spark
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# This file has been modified by Chainguard, Inc.
2
#
3
# Copyright Chainguard, Inc. All Rights Reserved.
4
# Chainguard, Inc. modifications are subject to the license
5
# available at: https://www.chainguard.dev/legal/software-license-agreement
6
#
7
# Copyright Broadcom, Inc. All Rights Reserved.
8
# SPDX-License-Identifier: APACHE-2.0
9
10
## @section Global parameters
11
## Global Docker image parameters
12
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
13
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
14
##
15
16
## @param global.imageRegistry Global Docker image registry
17
## @param global.imagePullSecrets Global Docker registry secret names as an array
18
## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)
19
## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead
20
##
21
global:
22
imageRegistry: ""
23
## E.g.
24
## imagePullSecrets:
25
## - myRegistryKeySecretName
26
##
27
imagePullSecrets: []
28
defaultStorageClass: ""
29
storageClass: ""
30
## Security parameters
31
##
32
security:
33
## @param global.security.allowInsecureImages Allows skipping image verification
34
allowInsecureImages: false
35
## Compatibility adaptations for Kubernetes platforms
36
##
37
compatibility:
38
## Compatibility adaptations for Openshift
39
##
40
openshift:
41
## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
42
##
43
adaptSecurityContext: auto
44
org: ""
45
## @section Common parameters
46
##
47
48
## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set)
49
##
50
kubeVersion: ""
51
## @param nameOverride String to partially override common.names.fullname template (will maintain the release name)
52
##
53
nameOverride: ""
54
## @param fullnameOverride String to fully override common.names.fullname template
55
##
56
fullnameOverride: ""
57
## @param namespaceOverride String to fully override common.names.namespace
58
##
59
namespaceOverride: ""
60
## @param commonLabels Labels to add to all deployed objects
61
##
62
commonLabels: {}
63
## @param commonAnnotations Annotations to add to all deployed objects
64
##
65
commonAnnotations: {}
66
## @param clusterDomain Kubernetes cluster domain name
67
##
68
clusterDomain: cluster.local
69
## @param extraDeploy Array of extra objects to deploy with the release
70
##
71
extraDeploy: []
72
## @param initScripts Dictionary of init scripts. Evaluated as a template.
73
## Specify dictionary of scripts to be run at first boot
74
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
75
## For example:
76
## initScripts:
77
## my_init_script.sh: |
78
## #!/bin/sh
79
## echo "Do something."
80
##
81
initScripts: {}
82
## @param initScriptsCM ConfigMap with the init scripts. Evaluated as a template.
83
## Note: This will override initScripts
84
##
85
initScriptsCM: ""
86
## @param initScriptsSecret Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template.
87
##
88
initScriptsSecret: ""
89
## Enable diagnostic mode in the deployment
90
##
91
diagnosticMode:
92
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
93
##
94
enabled: false
95
## @param diagnosticMode.command Command to override all containers in the deployment
96
##
97
command:
98
- sleep
99
## @param diagnosticMode.args Args to override all containers in the deployment
100
##
101
args:
102
- infinity
103
## @section Spark parameters
104
##
105
106
## Iamguarded Spark image version
107
## @param image.registry [default: REGISTRY_NAME] Spark image registry
108
## @param image.repository [default: REPOSITORY_NAME/spark] Spark image repository
109
## @skip image.tag Spark image tag (immutable tags are recommended)
110
## @param image.digest Spark image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
111
## @param image.pullPolicy Spark image pull policy
112
## @param image.pullSecrets Specify docker-registry secret names as an array
113
## @param image.debug Enable image debug mode
114
##
115
image:
116
registry: cgr.dev
117
repository: chainguard-private/spark-iamguarded
118
tag: 3.5.8
119
digest: ""
120
## Specify a imagePullPolicy
121
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
122
##
123
pullPolicy: IfNotPresent
124
## Optionally specify an array of imagePullSecrets.
125
## Secrets must be manually created in the namespace.
126
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
127
## e.g:
128
## pullSecrets:
129
## - myRegistryKeySecretName
130
##
131
pullSecrets: []
132
## Set to true if you would like to see extra information on logs
133
## It turns BASH and/or NAMI debugging in the image
134
##
135
debug: false
136
## @param hostNetwork Enable HOST Network
137
## If hostNetwork is true, then dnsPolicy is set to ClusterFirstWithHostNet
138
##
139
hostNetwork: false
140
## @section Spark master parameters
141
##
142
143
## Spark master specific configuration
144
##
145
master:
146
## @param master.enabled Deploy master statefulset
147
##
148
enabled: true
149
## @param master.existingConfigmap The name of an existing ConfigMap with your custom configuration for master
150
##
151
existingConfigmap: ""
152
## @param master.containerPorts.http Specify the port where the web interface will listen on the master over HTTP
153
## @param master.containerPorts.https Specify the port where the web interface will listen on the master over HTTPS
154
## @param master.containerPorts.cluster Specify the port where the master listens to communicate with workers
155
##
156
containerPorts:
157
http: 8080
158
https: 8480
159
cluster: 7077
160
## @param master.automountServiceAccountToken Mount Service Account token in pod
161
##
162
automountServiceAccountToken: false
163
## @param master.hostAliases Deployment pod host aliases
164
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
165
##
166
hostAliases: []
167
## @param master.extraContainerPorts Specify the port where the running jobs inside the masters listens
168
## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#containerport-v1-core
169
## e.g:
170
## - name: myapp
171
## containerPort: 8000
172
## protocol: TCP
173
##
174
extraContainerPorts: []
175
## @param master.daemonMemoryLimit Set the memory limit for the master daemon
176
##
177
daemonMemoryLimit: ""
178
## @param master.configOptions Use a string to set the config options for in the form "-Dx=y"
179
##
180
configOptions: ""
181
## @param master.extraEnvVars Extra environment variables to pass to the master container
182
## For example:
183
## extraEnvVars:
184
## - name: SPARK_DAEMON_JAVA_OPTS
185
## value: -Dx=y
186
##
187
extraEnvVars: []
188
## @param master.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for master nodes
189
##
190
extraEnvVarsCM: ""
191
## @param master.extraEnvVarsSecret Name of existing Secret containing extra env vars for master nodes
192
##
193
extraEnvVarsSecret: ""
194
## Kubernetes Pods Security Context
195
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
196
## @param master.podSecurityContext.enabled Enable security context
197
## @param master.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
198
## @param master.podSecurityContext.sysctls Set kernel settings using the sysctl interface
199
## @param master.podSecurityContext.supplementalGroups Set filesystem extra groups
200
## @param master.podSecurityContext.fsGroup Set master pod's Security Context Group ID
201
##
202
podSecurityContext:
203
enabled: true
204
fsGroupChangePolicy: Always
205
sysctls: []
206
supplementalGroups: []
207
fsGroup: 1001
208
## Configure Container Security Context
209
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
210
## @param master.containerSecurityContext.enabled Enabled containers' Security Context
211
## @param master.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
212
## @param master.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
213
## @param master.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
214
## @param master.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
215
## @param master.containerSecurityContext.privileged Set container's Security Context privileged
216
## @param master.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
217
## @param master.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
218
## @param master.containerSecurityContext.capabilities.drop List of capabilities to be dropped
219
## @param master.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
220
##
221
containerSecurityContext:
222
enabled: true
223
seLinuxOptions: {}
224
runAsUser: 1001
225
runAsGroup: 1001
226
runAsNonRoot: true
227
privileged: false
228
readOnlyRootFilesystem: true
229
allowPrivilegeEscalation: false
230
capabilities:
231
drop: ["ALL"]
232
seccompProfile:
233
type: "RuntimeDefault"
234
## @param master.command Override default container command (useful when using custom images)
235
##
236
command: []
237
## @param master.args Override default container args (useful when using custom images)
238
##
239
args: []
240
## @param master.podAnnotations Annotations for pods in StatefulSet
241
##
242
podAnnotations: {}
243
## @param master.podLabels Extra labels for pods in StatefulSet
244
##
245
podLabels: {}
246
## @param master.podAffinityPreset Spark master pod affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard`
247
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
248
##
249
podAffinityPreset: ""
250
## @param master.podAntiAffinityPreset Spark master pod anti-affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard`
251
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
252
##
253
podAntiAffinityPreset: soft
254
## Spark master node affinity preset
255
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
256
##
257
nodeAffinityPreset:
258
## @param master.nodeAffinityPreset.type Spark master node affinity preset type. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard`
259
##
260
type: ""
261
## @param master.nodeAffinityPreset.key Spark master node label key to match Ignored if `master.affinity` is set.
262
## E.g.
263
## key: "kubernetes.io/e2e-az-name"
264
##
265
key: ""
266
## @param master.nodeAffinityPreset.values Spark master node label values to match. Ignored if `master.affinity` is set.
267
## E.g.
268
## values:
269
## - e2e-az1
270
## - e2e-az2
271
##
272
values: []
273
## @param master.affinity Spark master affinity for pod assignment
274
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
275
## Note: master.podAffinityPreset, master.podAntiAffinityPreset, and master.nodeAffinityPreset will be ignored when it's set
276
##
277
affinity: {}
278
## @param master.nodeSelector Spark master node labels for pod assignment
279
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
280
##
281
nodeSelector: {}
282
## @param master.tolerations Spark master tolerations for pod assignment
283
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
284
##
285
tolerations: []
286
## @param master.updateStrategy.type Master statefulset strategy type.
287
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
288
## e.g:
289
## updateStrategy:
290
## type: RollingUpdate
291
## rollingUpdate:
292
## maxSurge: 25%
293
## maxUnavailable: 25%
294
##
295
updateStrategy:
296
type: RollingUpdate
297
## @param master.priorityClassName master pods' priorityClassName
298
##
299
priorityClassName: ""
300
## @param master.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
301
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
302
##
303
topologySpreadConstraints: []
304
## @param master.schedulerName Name of the k8s scheduler (other than default) for master pods
305
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
306
##
307
schedulerName: ""
308
## @param master.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully
309
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
310
##
311
terminationGracePeriodSeconds: ""
312
## @param master.lifecycleHooks for the master container(s) to automate configuration before or after startup
313
##
314
lifecycleHooks: {}
315
## @param master.extraVolumes Optionally specify extra list of additional volumes for the master pod(s)
316
##
317
extraVolumes: []
318
## @param master.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the master container(s)
319
##
320
extraVolumeMounts: []
321
## @param master.extraVolumeClaimTemplates Optionally specify extra list of volumesClaimTemplates for the master statefulset
322
##
323
extraVolumeClaimTemplates: []
324
## Container resource requests and limits
325
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
326
## We usually recommend not to specify default resources and to leave this as a conscious
327
## choice for the user. This also increases chances charts run on environments with little
328
## resources, such as Minikube. If you do want to specify resources, uncomment the following
329
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
330
## @param master.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if master.resources is set (master.resources is recommended for production).
331
##
332
resourcesPreset: "small"
333
## @param master.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
334
## Example:
335
## resources:
336
## requests:
337
## cpu: 2
338
## memory: 512Mi
339
## limits:
340
## cpu: 3
341
## memory: 1024Mi
342
##
343
resources: {}
344
## Configure extra options for liveness probe
345
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
346
## @param master.livenessProbe.enabled Enable livenessProbe
347
## @param master.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
348
## @param master.livenessProbe.periodSeconds Period seconds for livenessProbe
349
## @param master.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
350
## @param master.livenessProbe.failureThreshold Failure threshold for livenessProbe
351
## @param master.livenessProbe.successThreshold Success threshold for livenessProbe
352
##
353
livenessProbe:
354
enabled: true
355
initialDelaySeconds: 180
356
periodSeconds: 20
357
timeoutSeconds: 5
358
failureThreshold: 6
359
successThreshold: 1
360
## Configure extra options for readiness probe
361
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
362
## @param master.readinessProbe.enabled Enable readinessProbe
363
## @param master.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
364
## @param master.readinessProbe.periodSeconds Period seconds for readinessProbe
365
## @param master.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
366
## @param master.readinessProbe.failureThreshold Failure threshold for readinessProbe
367
## @param master.readinessProbe.successThreshold Success threshold for readinessProbe
368
##
369
readinessProbe:
370
enabled: true
371
initialDelaySeconds: 30
372
periodSeconds: 10
373
timeoutSeconds: 5
374
failureThreshold: 6
375
successThreshold: 1
376
## Configure extra options for startup probe
377
## @param master.startupProbe.enabled Enable startupProbe
378
## @param master.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
379
## @param master.startupProbe.periodSeconds Period seconds for startupProbe
380
## @param master.startupProbe.timeoutSeconds Timeout seconds for startupProbe
381
## @param master.startupProbe.failureThreshold Failure threshold for startupProbe
382
## @param master.startupProbe.successThreshold Success threshold for startupProbe
383
##
384
startupProbe:
385
enabled: false
386
initialDelaySeconds: 30
387
periodSeconds: 10
388
timeoutSeconds: 5
389
failureThreshold: 6
390
successThreshold: 1
391
## @param master.customLivenessProbe Custom livenessProbe that overrides the default one
392
##
393
customLivenessProbe: {}
394
## @param master.customReadinessProbe Custom readinessProbe that overrides the default one
395
##
396
customReadinessProbe: {}
397
## @param master.customStartupProbe Custom startupProbe that overrides the default one
398
##
399
customStartupProbe: {}
400
## Network Policies
401
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
402
##
403
networkPolicy:
404
## @param master.networkPolicy.enabled Specifies whether a NetworkPolicy should be created
405
##
406
enabled: true
407
## @param master.networkPolicy.allowExternal Don't require client label for connections
408
## The Policy model to apply. When set to false, only pods with the correct
409
## client label will have network access to the ports the application is listening
410
## on. When true, the app will accept connections from any source
411
## (with the correct destination port).
412
##
413
allowExternal: true
414
## @param master.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
415
##
416
allowExternalEgress: true
417
## @param master.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
418
## e.g:
419
## extraIngress:
420
## - ports:
421
## - port: 1234
422
## from:
423
## - podSelector:
424
## - matchLabels:
425
## - role: frontend
426
## - podSelector:
427
## - matchExpressions:
428
## - key: role
429
## operator: In
430
## values:
431
## - frontend
432
extraIngress: []
433
## @param master.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
434
## e.g:
435
## extraEgress:
436
## - ports:
437
## - port: 1234
438
## to:
439
## - podSelector:
440
## - matchLabels:
441
## - role: frontend
442
## - podSelector:
443
## - matchExpressions:
444
## - key: role
445
## operator: In
446
## values:
447
## - frontend
448
##
449
extraEgress: []
450
## @param master.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
451
## @param master.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
452
##
453
ingressNSMatchLabels: {}
454
ingressNSPodMatchLabels: {}
455
## @param master.sidecars Add additional sidecar containers to the master pod(s)
456
## e.g:
457
## sidecars:
458
## - name: your-image-name
459
## image: your-image
460
## imagePullPolicy: Always
461
## ports:
462
## - name: portname
463
## containerPort: 1234
464
##
465
sidecars: []
466
## @param master.initContainers Add initContainers to the master pods.
467
## Example:
468
## initContainers:
469
## - name: your-image-name
470
## image: your-image
471
## imagePullPolicy: Always
472
## ports:
473
## - name: portname
474
## containerPort: 1234
475
##
476
initContainers: []
477
## Pod Disruption Budget configuration
478
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
479
## @param master.pdb.create Enable/disable a Pod Disruption Budget creation
480
## @param master.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled
481
## @param master.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `master.pdb.minAvailable` and `master.pdb.maxUnavailable` are empty.
482
##
483
pdb:
484
create: true
485
minAvailable: ""
486
maxUnavailable: ""
487
## @section Spark worker parameters
488
##
489
490
## Spark worker specific configuration
491
##
492
worker:
493
## @param worker.enabled Deploy worker resources
494
##
495
enabled: true
496
## @param worker.existingConfigmap The name of an existing ConfigMap with your custom configuration for workers
497
##
498
existingConfigmap: ""
499
## @param worker.containerPorts.http Specify the port where the web interface will listen on the worker over HTTP
500
## @param worker.containerPorts.https Specify the port where the web interface will listen on the worker over HTTPS
501
## @param worker.containerPorts.cluster Specify the port where the worker listens to communicate with workers
502
##
503
containerPorts:
504
http: 8080
505
https: 8480
506
cluster: ""
507
## @param worker.automountServiceAccountToken Mount Service Account token in pod
508
##
509
automountServiceAccountToken: false
510
## @param worker.hostAliases Add deployment host aliases
511
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
512
##
513
hostAliases: []
514
## @param worker.extraContainerPorts Specify the port where the running jobs inside the workers listens
515
## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#containerport-v1-core
516
## e.g:
517
## - name: myapp
518
## containerPort: 8000
519
## protocol: TCP
520
##
521
extraContainerPorts: []
522
## @param worker.daemonMemoryLimit Set the memory limit for the worker daemon
523
##
524
daemonMemoryLimit: ""
525
## @param worker.memoryLimit Set the maximum memory the worker is allowed to use
526
##
527
memoryLimit: ""
528
## @param worker.coreLimit Se the maximum number of cores that the worker can use
529
##
530
coreLimit: ""
531
## @param worker.dir Set a custom working directory for the application
532
##
533
dir: ""
534
## @param worker.javaOptions Set options for the JVM in the form `-Dx=y`
535
##
536
javaOptions: ""
537
## @param worker.configOptions Set extra options to configure the worker in the form `-Dx=y`
538
##
539
configOptions: ""
540
## @param worker.extraEnvVars An array to add extra env vars
541
## For example:
542
## extraEnvVars:
543
## - name: SPARK_DAEMON_JAVA_OPTS
544
## value: -Dx=y
545
##
546
extraEnvVars: []
547
## @param worker.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for worker nodes
548
##
549
extraEnvVarsCM: ""
550
## @param worker.extraEnvVarsSecret Name of existing Secret containing extra env vars for worker nodes
551
##
552
extraEnvVarsSecret: ""
553
## @param worker.replicaCount Number of spark workers (will be the minimum number when autoscaling is enabled)
554
##
555
replicaCount: 2
556
## Kubernetes Pods Security Context
557
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
558
## @param worker.podSecurityContext.enabled Enable security context
559
## @param worker.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
560
## @param worker.podSecurityContext.sysctls Set kernel settings using the sysctl interface
561
## @param worker.podSecurityContext.supplementalGroups Set filesystem extra groups
562
## @param worker.podSecurityContext.fsGroup Group ID for the container
563
## @param worker.podSecurityContext.seLinuxOptions [object,nullable] SELinux options for the container
564
##
565
podSecurityContext:
566
enabled: true
567
fsGroupChangePolicy: Always
568
sysctls: []
569
supplementalGroups: []
570
fsGroup: 1001
571
seLinuxOptions: {}
572
## Configure Container Security Context
573
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
574
## @param worker.containerSecurityContext.enabled Enabled containers' Security Context
575
## @param worker.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
576
## @param worker.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
577
## @param worker.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
578
## @param worker.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
579
## @param worker.containerSecurityContext.privileged Set container's Security Context privileged
580
## @param worker.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
581
## @param worker.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
582
## @param worker.containerSecurityContext.capabilities.drop List of capabilities to be dropped
583
## @param worker.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
584
##
585
containerSecurityContext:
586
enabled: true
587
seLinuxOptions: {}
588
runAsUser: 1001
589
runAsGroup: 1001
590
runAsNonRoot: true
591
privileged: false
592
readOnlyRootFilesystem: true
593
allowPrivilegeEscalation: false
594
capabilities:
595
drop: ["ALL"]
596
seccompProfile:
597
type: "RuntimeDefault"
598
## @param worker.command Override default container command (useful when using custom images)
599
##
600
command: []
601
## @param worker.args Override default container args (useful when using custom images)
602
##
603
args: []
604
## @param worker.podAnnotations Annotations for pods in StatefulSet
605
##
606
podAnnotations: {}
607
## @param worker.podLabels Extra labels for pods in StatefulSet
608
##
609
podLabels: {}
610
## @param worker.podAffinityPreset Spark worker pod affinity preset. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard`
611
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
612
##
613
podAffinityPreset: ""
614
## @param worker.podAntiAffinityPreset Spark worker pod anti-affinity preset. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard`
615
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
616
##
617
podAntiAffinityPreset: soft
618
## Spark worker node affinity preset
619
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
620
##
621
nodeAffinityPreset:
622
## @param worker.nodeAffinityPreset.type Spark worker node affinity preset type. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard`
623
##
624
type: ""
625
## @param worker.nodeAffinityPreset.key Spark worker node label key to match Ignored if `worker.affinity` is set.
626
## E.g.
627
## key: "kubernetes.io/e2e-az-name"
628
##
629
key: ""
630
## @param worker.nodeAffinityPreset.values Spark worker node label values to match. Ignored if `worker.affinity` is set.
631
## E.g.
632
## values:
633
## - e2e-az1
634
## - e2e-az2
635
##
636
values: []
637
## @param worker.affinity Spark worker affinity for pod assignment
638
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
639
## Note: worker.podAffinityPreset, worker.podAntiAffinityPreset, and worker.nodeAffinityPreset will be ignored when it's set
640
##
641
affinity: {}
642
## @param worker.nodeSelector Spark worker node labels for pod assignment
643
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
644
##
645
nodeSelector: {}
646
## @param worker.tolerations Spark worker tolerations for pod assignment
647
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
648
##
649
tolerations: []
650
## @param worker.updateStrategy.type Worker statefulset strategy type.
651
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
652
## e.g:
653
## updateStrategy:
654
## type: RollingUpdate
655
## rollingUpdate:
656
## maxSurge: 25%
657
## maxUnavailable: 25%
658
##
659
updateStrategy:
660
type: RollingUpdate
661
## @param worker.podManagementPolicy Statefulset Pod Management Policy Type
662
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
663
##
664
podManagementPolicy: OrderedReady
665
## @param worker.priorityClassName worker pods' priorityClassName
666
##
667
priorityClassName: ""
668
## @param worker.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
669
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
670
##
671
topologySpreadConstraints: []
672
## @param worker.schedulerName Name of the k8s scheduler (other than default) for worker pods
673
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
674
##
675
schedulerName: ""
676
## @param worker.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully
677
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
678
##
679
terminationGracePeriodSeconds: ""
680
## @param worker.lifecycleHooks for the worker container(s) to automate configuration before or after startup
681
##
682
lifecycleHooks: {}
683
## @param worker.extraVolumes Optionally specify extra list of additional volumes for the worker pod(s)
684
##
685
extraVolumes: []
686
## @param worker.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the master container(s)
687
##
688
extraVolumeMounts: []
689
## @param worker.extraVolumeClaimTemplates Optionally specify extra list of volumesClaimTemplates for the worker statefulset
690
##
691
extraVolumeClaimTemplates: []
692
## Container resource requests and limits
693
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
694
## We usually recommend not to specify default resources and to leave this as a conscious
695
## choice for the user. This also increases chances charts run on environments with little
696
## resources, such as Minikube. If you do want to specify resources, uncomment the following
697
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
698
## @param worker.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if worker.resources is set (worker.resources is recommended for production).
699
##
700
resourcesPreset: "small"
701
## @param worker.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
702
## Example:
703
## resources:
704
## requests:
705
## cpu: 2
706
## memory: 512Mi
707
## limits:
708
## cpu: 3
709
## memory: 1024Mi
710
##
711
resources: {}
712
## Configure extra options for liveness probe
713
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
714
## @param worker.livenessProbe.enabled Enable livenessProbe
715
## @param worker.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
716
## @param worker.livenessProbe.periodSeconds Period seconds for livenessProbe
717
## @param worker.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
718
## @param worker.livenessProbe.failureThreshold Failure threshold for livenessProbe
719
## @param worker.livenessProbe.successThreshold Success threshold for livenessProbe
720
##
721
livenessProbe:
722
enabled: true
723
initialDelaySeconds: 180
724
periodSeconds: 20
725
timeoutSeconds: 5
726
failureThreshold: 6
727
successThreshold: 1
728
## Configure extra options for readiness probe
729
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
730
## @param worker.readinessProbe.enabled Enable readinessProbe
731
## @param worker.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
732
## @param worker.readinessProbe.periodSeconds Period seconds for readinessProbe
733
## @param worker.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
734
## @param worker.readinessProbe.failureThreshold Failure threshold for readinessProbe
735
## @param worker.readinessProbe.successThreshold Success threshold for readinessProbe
736
##
737
readinessProbe:
738
enabled: true
739
initialDelaySeconds: 30
740
periodSeconds: 10
741
timeoutSeconds: 5
742
failureThreshold: 6
743
successThreshold: 1
744
## Configure extra options for startup probe
745
## @param worker.startupProbe.enabled Enable startupProbe
746
## @param worker.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
747
## @param worker.startupProbe.periodSeconds Period seconds for startupProbe
748
## @param worker.startupProbe.timeoutSeconds Timeout seconds for startupProbe
749
## @param worker.startupProbe.failureThreshold Failure threshold for startupProbe
750
## @param worker.startupProbe.successThreshold Success threshold for startupProbe
751
##
752
startupProbe:
753
enabled: true
754
initialDelaySeconds: 30
755
periodSeconds: 10
756
timeoutSeconds: 5
757
failureThreshold: 6
758
successThreshold: 1
759
## @param worker.customLivenessProbe Custom livenessProbe that overrides the default one
760
##
761
customLivenessProbe: {}
762
## @param worker.customReadinessProbe Custom readinessProbe that overrides the default one
763
##
764
customReadinessProbe: {}
765
## @param worker.customStartupProbe Custom startupProbe that overrides the default one
766
##
767
customStartupProbe: {}
768
## Network Policies
769
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
770
##
771
networkPolicy:
772
## @param worker.networkPolicy.enabled Specifies whether a NetworkPolicy should be created
773
##
774
enabled: true
775
## @param worker.networkPolicy.allowExternal Don't require client label for connections
776
## The Policy model to apply. When set to false, only pods with the correct
777
## client label will have network access to the ports the application is listening
778
## on. When true, the app will accept connections from any source
779
## (with the correct destination port).
780
##
781
allowExternal: true
782
## @param worker.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
783
##
784
allowExternalEgress: true
785
## @param worker.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
786
## e.g:
787
## extraIngress:
788
## - ports:
789
## - port: 1234
790
## from:
791
## - podSelector:
792
## - matchLabels:
793
## - role: frontend
794
## - podSelector:
795
## - matchExpressions:
796
## - key: role
797
## operator: In
798
## values:
799
## - frontend
800
extraIngress: []
801
## @param worker.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
802
## e.g:
803
## extraEgress:
804
## - ports:
805
## - port: 1234
806
## to:
807
## - podSelector:
808
## - matchLabels:
809
## - role: frontend
810
## - podSelector:
811
## - matchExpressions:
812
## - key: role
813
## operator: In
814
## values:
815
## - frontend
816
##
817
extraEgress: []
818
## @param worker.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
819
## @param worker.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
820
##
821
ingressNSMatchLabels: {}
822
ingressNSPodMatchLabels: {}
823
## @param worker.sidecars Add additional sidecar containers to the worker pod(s)
824
## e.g:
825
## sidecars:
826
## - name: your-image-name
827
## image: your-image
828
## imagePullPolicy: Always
829
## ports:
830
## - name: portname
831
## containerPort: 1234
832
##
833
sidecars: []
834
## @param worker.initContainers Add initContainers to the worker pods.
835
## Example:
836
## initContainers:
837
## - name: your-image-name
838
## image: your-image
839
## imagePullPolicy: Always
840
## ports:
841
## - name: portname
842
## containerPort: 1234
843
##
844
initContainers: []
845
## Pod Disruption Budget configuration
846
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
847
## @param worker.pdb.create Enable/disable a Pod Disruption Budget creation
848
## @param worker.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled
849
## @param worker.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `worker.pdb.minAvailable` and `worker.pdb.maxUnavailable` are empty.
850
##
851
pdb:
852
create: true
853
minAvailable: ""
854
maxUnavailable: ""
855
## Autoscaling parameters
856
## @param worker.autoscaling.enabled Enable replica autoscaling depending on CPU
857
## @param worker.autoscaling.minReplicas Minimum number of worker replicas
858
## @param worker.autoscaling.maxReplicas Maximum number of worker replicas
859
## @param worker.autoscaling.targetCPU Target CPU utilization percentage
860
## @param worker.autoscaling.targetMemory Target Memory utilization percentage
861
##
862
autoscaling:
863
enabled: false
864
minReplicas: ""
865
maxReplicas: 5
866
targetCPU: 50
867
targetMemory: ""
868
## @section Security parameters
869
##
870
871
## Security configuration
872
##
873
security:
874
## @param security.passwordsSecretName Name of the secret that contains all the passwords
875
## This is optional, by default random passwords are generated
876
##
877
passwordsSecretName: ""
878
## RPC configuration
879
## @param security.rpc.authenticationEnabled Enable the RPC authentication
880
## @param security.rpc.encryptionEnabled Enable the encryption for RPC
881
##
882
rpc:
883
authenticationEnabled: false
884
encryptionEnabled: false
885
## @param security.storageEncryptionEnabled Enables local storage encryption
886
##
887
storageEncryptionEnabled: false
888
## @param security.certificatesSecretName Name of the secret that contains the certificates.
889
## It should contains two keys called "spark-keystore.jks" and "spark-truststore.jks" with the files in JKS format.
890
## DEPRECATED. Use `security.ssl.existingSecret` instead
891
##
892
certificatesSecretName: ""
893
## SSL configuration
894
##
895
ssl:
896
## @param security.ssl.enabled Enable the SSL configuration
897
##
898
enabled: false
899
## @param security.ssl.needClientAuth Enable the client authentication
900
##
901
needClientAuth: false
902
## @param security.ssl.protocol Set the SSL protocol
903
##
904
protocol: TLSv1.2
905
## @param security.ssl.existingSecret Name of the existing secret containing the TLS certificates
906
## It should contains two keys called "spark-keystore.jks" and "spark-truststore.jks" with the files in JKS format.
907
##
908
existingSecret: ""
909
## @param security.ssl.autoGenerated Create self-signed TLS certificates. Currently only supports PEM certificates
910
## The Spark container will generate a JKS keystore and trustore using the PEM certificates.
911
##
912
autoGenerated: false
913
## @param security.ssl.keystorePassword Set the password of the JKS Keystore
914
##
915
keystorePassword: ""
916
## @param security.ssl.truststorePassword Truststore password.
917
##
918
truststorePassword: ""
919
## Container resource requests and limits
920
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
921
## We usually recommend not to specify default resources and to leave this as a conscious
922
## choice for the user. This also increases chances charts run on environments with little
923
## resources, such as Minikube. If you do want to specify resources, uncomment the following
924
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
925
## @param security.ssl.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if security.ssl.resources is set (security.ssl.resources is recommended for production).
926
##
927
resourcesPreset: "small"
928
## @param security.ssl.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
929
## Example:
930
## resources:
931
## requests:
932
## cpu: 2
933
## memory: 512Mi
934
## limits:
935
## cpu: 3
936
## memory: 1024Mi
937
##
938
resources: {}
939
## @section Traffic Exposure parameters
940
##
941
942
## Service parameters
943
##
944
service:
945
## @param service.type Kubernetes Service type
946
##
947
type: ClusterIP
948
## @param service.ports.http Spark client port for HTTP
949
## @param service.ports.https Spark client port for HTTPS
950
## @param service.ports.cluster Spark cluster port
951
##
952
ports:
953
http: 80
954
https: 443
955
cluster: 7077
956
## Specify the nodePort(s) value(s) for the LoadBalancer and NodePort service types.
957
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
958
## @param service.nodePorts.http Kubernetes web node port for HTTP
959
## @param service.nodePorts.https Kubernetes web node port for HTTPS
960
## @param service.nodePorts.cluster Kubernetes cluster node port
961
##
962
nodePorts:
963
http: ""
964
https: ""
965
cluster: ""
966
## @param service.clusterIP Spark service Cluster IP
967
## e.g.:
968
## clusterIP: None
969
##
970
clusterIP: ""
971
## @param service.loadBalancerIP Load balancer IP if spark service type is `LoadBalancer`
972
## Set the LoadBalancer service type to internal only
973
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
974
##
975
loadBalancerIP: ""
976
## @param service.loadBalancerSourceRanges Spark service Load Balancer sources
977
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
978
## e.g:
979
## loadBalancerSourceRanges:
980
## - 10.10.10.0/24
981
##
982
loadBalancerSourceRanges: []
983
## @param service.externalTrafficPolicy Spark service external traffic policy
984
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
985
##
986
externalTrafficPolicy: Cluster
987
## @param service.annotations Additional custom annotations for Spark service
988
##
989
annotations: {}
990
## @param service.extraPorts Extra ports to expose in Spark service (normally used with the `sidecars` value)
991
##
992
extraPorts: []
993
## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin
994
## Values: ClientIP or None
995
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
996
##
997
sessionAffinity: None
998
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
999
## sessionAffinityConfig:
1000
## clientIP:
1001
## timeoutSeconds: 300
1002
##
1003
sessionAffinityConfig: {}
1004
## Headless service properties
1005
##
1006
headless:
1007
## @param service.headless.annotations Annotations for the headless service.
1008
##
1009
annotations: {}
1010
## Configure the ingress resource that allows you to access the
1011
## Spark installation. Set up the URL
1012
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
1013
##
1014
ingress:
1015
## @param ingress.enabled Enable ingress controller resource
1016
##
1017
enabled: false
1018
## @param ingress.pathType Ingress path type
1019
##
1020
pathType: ImplementationSpecific
1021
## @param ingress.apiVersion Force Ingress API version (automatically detected if not set)
1022
##
1023
apiVersion: ""
1024
## @param ingress.hostname Default host for the ingress resource
1025
##
1026
hostname: spark.local
1027
## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
1028
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
1029
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
1030
##
1031
ingressClassName: ""
1032
## @param ingress.path The Path to Spark. You may need to set this to '/*' in order to use this with ALB ingress controllers.
1033
##
1034
path: /
1035
## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
1036
## For a full list of possible ingress annotations, please see
1037
## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
1038
## Use this parameter to set the required annotations for cert-manager, see
1039
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
1040
##
1041
## e.g:
1042
## annotations:
1043
## kubernetes.io/ingress.class: nginx
1044
## cert-manager.io/cluster-issuer: cluster-issuer-name
1045
##
1046
annotations: {}
1047
## @param ingress.tls Enable TLS configuration for the hostname defined at ingress.hostname parameter
1048
## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }}
1049
## You can use the ingress.secrets parameter to create this TLS secret or rely on cert-manager to create it
1050
##
1051
tls: false
1052
## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
1053
##
1054
selfSigned: false
1055
## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record.
1056
## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array
1057
## extraHosts:
1058
## - name: spark.local
1059
## path: /
1060
##
1061
extraHosts: []
1062
## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host.
1063
## For example: The ALB ingress controller requires a special rule for handling SSL redirection.
1064
## extraPaths:
1065
## - path: /*
1066
## backend:
1067
## serviceName: ssl-redirect
1068
## servicePort: use-annotation
1069
##
1070
extraPaths: []
1071
## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record.
1072
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
1073
## extraTls:
1074
## - hosts:
1075
## - spark.local
1076
## secretName: spark.local-tls
1077
##
1078
extraTls: []
1079
## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets
1080
## key and certificate should start with -----BEGIN CERTIFICATE----- or
1081
## -----BEGIN RSA PRIVATE KEY-----
1082
##
1083
## name should line up with a tlsSecret set further up
1084
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
1085
##
1086
## It is also possible to create and manage the certificates outside of this helm chart
1087
## Please see README.md for more information
1088
## e.g:
1089
## - name: spark.local-tls
1090
## key:
1091
## certificate:
1092
##
1093
secrets: []
1094
## @param ingress.extraRules Additional rules to be covered with this ingress record
1095
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
1096
## e.g:
1097
## extraRules:
1098
## - host: spark.local
1099
## http:
1100
## path: /
1101
## backend:
1102
## service:
1103
## name: spark-svc
1104
## port:
1105
## name: http
1106
##
1107
extraRules: []
1108
## @section Other parameters
1109
##
1110
1111
## ServiceAccount configuration
1112
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
1113
##
1114
serviceAccount:
1115
## @param serviceAccount.create Enable the creation of a ServiceAccount for Spark pods
1116
##
1117
create: true
1118
## @param serviceAccount.name The name of the ServiceAccount to use.
1119
## If not set and create is true, a name is generated using the spark.fullname template
1120
##
1121
name: ""
1122
## @param serviceAccount.annotations Annotations for Spark Service Account
1123
##
1124
annotations: {}
1125
## @param serviceAccount.automountServiceAccountToken Automount API credentials for a service account.
1126
##
1127
automountServiceAccountToken: false
1128
## @section Metrics parameters
1129
##
1130
1131
## Metrics configuration
1132
##
1133
metrics:
1134
## @param metrics.enabled Start a side-car prometheus exporter
1135
##
1136
enabled: false
1137
## @param metrics.masterAnnotations [object] Annotations for the Prometheus metrics on master nodes
1138
##
1139
masterAnnotations:
1140
prometheus.io/scrape: 'true'
1141
prometheus.io/path: '/metrics/'
1142
prometheus.io/port: '{{ .Values.master.containerPorts.http }}'
1143
## @param metrics.workerAnnotations [object] Annotations for the Prometheus metrics on worker nodes
1144
##
1145
workerAnnotations:
1146
prometheus.io/scrape: 'true'
1147
prometheus.io/path: '/metrics/'
1148
prometheus.io/port: '{{ .Values.worker.containerPorts.http }}'
1149
## Prometheus Service Monitor
1150
## ref: https://github.com/coreos/prometheus-operator
1151
## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
1152
##
1153
podMonitor:
1154
## @param metrics.podMonitor.enabled If the operator is installed in your cluster, set to true to create a PodMonitor Resource for scraping metrics using PrometheusOperator
1155
##
1156
enabled: false
1157
## @param metrics.podMonitor.extraMetricsEndpoints Add metrics endpoints for monitoring the jobs running in the worker nodes
1158
## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#podmetricsendpoint
1159
## e.g:
1160
## - port: myapp
1161
## path: /metrics/
1162
##
1163
extraMetricsEndpoints: []
1164
## @param metrics.podMonitor.namespace Specify the namespace in which the podMonitor resource will be created
1165
##
1166
namespace: ""
1167
## @param metrics.podMonitor.interval Specify the interval at which metrics should be scraped
1168
##
1169
interval: 30s
1170
## @param metrics.podMonitor.scrapeTimeout Specify the timeout after which the scrape is ended
1171
## e.g:
1172
## scrapeTimeout: 30s
1173
##
1174
scrapeTimeout: ""
1175
## @param metrics.podMonitor.additionalLabels Additional labels that can be used so PodMonitors will be discovered by Prometheus
1176
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
1177
##
1178
additionalLabels: {}
1179
## Custom PrometheusRule to be defined
1180
## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
1181
## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
1182
##
1183
prometheusRule:
1184
## @param metrics.prometheusRule.enabled Set this to true to create prometheusRules for Prometheus
1185
##
1186
enabled: false
1187
## @param metrics.prometheusRule.namespace Namespace where the prometheusRules resource should be created
1188
##
1189
namespace: ""
1190
## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so prometheusRules will be discovered by Prometheus
1191
##
1192
additionalLabels: {}
1193
## @param metrics.prometheusRule.rules Custom Prometheus [rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/)
1194
## These are just examples rules, please adapt them to your needs.
1195
## Make sure to constraint the rules to the current postgresql service.
1196
## rules:
1197
## - alert: HugeReplicationLag
1198
## expr: pg_replication_lag{service="{{ template "postgresql.fullname" . }}-metrics"} / 3600 > 1
1199
## for: 1m
1200
## labels:
1201
## severity: critical
1202
## annotations:
1203
## description: replication for {{ template "postgresql.fullname" . }} PostgreSQL is lagging by {{ "{{ $value }}" }} hour(s).
1204
## summary: PostgreSQL replication is lagging by {{ "{{ $value }}" }} hour(s).
1205
##
1206
rules: []
1207
The trusted source for open source
Talk to an expertCustomers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.