app: affinity: {} autoscaling: enabled: true maxReplicas: 15 minReplicas: 2 targetCPUUtilizationPercentage: 60 targetMemoryUtilizationPercentage: 70 # Extra environment variables to append to this nodeGroup # This will be appended to the current 'env:' key. You can use any of the kubernetes env # syntax here extraEnv: [] # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here # - name: SPECIAL_LEVEL_KEY # valueFrom: # configMapKeyRef: # name: special-config # key: special.how # - name: SECRET_USERNAME # valueFrom: # secretKeyRef: # name: mysecret # key: username # optional: false extraConfigmapMounts: [] # - mountPath: /tmp/foobar # name: foobar # subpath: "" # readOnly: true extraContainers: [] # - name: download-tools # image: alpine:3.8 # command: [sh, -c] # args: # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && # mv linux-amd64/helm /custom-tools/ # volumeMounts: # - mountPath: /custom-tools # name: custom-tools # volumeMounts: # - mountPath: /usr/local/bin/helm # name: custom-tools # subPath: helm # -- Array of extra K8s manifests to deploy extraResources: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 # kind: SecretProviderClass # metadata: # name: argocd-secrets-store # spec: # provider: aws # parameters: # objects: | # - objectName: "argocd" # objectType: "secretsmanager" # jmesPath: # - path: "client_id" # objectAlias: "client_id" # - path: "client_secret" # objectAlias: "client_secret" # secretObjects: # - data: # - key: client_id # objectName: client_id # - key: client_secret # objectName: client_secret # secretName: argocd-secrets-store # type: Opaque # labels: # app.kubernetes.io/part-of: argocd extraSecretMounts: [] # - mountPath: /tmp/foobar # name: foobar # readOnly: true extraVolumeMounts: [] # - mountPath: /tmp/foobar # name: foobar # subpath: "" # readOnly: true fullnameOverride: palolo-app ingress: className: "alb" enabled: true # Just as with env, you can't declare half the map in # 2 values files, 1 will override the other sharedAnnotations: alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]' alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=30 alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS13-1-3-2021-06 alb.ingress.kubernetes.io/ssl-redirect: '443' alb.ingress.kubernetes.io/target-type: ip # Long enough to get our deployments out # But too long will do hotspotting alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=600,load_balancing.algorithm.type=least_outstanding_requests alb.ingress.kubernetes.io/scheme: internet-facing external-dns.alpha.kubernetes.io/ttl: "120" nameOverride: palolo-app nodeSelector: {} replicaCount: 2 restartPolicy: Always podSecurityContext: {} # fsGroup: 2000 resources: limits: cpu: 950m memory: 750Mi requests: cpu: 800m memory: 512Mi #TODO: The service template is hard-coded to use our .Values.service.port and port 80 service: type: NodePort port: 443 targetPort: server securityContext: runAsNonRoot: true # This is a magic number set in the Dockerfile as well # update it here, update it there # And unfortunately, it's a 1:1 migration story runAsUser: 4321 serviceAccount: # Annotations to add to the service account annotations: {} # Specifies whether a service account should be created create: true # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" tolerations: [] backup: extraEnv: [] nameOverride: backup serviceAccount: # Annotations to add to the service account annotations: {} # Specifies whether a service account should be created create: true # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" global: # -- Additional labels to add to all resources additionalLabels: {} # app: appname image: pullPolicy: Always repository: palolo/app # Overrides the image tag whose default is the chart version. tag: you_forgot_to_set_this_in_helm_cli_values imagePullSecrets: [{ "name": "docker-secret" }] worker: affinity: {} autoscaling: # behavior: # scaleDown: # policies: # - type: Pods # value: 4 # periodSeconds: 60 # - type: Percent # value: 30 # periodSeconds: 60 # scaleUp: # policies: # # We have a spin-up problem whereby starting the pod # # uses too much CPU, and since our Pods share a node, this knocks out the # # other Pods while it's running. # # # # So Scale-up needs to be slow. # - type: Percent # value: 20 # periodSeconds: 120 enabled: false minReplicas: 1 maxReplicas: 20 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 # Extra environment variables to append to this nodeGroup # This will be appended to the current 'env:' key. You can use any of the kubernetes env # syntax here extraEnv: [] # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here # - name: SPECIAL_LEVEL_KEY # valueFrom: # configMapKeyRef: # name: special-config # key: special.how # - name: SECRET_USERNAME # valueFrom: # secretKeyRef: # name: mysecret # key: username # optional: false extraConfigmapMounts: [] # - mountPath: /tmp/foobar # name: foobar # subpath: "" # readOnly: true extraContainers: [] # - name: download-tools # image: alpine:3.8 # command: [sh, -c] # args: # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && # mv linux-amd64/helm /custom-tools/ # volumeMounts: # - mountPath: /custom-tools # name: custom-tools # volumeMounts: # - mountPath: /usr/local/bin/helm # name: custom-tools # subPath: helm # -- Array of extra K8s manifests to deploy extraResources: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 # kind: SecretProviderClass # metadata: # name: argocd-secrets-store # spec: # provider: aws # parameters: # objects: | # - objectName: "argocd" # objectType: "secretsmanager" # jmesPath: # - path: "client_id" # objectAlias: "client_id" # - path: "client_secret" # objectAlias: "client_secret" # secretObjects: # - data: # - key: client_id # objectName: client_id # - key: client_secret # objectName: client_secret # secretName: argocd-secrets-store # type: Opaque # labels: # app.kubernetes.io/part-of: argocd extraSecretMounts: [] # - mountPath: /tmp/foobar # name: foobar # readOnly: true extraVolumeMounts: [] # - mountPath: /tmp/foobar # name: foobar # subpath: "" # readOnly: true fullnameOverride: palolo-worker initContainers: [] # - name: download-tools # image: alpine:3.8 # command: [sh, -c] # args: # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && # mv linux-amd64/helm /custom-tools/ # volumeMounts: # - mountPath: /custom-tools # name: custom-tools # volumeMounts: # - mountPath: /usr/local/bin/helm # name: custom-tools # subPath: helm nameOverride: palolo-worker nodeSelector: {} podAnnotations: {} podSecurityContext: {} # fsGroup: 2000 replicaCount: 1 resources: limits: cpu: 950m memory: 750Mi requests: cpu: 800m memory: 512Mi # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 service: annotations: {} port: 80 type: ClusterIP serviceAccount: # Annotations to add to the service account annotations: {} # Specifies whether a service account should be created create: true # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" tolerations: []