haproxy
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# This file has been modified by Chainguard, Inc.
2
#
3
# Copyright Chainguard, Inc. All Rights Reserved.
4
# Chainguard, Inc. modifications are subject to the license
5
# available at: https://www.chainguard.dev/legal/software-license-agreement
6
#
7
# Copyright Broadcom, Inc. All Rights Reserved.
8
# SPDX-License-Identifier: APACHE-2.0
9
10
## @section Global parameters
11
## Global Docker image parameters
12
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
13
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
14
##
15
16
## @param global.imageRegistry Global Docker image registry
17
## @param global.imagePullSecrets Global Docker registry secret names as an array
18
## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)
19
## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead
20
##
21
global:
22
imageRegistry: ""
23
## E.g.
24
## imagePullSecrets:
25
## - myRegistryKeySecretName
26
##
27
imagePullSecrets: []
28
defaultStorageClass: ""
29
storageClass: ""
30
## Security parameters
31
##
32
security:
33
## @param global.security.allowInsecureImages Allows skipping image verification
34
allowInsecureImages: false
35
## Compatibility adaptations for Kubernetes platforms
36
##
37
compatibility:
38
## Compatibility adaptations for Openshift
39
##
40
openshift:
41
## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
42
##
43
adaptSecurityContext: auto
44
org: ""
45
## @section Common parameters
46
##
47
48
## @param kubeVersion Override Kubernetes version
49
##
50
kubeVersion: ""
51
## @param nameOverride String to partially override common.names.fullname
52
##
53
nameOverride: ""
54
## @param fullnameOverride String to fully override common.names.fullname
55
##
56
fullnameOverride: ""
57
## @param commonLabels Labels to add to all deployed objects
58
##
59
commonLabels: {}
60
## @param commonAnnotations Annotations to add to all deployed objects
61
##
62
commonAnnotations: {}
63
## @param clusterDomain Kubernetes cluster domain name
64
##
65
clusterDomain: cluster.local
66
## @param extraDeploy Array of extra objects to deploy with the release
67
##
68
extraDeploy: []
69
## @param deploymentAnnotations Annotations to add to the deployment
70
##
71
deploymentAnnotations: {}
72
## Enable diagnostic mode in the deployment
73
##
74
diagnosticMode:
75
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
76
##
77
enabled: false
78
## @param diagnosticMode.command Command to override all containers in the deployment
79
##
80
command:
81
- sleep
82
## @param diagnosticMode.args Args to override all containers in the deployment
83
##
84
args:
85
- infinity
86
## @section Traffic Exposure Parameters
87
##
88
89
## haproxy service parameters
90
##
91
service:
92
## @param service.type haproxy service type
93
##
94
type: LoadBalancer
95
## @param service.ports [array] List of haproxy service ports
96
##
97
ports:
98
- name: http
99
protocol: TCP
100
port: 80
101
targetPort: http
102
## @param service.clusterIP haproxy service Cluster IP
103
## e.g.:
104
## clusterIP: None
105
##
106
clusterIP: ""
107
## @param service.loadBalancerIP haproxy service Load Balancer IP
108
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
109
##
110
loadBalancerIP: ""
111
## @param service.loadBalancerSourceRanges haproxy service Load Balancer sources
112
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
113
## e.g:
114
## loadBalancerSourceRanges:
115
## - 10.10.10.0/24
116
##
117
loadBalancerSourceRanges: []
118
## @param service.externalTrafficPolicy haproxy service external traffic policy
119
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
120
##
121
## @param service.externalIPs [array] External IPs
122
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
123
##
124
externalIPs: []
125
externalTrafficPolicy: Cluster
126
## @param service.annotations Additional custom annotations for haproxy service
127
##
128
annotations: {}
129
## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
130
## If "ClientIP", consecutive client requests will be directed to the same mongos Pod
131
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
132
##
133
sessionAffinity: None
134
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
135
## sessionAffinityConfig:
136
## clientIP:
137
## timeoutSeconds: 300
138
##
139
sessionAffinityConfig: {}
140
## @param service.labels Additional custom labels for haproxy service
141
##
142
labels: {}
143
## @param service.ipFamilyPolicy IP family policy for the service
144
## Allowed values: SingleStack, PreferDualStack, RequireDualStack
145
## ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services
146
##
147
ipFamilyPolicy: ""
148
## @param service.ipFamilies IP families for the service
149
## Allowed values: IPv4, IPv6
150
## ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services
151
## e.g:
152
## ipFamilies:
153
## - IPv4
154
## - IPv6
155
##
156
ipFamilies: []
157
## Network Policies
158
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
159
##
160
networkPolicy:
161
## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created
162
##
163
enabled: true
164
## @param networkPolicy.allowExternal Don't require server label for connections
165
## The Policy model to apply. When set to false, only pods with the correct
166
## server label will have network access to the ports server is listening
167
## on. When true, server will accept connections from any source
168
## (with the correct destination port).
169
##
170
allowExternal: true
171
## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
172
##
173
allowExternalEgress: true
174
## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
175
## e.g:
176
## extraIngress:
177
## - ports:
178
## - port: 1234
179
## from:
180
## - podSelector:
181
## - matchLabels:
182
## - role: frontend
183
## - podSelector:
184
## - matchExpressions:
185
## - key: role
186
## operator: In
187
## values:
188
## - frontend
189
extraIngress: []
190
## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
191
## e.g:
192
## extraEgress:
193
## - ports:
194
## - port: 1234
195
## to:
196
## - podSelector:
197
## - matchLabels:
198
## - role: frontend
199
## - podSelector:
200
## - matchExpressions:
201
## - key: role
202
## operator: In
203
## values:
204
## - frontend
205
##
206
extraEgress: []
207
## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
208
## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
209
##
210
ingressNSMatchLabels: {}
211
ingressNSPodMatchLabels: {}
212
## Configure the ingress resource that allows you to access the haproxy installation
213
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
214
##
215
ingress:
216
## @param ingress.enabled Enable ingress record generation for haproxy
217
##
218
enabled: false
219
## @param ingress.pathType Ingress path type
220
##
221
pathType: ImplementationSpecific
222
## @param ingress.apiVersion Force Ingress API version (automatically detected if not set)
223
##
224
apiVersion: ""
225
## @param ingress.hostname Default host for the ingress record
226
##
227
hostname: haproxy.local
228
## @param ingress.path Default path for the ingress record
229
## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
230
##
231
path: /
232
## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
233
## For a full list of possible ingress annotations, please see
234
## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
235
## Use this parameter to set the required annotations for cert-manager, see
236
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
237
##
238
## e.g:
239
## annotations:
240
## kubernetes.io/ingress.class: nginx
241
## cert-manager.io/cluster-issuer: cluster-issuer-name
242
##
243
annotations: {}
244
## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter
245
## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
246
## You can:
247
## - Use the `ingress.secrets` parameter to create this TLS secret
248
## - Rely on cert-manager to create it by setting the corresponding annotations
249
## - Rely on Helm to create self-signed certificates by setting `ingress.selfSigned=true`
250
##
251
tls: false
252
## DEPRECATED: Use ingress.annotations instead of ingress.certManager
253
## certManager: false
254
##
255
256
## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
257
##
258
selfSigned: false
259
## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record
260
## e.g:
261
## extraHosts:
262
## - name: haproxy.local
263
## path: /
264
##
265
extraHosts: []
266
## @param ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host
267
## e.g:
268
## extraPaths:
269
## - path: /*
270
## backend:
271
## serviceName: ssl-redirect
272
## servicePort: use-annotation
273
##
274
extraPaths: []
275
## @param ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record
276
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
277
## e.g:
278
## extraTls:
279
## - hosts:
280
## - haproxy.local
281
## secretName: haproxy.local-tls
282
##
283
extraTls: []
284
## @param ingress.secrets Custom TLS certificates as secrets
285
## NOTE: 'key' and 'certificate' are expected in PEM format
286
## NOTE: 'name' should line up with a 'secretName' set further up
287
## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates
288
## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days
289
## It is also possible to create and manage the certificates outside of this helm chart
290
## Please see README.md for more information
291
## e.g:
292
## secrets:
293
## - name: haproxy.local-tls
294
## key: |-
295
## -----BEGIN RSA PRIVATE KEY-----
296
## ...
297
## -----END RSA PRIVATE KEY-----
298
## certificate: |-
299
## -----BEGIN CERTIFICATE-----
300
## ...
301
## -----END CERTIFICATE-----
302
##
303
secrets: []
304
## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
305
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
306
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
307
##
308
ingressClassName: ""
309
## @param ingress.extraRules Additional rules to be covered with this ingress record
310
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
311
## e.g:
312
## extraRules:
313
## - host: example.local
314
## http:
315
## path: /
316
## backend:
317
## service:
318
## name: example-svc
319
## port:
320
## name: http
321
##
322
extraRules: []
323
## @param terminationGracePeriodSeconds Seconds HAProxy pod needs to terminate gracefully
324
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
325
terminationGracePeriodSeconds: ""
326
## @section HAProxy Parameters
327
##
328
## @param image.registry [default: REGISTRY_NAME] HAProxy image registry
329
## @param image.repository [default: REPOSITORY_NAME/haproxy] HAProxy image repository
330
## @skip image.tag HAProxy image tag (immutable tags are recommended)
331
## @param image.digest HAProxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
332
## @param image.pullPolicy HAProxy image pull policy
333
## @param image.pullSecrets HAProxy image pull secrets
334
##
335
image:
336
registry: cgr.dev
337
repository: chainguard-private/haproxy-iamguarded
338
tag: 3.3.4
339
digest: ""
340
## Specify a imagePullPolicy
341
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
342
##
343
pullPolicy: IfNotPresent
344
## Optionally specify an array of imagePullSecrets.
345
## Secrets must be manually created in the namespace.
346
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
347
## e.g:
348
## pullSecrets:
349
## - myRegistryKeySecretName
350
##
351
pullSecrets: []
352
## @param replicaCount Number of haproxy replicas to deploy
353
##
354
replicaCount: 1
355
## Configure extra options for haproxy containers' liveness and readiness probes
356
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
357
## @param startupProbe.enabled Enable startupProbe on haproxy nodes
358
## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
359
## @param startupProbe.periodSeconds Period seconds for startupProbe
360
## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
361
## @param startupProbe.failureThreshold Failure threshold for startupProbe
362
## @param startupProbe.successThreshold Success threshold for startupProbe
363
##
364
startupProbe:
365
enabled: false
366
failureThreshold: 5
367
initialDelaySeconds: 15
368
periodSeconds: 10
369
successThreshold: 1
370
timeoutSeconds: 5
371
## @param livenessProbe.enabled Enable livenessProbe on haproxy nodes
372
## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
373
## @param livenessProbe.periodSeconds Period seconds for livenessProbe
374
## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
375
## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
376
## @param livenessProbe.successThreshold Success threshold for livenessProbe
377
##
378
livenessProbe:
379
enabled: true
380
failureThreshold: 5
381
initialDelaySeconds: 15
382
periodSeconds: 10
383
successThreshold: 1
384
timeoutSeconds: 5
385
## @param readinessProbe.enabled Enable readinessProbe on haproxy nodes
386
## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
387
## @param readinessProbe.periodSeconds Period seconds for readinessProbe
388
## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
389
## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
390
## @param readinessProbe.successThreshold Success threshold for readinessProbe
391
##
392
readinessProbe:
393
enabled: true
394
failureThreshold: 5
395
initialDelaySeconds: 15
396
periodSeconds: 10
397
successThreshold: 1
398
timeoutSeconds: 5
399
## @param customStartupProbe Custom startupProbe that overrides the default one
400
##
401
customStartupProbe: {}
402
## @param customLivenessProbe Custom livenessProbe that overrides the default one
403
##
404
customLivenessProbe: {}
405
## @param customReadinessProbe Custom readinessProbe that overrides the default one
406
##
407
customReadinessProbe: {}
408
## haproxy resource requests and limits
409
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
410
## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
411
##
412
resourcesPreset: "nano"
413
## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
414
## Example:
415
## resources:
416
## requests:
417
## cpu: 2
418
## memory: 512Mi
419
## limits:
420
## cpu: 3
421
## memory: 1024Mi
422
##
423
resources: {}
424
## Configure Pods Security Context
425
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
426
## @param podSecurityContext.enabled Enabled haproxy pods' Security Context
427
## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
428
## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface
429
## @param podSecurityContext.supplementalGroups Set filesystem extra groups
430
## @param podSecurityContext.fsGroup Set haproxy pod's Security Context fsGroup
431
##
432
podSecurityContext:
433
enabled: true
434
fsGroupChangePolicy: Always
435
sysctls: []
436
supplementalGroups: []
437
fsGroup: 1001
438
## Configure Container Security Context
439
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
440
## @param containerSecurityContext.enabled Enabled containers' Security Context
441
## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
442
## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
443
## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
444
## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
445
## @param containerSecurityContext.privileged Set container's Security Context privileged
446
## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
447
## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
448
## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
449
## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
450
##
451
containerSecurityContext:
452
enabled: true
453
seLinuxOptions: {}
454
runAsUser: 1001
455
runAsGroup: 1001
456
runAsNonRoot: true
457
privileged: false
458
readOnlyRootFilesystem: true
459
allowPrivilegeEscalation: false
460
capabilities:
461
drop: ["ALL"]
462
add: ["NET_BIND_SERVICE"]
463
seccompProfile:
464
type: "RuntimeDefault"
465
## HAProxy Pod Disruption Budget configuration
466
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
467
## @param pdb.create Enable a Pod Disruption Budget creation
468
## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled
469
## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable
470
##
471
pdb:
472
create: true
473
minAvailable: ""
474
maxUnavailable: ""
475
## HAProxy Autoscaling configuration
476
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
477
## @param autoscaling.enabled Enable Horizontal POD autoscaling for HAProxy
478
## @param autoscaling.minReplicas Minimum number of HAProxy replicas
479
## @param autoscaling.maxReplicas Maximum number of HAProxy replicas
480
## @param autoscaling.targetCPU Target CPU utilization percentage
481
## @param autoscaling.targetMemory Target Memory utilization percentage
482
##
483
autoscaling:
484
enabled: false
485
minReplicas: 1
486
maxReplicas: 11
487
targetCPU: 50
488
targetMemory: 50
489
## @param command Override default container command (useful when using custom images)
490
##
491
command: []
492
## @param args Override default container args (useful when using custom images)
493
##
494
args: []
495
## @param automountServiceAccountToken Mount Service Account token in pod
496
##
497
automountServiceAccountToken: false
498
## @param hostAliases haproxy pods host aliases
499
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
500
##
501
hostAliases: []
502
## @param podLabels Extra labels for haproxy pods
503
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
504
##
505
podLabels: {}
506
## @param podAnnotations Annotations for haproxy pods
507
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
508
##
509
podAnnotations: {}
510
## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
511
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
512
##
513
podAffinityPreset: ""
514
## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
515
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
516
##
517
podAntiAffinityPreset: soft
518
## Node affinity preset
519
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
520
##
521
nodeAffinityPreset:
522
## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
523
##
524
type: ""
525
## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set
526
##
527
key: ""
528
## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set
529
## E.g.
530
## values:
531
## - e2e-az1
532
## - e2e-az2
533
##
534
values: []
535
## @param configuration [string] haproxy configuration
536
## Taken from haproxytech/haproxy chart: https://github.com/haproxytech/helm-charts/tree/main/haproxy
537
##
538
configuration: |
539
global
540
log stdout format raw local0
541
maxconn 1024
542
defaults
543
log global
544
timeout client 60s
545
timeout connect 60s
546
timeout server 60s
547
frontend fe_main
548
bind :8080
549
default_backend be_main
550
backend be_main
551
server web1 10.0.0.1:8080 check
552
## @param containerPorts [array] List of container ports to enable in the haproxy container
553
##
554
containerPorts:
555
- name: http
556
containerPort: 8080
557
## @param existingConfigmap configmap with HAProxy configuration
558
##
559
existingConfigmap: ""
560
## @param affinity Affinity for haproxy pods assignment
561
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
562
## NOTE: `podAffinityPreset`, `podAntiAffinityPreset`, and `nodeAffinityPreset` will be ignored when it's set
563
##
564
affinity: {}
565
## @param nodeSelector Node labels for haproxy pods assignment
566
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
567
##
568
nodeSelector: {}
569
## @param tolerations Tolerations for haproxy pods assignment
570
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
571
##
572
tolerations: []
573
## @param schedulerName Name of the k8s scheduler (other than default)
574
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
575
##
576
schedulerName: ""
577
## @param topologySpreadConstraints Topology Spread Constraints for pod assignment
578
## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
579
## The value is evaluated as a template
580
##
581
topologySpreadConstraints: []
582
## @param updateStrategy.type haproxy statefulset strategy type
583
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
584
##
585
updateStrategy:
586
## StrategyType
587
## Can be set to RollingUpdate or OnDelete
588
##
589
type: RollingUpdate
590
## @param priorityClassName haproxy pods' priorityClassName
591
##
592
priorityClassName: ""
593
## @param lifecycleHooks for the haproxy container(s) to automate configuration before or after startup
594
##
595
lifecycleHooks: {}
596
## @param extraEnvVars Array with extra environment variables to add to haproxy nodes
597
## e.g:
598
## extraEnvVars:
599
## - name: FOO
600
## value: "bar"
601
##
602
extraEnvVars: []
603
## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars for haproxy nodes
604
##
605
extraEnvVarsCM: ""
606
## @param extraEnvVarsSecret Name of existing Secret containing extra env vars for haproxy nodes
607
##
608
extraEnvVarsSecret: ""
609
## @param extraVolumes Optionally specify extra list of additional volumes for the haproxy pod(s)
610
##
611
extraVolumes: []
612
## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for the haproxy container(s)
613
##
614
extraVolumeMounts: []
615
## @param sidecars Add additional sidecar containers to the haproxy pod(s)
616
## e.g:
617
## sidecars:
618
## - name: your-image-name
619
## image: your-image
620
## imagePullPolicy: Always
621
## ports:
622
## - name: portname
623
## containerPort: 1234
624
##
625
sidecars: []
626
## @param initContainers Add additional init containers to the haproxy pod(s)
627
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
628
## e.g:
629
## initContainers:
630
## - name: your-image-name
631
## image: your-image
632
## imagePullPolicy: Always
633
## command: ['sh', '-c', 'echo "hello world"']
634
##
635
initContainers: []
636
## @section Other Parameters
637
##
638
639
## ServiceAccount configuration
640
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
641
## @param serviceAccount.create Specifies whether a ServiceAccount should be created
642
## @param serviceAccount.name Name of the service account to use. If not set and create is true, a name is generated using the fullname template.
643
## @param serviceAccount.automountServiceAccountToken Automount service account token for the server service account
644
## @param serviceAccount.annotations Annotations for service account. Evaluated as a template. Only used if `create` is `true`.
645
##
646
serviceAccount:
647
## @param serviceAccount.create Specifies whether a ServiceAccount should be created
648
##
649
create: true
650
## @param serviceAccount.name The name of the ServiceAccount to use.
651
## If not set and create is true, a name is generated using the common.names.fullname template
652
##
653
name: ""
654
automountServiceAccountToken: false
655
annotations: {}
656
## @param enableServiceLinks If set to false, disable Kubernetes service links in the pod spec
657
## Ref: https://kubernetes.io/docs/tutorials/services/connect-applications-service/#accessing-the-service
658
##
659
enableServiceLinks: true
660