forked from coder/coder
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathvalues.yaml
More file actions
212 lines (196 loc) · 8.78 KB
/
values.yaml
File metadata and controls
212 lines (196 loc) · 8.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
# coder -- Primary configuration for `coder server`.
coder:
# coder.replicaCount -- The number of Kubernetes deployment replicas.
# This should only be increased if High Availability is enabled.
# This is an Enterprise feature. Contact sales@coder.com.
replicaCount: 1
# coder.image -- The image to use for Coder.
image:
# coder.image.repo -- The repository of the image.
repo: "ghcr.io/coder/coder"
# coder.image.tag -- The tag of the image, defaults to {{.Chart.AppVersion}}
# if not set. If you're using the chart directly from git, the default
# app version will not work and you'll need to set this value. The helm
# chart helpfully fails quickly in this case.
tag: ""
# coder.image.pullPolicy -- The pull policy to use for the image. See:
# https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
pullPolicy: IfNotPresent
# coder.image.pullSecrets -- The secrets used for pulling the Coder image from
# a private registry.
pullSecrets: []
# - name: "pull-secret"
# coder.initContainers -- Init containers for the deployment. See:
# https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
initContainers:
[]
# - name: init-container
# image: busybox:1.28
# command: ['sh', '-c', "sleep 2"]
# coder.annotations -- The Deployment annotations. See:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations: {}
# coder.serviceAccount -- Configuration for the automatically created service
# account. Creation of the service account cannot be disabled.
serviceAccount:
# coder.serviceAccount.workspacePerms -- Whether or not to grant the coder
# service account permissions to manage workspaces. This includes
# permission to manage pods and persistent volume claims in the deployment
# namespace.
#
# It is recommended to keep this on if you are using Kubernetes templates
# within Coder.
workspacePerms: true
# coder.serviceAccount.annotations -- The Coder service account annotations.
annotations: {}
# coder.serviceAccount.name -- The service account name
name: coder
# coder.env -- The environment variables to set for Coder. These can be used
# to configure all aspects of `coder server`. Please see `coder server --help`
# for information about what environment variables can be set.
# Note: The following environment variables are set by default and cannot be
# overridden:
# - CODER_HTTP_ADDRESS: set to 0.0.0.0:8080 and cannot be changed.
# - CODER_TLS_ADDRESS: set to 0.0.0.0:8443 if tls.secretName is not empty.
# - CODER_TLS_ENABLE: set if tls.secretName is not empty.
# - CODER_TLS_CERT_FILE: set if tls.secretName is not empty.
# - CODER_TLS_KEY_FILE: set if tls.secretName is not empty.
# - CODER_PROMETHEUS_ADDRESS: set to 0.0.0.0:6060 and cannot be changed.
# Prometheus must still be enabled by setting CODER_PROMETHEUS_ENABLE.
# - KUBE_POD_IP
# - CODER_DERP_SERVER_RELAY_URL
#
# We will additionally set CODER_ACCESS_URL if unset to the cluster service
# URL.
env: []
# - name: "CODER_ACCESS_URL"
# value: "https://coder.example.com"
# coder.volumes -- A list of extra volumes to add to the Coder pod.
volumes: []
# - name: "my-volume"
# emptyDir: {}
# coder.volumeMounts -- A list of extra volume mounts to add to the Coder pod.
volumeMounts: []
# - name: "my-volume"
# mountPath: "/mnt/my-volume"
# coder.tls -- The TLS configuration for Coder.
tls:
# coder.tls.secretNames -- A list of TLS server certificate secrets to mount
# into the Coder pod. The secrets should exist in the same namespace as the
# Helm deployment and should be of type "kubernetes.io/tls". The secrets
# will be automatically mounted into the pod if specified, and the correct
# "CODER_TLS_*" environment variables will be set for you.
secretNames: []
# coder.resources -- The resources to request for Coder. These are optional
# and are not set by default.
resources:
{}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# coder.certs -- CA bundles to mount inside the Coder pod.
certs:
# coder.certs.secrets -- A list of CA bundle secrets to mount into the Coder
# pod. The secrets should exist in the same namespace as the Helm
# deployment.
#
# The given key in each secret is mounted at
# `/etc/ssl/certs/{secret_name}.crt`.
secrets:
[]
# - name: "my-ca-bundle"
# key: "ca-bundle.crt"
# coder.affinity -- Allows specifying an affinity rule for the `coder` deployment.
# The default rule prefers to schedule coder pods on different
# nodes, which is only applicable if coder.replicaCount is greater than 1.
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/instance
operator: In
values:
- "coder"
topologyKey: kubernetes.io/hostname
weight: 1
# coder.tolerations -- Tolerations for tainted nodes.
# See: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations:
{}
# - key: "key"
# operator: "Equal"
# value: "value"
# effect: "NoSchedule"
# coder.nodeSelector -- Node labels for constraining coder pods to nodes.
# See: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
# kubernetes.io/os: linux
# coder.service -- The Service object to expose for Coder.
service:
# coder.service.enable -- Whether to create the Service object.
enable: true
# coder.service.type -- The type of service to expose. See:
# https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: LoadBalancer
# coder.service.sessionAffinity -- Must be set to ClientIP or None
# AWS ELB does not support session stickiness based on ClientIP, so you must set this to None.
# The error message you might see: "Unsupported load balancer affinity: ClientIP"
# https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity
sessionAffinity: ClientIP
# coder.service.externalTrafficPolicy -- The external traffic policy to use.
# You may need to change this to "Local" to preserve the source IP address
# in some situations.
# https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
externalTrafficPolicy: Cluster
# coder.service.loadBalancerIP -- The IP address of the LoadBalancer. If not
# specified, a new IP will be generated each time the load balancer is
# recreated. It is recommended to manually create a static IP address in
# your cloud and specify it here in production to avoid accidental IP
# address changes.
loadBalancerIP: ""
# coder.service.annotations -- The service annotations. See:
# https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
# coder.ingress -- The Ingress object to expose for Coder.
ingress:
# coder.ingress.enable -- Whether to create the Ingress object. If using an
# Ingress, we recommend not specifying coder.tls.secretNames as the Ingress
# will handle TLS termination.
enable: false
# coder.ingress.className -- The name of the Ingress class to use.
className: ""
# coder.ingress.host -- The hostname to match on.
host: ""
# coder.ingress.wildcardHost -- The wildcard hostname to match on. Should be
# in the form "*.example.com" or "*-suffix.example.com". If you are using a
# suffix after the wildcard, the suffix will be stripped from the created
# ingress to ensure that it is a legal ingress host. Optional if not using
# applications over subdomains.
wildcardHost: ""
# coder.ingress.annotations -- The ingress annotations.
annotations: {}
# coder.ingress.tls -- The TLS configuration to use for the Ingress.
tls:
# coder.ingress.tls.enable -- Whether to enable TLS on the Ingress.
enable: false
# coder.ingress.tls.secretName -- The name of the TLS secret to use.
secretName: ""
# coder.ingress.tls.wildcardSecretName -- The name of the TLS secret to
# use for the wildcard host.
wildcardSecretName: ""
# extraTemplates -- Array of extra objects to deploy with the release. Strings
# are evaluated as a template and can use template expansions and functions. All
# other objects are used as yaml.
extraTemplates:
#- |
# apiVersion: v1
# kind: ConfigMap
# metadata:
# name: my-configmap
# data:
# key: {{ .Values.myCustomValue | quote }}