiceAccount should be created
1483
##
1484
create: true
1485
## @param serviceAccount.name The name of the ServiceAccount to use.
1486
## If not set and create is true, a name is generated using the common.names.fullname template
1487
##
1488
name: ""
1489
## @param serviceAccount.annotations Additional Service Account annotations (evaluated as a template)
1490
##
1491
annotations: {}
1492
## @param serviceAccount.automountServiceAccountToken Automount service account token for the server service account
1493
##
1494
automountServiceAccountToken: false
1495
## @section Prometheus metrics parameters
1496
metrics:
1497
## @param metrics.enabled Enable the export of Prometheus metrics
1498
##
1499
enabled: false
1500
## @param metrics.podAnnotations Pod annotations for enabling Prometheus to access the metrics endpoint
1501
##
1502
podAnnotations: {}
1503
## Prometheus Operator ServiceMonitor configuration
1504
##
1505
serviceMonitor:
1506
## @param metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)
1507
##
1508
enabled: false
1509
## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
1510
##
1511
namespace: ""
1512
## @param metrics.serviceMonitor.annotations Additional custom annotations for the ServiceMonitor
1513
##
1514
annotations: {}
1515
## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
1516
##
1517
labels: {}
1518
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus
1519
##
1520
jobLabel: ""
1521
## @param metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels
1522
##
1523
honorLabels: false
1524
## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped.
1525
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
1526
## e.g:
1527
## interval: 10s
1528
##
1529
interval: ""
1530
## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
1531
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
1532
## e.g:
1533
## scrapeTimeout: 10s
1534
##
1535
scrapeTimeout: ""
1536
## @param metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics
1537
##
1538
metricRelabelings: []
1539
## @param metrics.serviceMonitor.relabelings Specify general relabeling
1540
##
1541
relabelings: []
1542
## @param metrics.serviceMonitor.selector Prometheus instance selector labels
1543
## ref: https://github.com/iamguarded/charts/tree/main/iamguarded/prometheus-operator#prometheus-configuration
1544
## selector:
1545
## prometheus: my-prometheus
1546
##
1547
selector: {}
1548
## Prometheus Operator PrometheusRule configuration
1549
##
1550
prometheusRule:
1551
## @param metrics.prometheusRule.enabled Create a PrometheusRule for Prometheus Operator
1552
##
1553
enabled: false
1554
## @param metrics.prometheusRule.namespace Namespace for the PrometheusRule Resource (defaults to the Release Namespace)
1555
##
1556
namespace: ""
1557
## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so PrometheusRule will be discovered by Prometheus
1558
##
1559
additionalLabels: {}
1560
## @param metrics.prometheusRule.rules PrometheusRule definitions
1561
## - alert: ClickHouseServerRestart
1562
## annotations:
1563
## message: ClickHouse server started recently
1564
## expr: ClickHouseAsyncMetrics_Uptime > 1 < 180
1565
## for: 5m
1566
## labels:
1567
## severity: warning
1568
rules: []
1569
## @section External ClickHouse Keeper / Zookeeper parameters
1570
##
1571
externalZookeeper:
1572
## @param externalZookeeper.servers List of external ClickHouse Keeper / Zookeeper servers to use
1573
## @param externalZookeeper.port Port of the ClickHouse Keeper / Zookeeper servers
1574
##
1575
servers: []
1576
port: 2888
1577