values.yaml

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Default values for skywalking.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

serviceAccounts:
  oap:

oap:
  name: oap
  image:
    repository: apache/skywalking-oap-server
    tag: 8.0.1-es7
    pullPolicy: IfNotPresent
  storageType: elasticsearch7
  ports:
    grpc: 11800
    rest: 12800
  replicas: 2
  service:
    type: ClusterIP
  javaOpts: -Xmx2g -Xms2g
  antiAffinity: "soft"
  nodeAffinity: {}
  nodeSelector: {}
  tolerations: []
  resources: {}
    # limits:
    #   cpu: 8
    #   memory: 8Gi
    # requests:
    #   cpu: 8
    #   memory: 4Gi
  # podAnnotations:
  #   example: oap-foo
  envoy:
    als:
      enabled: false
      # more envoy ALS ,please refer to https://github.com/apache/skywalking/blob/master/docs/en/setup/envoy/als_setting.md#observe-service-mesh-through-als
  istio:
    adapter:
      enabled: false
  env:
    # more env, please refer to https://hub.docker.com/r/apache/skywalking-oap-server
    # or https://github.com/apache/skywalking-docker/blob/master/6/6.4/oap/README.md#sw_telemetry
ui:
  name: ui
  replicas: 1
  image:
    repository: apache/skywalking-ui
    tag: 8.0.1
    pullPolicy: IfNotPresent
  # podAnnotations:
  #   example: oap-foo
  ingress:
    enabled: false
    annotations: {}
      # kubernetes.io/ingress.class: nginx
      # kubernetes.io/tls-acme: "true"
    path: /
    hosts: []
    # - skywalking.local
    tls: []
    #  - secretName: skywalking-tls
    #    hosts:
    #      - skywalking.local
  service:
    type: ClusterIP
    # clusterIP: None
    externalPort: 80
    internalPort: 8080
    ## External IP addresses of service
    ## Default: nil
    ##
    # externalIPs:
    # - 192.168.0.1
    #
    ## LoadBalancer IP if service.type is LoadBalancer
    ## Default: nil
    ##
    # loadBalancerIP: 10.2.2.2
    # Annotation example: setup ssl with aws cert when service.type is LoadBalancer
    # service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:EXAMPLE_CERT
    annotations: {}
    ## Limit load balancer source ips to list of CIDRs (where available)
    # loadBalancerSourceRanges: []

elasticsearch:
  enabled: true
  config:               # For users of an existing elasticsearch cluster,takes effect when `elasticsearch.enabled` is false
    port:
      http: 9200
    host: elasticsearch # es service on kubernetes or host
    user: "xxx"         # [optional]
    password: "xxx"     # [optional]
  clusterName: "elasticsearch"
  nodeGroup: "master"

  # The service that non master groups will try to connect to when joining the cluster
  # This should be set to clusterName + "-" + nodeGroup for your master group
  masterService: ""

  # Elasticsearch roles that will be applied to this nodeGroup
  # These will be set as environment variables. E.g. node.master=true
  roles:
    master: "true"
    ingest: "true"
    data: "true"

  replicas: 3
  minimumMasterNodes: 2

  esMajorVersion: ""

  # Allows you to add any config files in /usr/share/elasticsearch/config/
  # such as elasticsearch.yml and log4j2.properties
  esConfig: {}
  #  elasticsearch.yml: |
  #    key:
  #      nestedkey: value
  #  log4j2.properties: |
  #    key = value

  # Extra environment variables to append to this nodeGroup
  # This will be appended to the current 'env:' key. You can use any of the kubernetes env
  # syntax here
  extraEnvs: []
  #  - name: MY_ENVIRONMENT_VAR
  #    value: the_value_goes_here

  # A list of secrets and their paths to mount inside the pod
  # This is useful for mounting certificates for security and for mounting
  # the X-Pack license
  secretMounts: []
  #  - name: elastic-certificates
  #    secretName: elastic-certificates
  #    path: /usr/share/elasticsearch/config/certs

  image: "docker.elastic.co/elasticsearch/elasticsearch"
  imageTag: "7.5.1"
  imagePullPolicy: "IfNotPresent"

  podAnnotations: {}
  # iam.amazonaws.com/role: es-cluster

  # additionals labels
  labels: {}

  esJavaOpts: "-Xmx1g -Xms1g"

  resources:
    requests:
      cpu: "100m"
      memory: "2Gi"
    limits:
      cpu: "1000m"
      memory: "2Gi"

  initResources: {}
    # limits:
    #   cpu: "25m"
    #   # memory: "128Mi"
    # requests:
    #   cpu: "25m"
  #   memory: "128Mi"

  sidecarResources: {}
    # limits:
    #   cpu: "25m"
    #   # memory: "128Mi"
    # requests:
    #   cpu: "25m"
  #   memory: "128Mi"

  networkHost: "0.0.0.0"

  volumeClaimTemplate:
    accessModes: [ "ReadWriteOnce" ]
    resources:
      requests:
        storage: 30Gi

  rbac:
    create: false
    serviceAccountName: ""

  podSecurityPolicy:
    create: false
    name: ""
    spec:
      privileged: true
      fsGroup:
        rule: RunAsAny
      runAsUser:
        rule: RunAsAny
      seLinux:
        rule: RunAsAny
      supplementalGroups:
        rule: RunAsAny
      volumes:
        - secret
        - configMap
        - persistentVolumeClaim

  persistence:
    enabled: false
    annotations: {}

  extraVolumes: ""
    # - name: extras
  #   emptyDir: {}

  extraVolumeMounts: ""
    # - name: extras
    #   mountPath: /usr/share/extras
  #   readOnly: true

  extraInitContainers: ""
    # - name: do-something
    #   image: busybox
  #   command: ['do', 'something']

  # This is the PriorityClass settings as defined in
  # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
  priorityClassName: ""

  # By default this will make sure two pods don't end up on the same node
  # Changing this to a region would allow you to spread pods across regions
  antiAffinityTopologyKey: "kubernetes.io/hostname"

  # Hard means that by default pods will only be scheduled if there are enough nodes for them
  # and that they will never end up on the same node. Setting this to soft will do this "best effort"
  antiAffinity: "hard"

  # This is the node affinity settings as defined in
  # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature
  nodeAffinity: {}

  # The default is to deploy all pods serially. By setting this to parallel all pods are started at
  # the same time when bootstrapping the cluster
  podManagementPolicy: "Parallel"

  protocol: http
  httpPort: 9200
  transportPort: 9300

  service:
    labels: {}
    labelsHeadless: {}
    type: ClusterIP
    nodePort: ""
    annotations: {}
    httpPortName: http
    transportPortName: transport

  updateStrategy: RollingUpdate

  # This is the max unavailable setting for the pod disruption budget
  # The default value of 1 will make sure that kubernetes won't allow more than 1
  # of your pods to be unavailable during maintenance
  maxUnavailable: 1

  podSecurityContext:
    fsGroup: 1000
    runAsUser: 1000

  # The following value is deprecated,
  # please use the above podSecurityContext.fsGroup instead
  fsGroup: ""

  securityContext:
    capabilities:
      drop:
        - ALL
    # readOnlyRootFilesystem: true
    runAsNonRoot: true
    runAsUser: 1000

  # How long to wait for elasticsearch to stop gracefully
  terminationGracePeriod: 120

  sysctlVmMaxMapCount: 262144

  readinessProbe:
    failureThreshold: 3
    initialDelaySeconds: 10
    periodSeconds: 10
    successThreshold: 3
    timeoutSeconds: 5

  # https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status
  clusterHealthCheckParams: "wait_for_status=green&timeout=1s"

  ## Use an alternate scheduler.
  ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
  ##
  schedulerName: ""

  imagePullSecrets: []
  nodeSelector: {}
  tolerations: []

  # Enabling this will publically expose your Elasticsearch instance.
  # Only enable this if you have security enabled on your cluster
  ingress:
    enabled: false
    annotations: {}
      # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
    path: /
    hosts:
      - chart-example.local
    tls: []
    #  - secretName: chart-example-tls
    #    hosts:
    #      - chart-example.local

  nameOverride: ""
  fullnameOverride: ""

  # https://github.com/elastic/helm-charts/issues/63
  masterTerminationFix: false

  lifecycle: {}
    # preStop:
    #   exec:
    #     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
    # postStart:
    #   exec:
  #     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]

  sysctlInitContainer:
    enabled: true

  keystore: []

nameOverride: ""
fullnameOverride: ""