| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| ## Specifies the type of Kubernetes resource, such as "Deployment" or "StatefulSet." |
| deployType: Deployment |
| |
| ## Override the namespace where the resource is deployed. |
| namespaceOverride: ~ |
| |
| ## Labels to attach to the resource. |
| labels: ~ |
| |
| ## Annotations to attach to the resource. |
| annotations: ~ |
| |
| ## Node selector to constrain where the pods can be scheduled. |
| nodeSelector: ~ |
| |
| ## List of image pull secrets for pulling private container images. |
| imagePullSecrets: ~ |
| |
| ## Specifies the cluster's domain name for DNS resolution. |
| clusterDomain: cluster.local |
| |
| ## Number of replicas for the Deployment. |
| replicas: 1 |
| |
| image: |
| # Source of the container image. |
| registry: docker.io/apache/dubbo-admin |
| # Version tag of the container image. |
| tag: 0.5.0 |
| # Image pull policy, available options are: Always, IfNotPresent, Never. |
| pullPolicy: IfNotPresent |
| |
| rbac: |
| # Whether to enable the RBAC. |
| enabled: true |
| # Labels for RBAC resources. |
| labels: ~ |
| # Annotations for RBAC resources. |
| annotations: ~ |
| |
| serviceAccount: |
| # Whether to enable the ServiceAccount. |
| enabled: true |
| # Labels to be applied to the ServiceAccount. |
| labels: ~ |
| # Annotations to be added to the ServiceAccount. |
| annotations: ~ |
| |
| ## Define volume mounts for the application, Each item in the list represents a separate volume mount. |
| volumeMounts: ~ |
| ## Example: |
| # - name: vol |
| # mountPath: /data |
| # readOnly: true |
| |
| ## Define volumes for the application, Each item in the list represents a separate volume. |
| volumes: ~ |
| # - name: vol |
| # hostPath: |
| # path: /data |
| |
| ## Define a ConfigMap for the application, You can create a ConfigMap and specify its name, items, and defaultMode. |
| configMap: ~ |
| # name: config-file |
| # items: |
| # - key: file |
| # path: file |
| # defaultMode: 420 |
| |
| ## Define a Secret for the application, You can create a Secret and specify its name, items, and their corresponding keys and paths. |
| secret: ~ |
| # secretName: secret-file |
| # items: |
| # - key: tls.crt |
| # path: certificate |
| # - key: tls.key |
| # path: private |
| |
| strategy: |
| # Define the strategy for the application's deployment. |
| type: RollingUpdate |
| # Additional configuration for the RollingUpdate strategy can be specified here. |
| rollingUpdate: |
| # Maximum number or percentage of new replicas that can be created during an update. |
| maxSurge: 25% |
| # Maximum number or percentage of replicas that can be unavailable during an update. |
| maxUnavailable: 1 |
| |
| updateStrategy: |
| # Define the update strategy for the application's statefulSet. |
| type: RollingUpdate |
| # Additional configuration for the RollingUpdate update strategy can be specified here. |
| rollingUpdate: ~ |
| |
| ## Minimum time a pod must be ready before being considered available. |
| minReadySeconds: 0 |
| |
| ## Number of old ReplicaSets to retain for the Deployment. |
| revisionHistoryLimit: 10 |
| |
| ## Termination grace period for pods. |
| terminationGracePeriodSeconds: 30 |
| |
| startupProbe: |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 60 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 30 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The path to use for the HTTP GET request. |
| path: / |
| # The port on which the HTTP GET request will be made. |
| port: 8080 |
| |
| readinessProbe: |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 60 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 30 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The path to use for the HTTP GET request. |
| path: / |
| # The port on which the HTTP GET request will be made. |
| port: 8080 |
| |
| livenessProbe: |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 60 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 30 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The path to use for the HTTP GET request. |
| path: / |
| # The port on which the HTTP GET request will be made. |
| port: 8080 |
| |
| ## Define lifecycle hooks for the application container. |
| lifecycleHooks: ~ |
| # postStart: |
| # exec: |
| # command: ["/bin/sh", "-c", "echo Discover Infinite Possibilities, Starting Now! >> /var/log/postStart.log"] |
| # preStop: |
| # exec: |
| # command: ["/bin/sh", "-c", "while true; do echo Shutting down... >> /var/log/postStop.log; sleep 30; done"] |
| |
| service: |
| # Whether to enable the service. |
| enabled: true |
| # Labels to be applied to the service. |
| labels: ~ |
| # Annotations to be added to the service. |
| annotations: ~ |
| # Specifies the service type (ClusterIP, NodePort, LoadBalancer, etc.). |
| type: ClusterIP |
| # Specifies the ClusterIP for the service, or use "~" to auto-assign. |
| clusterIP: ~ |
| # List of external IPs to associate with the service. |
| externalIPs: ~ |
| # Specifies the IP address for a LoadBalancer service. |
| loadBalancerIP: ~ |
| # Restrict access to the LoadBalancer by IP ranges. |
| loadBalancerSourceRanges: ~ |
| # Specifies the LoadBalancer class (if applicable). |
| loadBalancerClass: ~ |
| # Specifies the session affinity mode (None, ClientIP) |
| sessionAffinity: None |
| # Set to 'true' to publish endpoints for not-ready pods. |
| publishNotReadyAddresses: true |
| # Protocol used by the service. |
| protocol: TCP |
| |
| resources: |
| # Maximum CPU and memory resources allowed for the container. |
| limits: |
| # CPU usage limit. |
| cpu: 1024m |
| # Memory usage limit. |
| memory: 1Gi |
| # Initial CPU and memory resource requests for the container. |
| requests: |
| # CPU usage request. |
| cpu: 512m |
| # Memory usage request. |
| memory: 512Mi |
| |
| ## Define toleration's for the application pods. |
| tolerations: ~ |
| # - key: CriticalAddonsOnly |
| # operator: Exists |
| # - effect: NoSchedule |
| # key: node-role.kubernetes.io/control-plane |
| |
| persistence: |
| # Whether to enable the persistence volume. |
| enabled: false |
| # Labels to be applied to the persistence volume. |
| labels: ~ |
| # Annotations to be added to the persistence volume. |
| annotations: ~ |
| # Name of the PersistentVolumeClaim. |
| claimName: "" |
| # Storage class for the PersistentVolumeClaim. |
| storageclass: "" |
| # Size of the PersistentVolumeClaim. |
| size: 5Gi |
| # Access modes for the PersistentVolumeClaim. |
| accessModes: ReadWriteOnce |
| |
| securityContext: |
| # Specifies the user ID under which the container should run. |
| runAsUser: 1000 |
| # Specifies the user ID under which the container should run. |
| runAsGroup: 1000 |
| # Set to 'true' to run the container as a non-root user. |
| runAsNonRoot: false |
| # Prevent the container from writing to the root file system. |
| readOnlyRootFilesystem: true |
| # Set to 'false' to disallow privilege escalation for the container. |
| allowPrivilegeEscalation: false |
| |
| podDisruptionBudget: |
| # Whether to enable the PDB. |
| enabled: false |
| # Labels to be applied to the PDB. |
| labels: ~ |
| # Annotations to be added to the PDB. |
| annotations: ~ |
| # Minimum number of pods that must be available during disruptions. |
| minAvailable: 1 |
| # Maximum number of pods that can be unavailable during disruptions. |
| maxUnavailable: 1 |
| # Unhealthy Pod Eviction Policy when PDB is disabled (IfHealthyBudget or DoNotEvict). |
| unhealthyPodEvictionPolicy: IfHealthyBudget |
| |
| podSecurityPolicy: |
| # Whether to enable the PSP. |
| enabled: false |
| # Labels to be applied to the PSP. |
| labels: ~ |
| # Annotations to be added to the PSP. |
| annotations: ~ |
| |
| networkPolicy: |
| # Whether to enable the network policies. |
| enabled: false |
| # Labels to be applied to the network policy. |
| labels: ~ |
| # Annotations to be added to the network policy |
| annotations: ~ |
| # Define the pod selector for network policy. |
| podSelector: ~ |
| # Define ingress rules for network policy. |
| ingress: ~ |
| # - from: |
| # - ipBlock: |
| # cidr: 172.16.0.0/16 |
| # except: |
| # - 172.16.1.0/24 |
| # - podSelector: |
| # matchLabels: |
| # role: admin |
| # - namespaceSelector: |
| # matchLabels: |
| # role: frontend |
| # ports: |
| # - port: 10001 |
| # endPort: 10002 |
| # protocol: TCP |
| # Define egress rules for network policy. |
| egress: ~ |
| # - ports: |
| # - port: 10001 |
| # endPort: 10002 |
| # protocol: TCP |
| # to: |
| # - ipBlock: |
| # cidr: 172.16.0.0/16 |
| # - podSelector: |
| # matchLabels: |
| # role: db |
| # - namespaceSelector: |
| # matchExpressions: |
| # - key: namespace |
| # operator: In |
| # values: |
| # - frontend |
| # - backend |
| |
| jobs: |
| # Override the namespace where the resource is deployed. |
| namespaceOverride: ~ |
| # Labels to attach to the resource. |
| labels: ~ |
| # Annotations to attach to the resource. |
| annotations: ~ |
| # Specify the restart policy (OnFailure, Never, Always, etc.). |
| restartPolicy: OnFailure |
| |
| image: |
| # Source of the container image. |
| registry: docker.io/bitnami/kubectl |
| # Version tag of the container image. |
| tag: 1.28.4 |
| # Image pull policy, available options are: Always, IfNotPresent, Never. |
| pullPolicy: IfNotPresent |
| |
| auth: |
| ## Whether to enable the control-plane auth control. |
| enabled: false |
| |
| authorization: |
| # Specify the action for authorization (DENY, ALLOW, etc.) |
| action: DENY |
| |
| # Specify the match type for authorization (anyMatch, allMatch, etc.) |
| matchType: anyMatch |
| |
| # Specify the match type for authorization rule sampling rate has a range of 0 to 100. |
| samples: 0 |
| |
| authentication: |
| # Specify the action for authentication (STRICT, PERMISSIVE, etc.) |
| action: STRICT |
| |
| # Specify the action for authentication port number for applying the authentication policy |
| port: 38080 |
| |
| traffic: |
| ## Whether to enable the traffic. |
| enabled: false |
| |
| conditionRoute: |
| # Supports service and application scope rules. |
| scope: service |
| # Whether enable this rule or not, set enabled:false to disable this rule. |
| enabled: true |
| # The behaviour when the instance subset is empty after routing. |
| force: true |
| # Whether run routing rule for every rpc invocation or use routing cache if available. |
| runtime: true |
| # Specify the specific priority for traffic (adjust within the range 1 ~ 100). |
| priority: 100 |
| # The version of the condition rule definition, currently available version is v3.0. |
| configVersion: v3.0 |
| # The identifier of the target service or application that this rule is about to apply to. |
| # If scope:service is set, then keyshould be specified as the Dubbo service key that this rule targets to control. |
| # If scope:application is set, then keyshould be specified as the name of the application that this rule targets to control, application should always be a Dubbo Consumer. |
| key: org.apache.dubbo.samples.CommentService |
| # The condition routing rule definition of this configuration. Check Condition for details. |
| conditions: method=getComment => region=Hangzhou |
| |
| dynamicConfig: |
| # Supports service and application scope rules. |
| scope: service |
| # The version of the tag rule definition, currently available version is v3.0. |
| configVersion: v3.0 |
| # The identifier of the target service or application that this rule is about to apply to. |
| # If scope:service is set, then keyshould be specified as the Dubbo service key that this rule targets to control. |
| # If scope:application is set, then keyshould be specified as the name of the application that this rule targets to control, application should always be a Dubbo Consumer. |
| key: org.apache.dubbo.samples.UserService |
| # Especially useful when scope:service is set. |
| # side: providermeans this Config will only take effect on the provider instances of the service key. |
| # side: consumermeans this Config will only take effect on the consumer instances of the service key |
| side: consumer |
| # The application matching condition for this config rule to take effect. |
| # Effective when scope:service is set. |
| # https://github.com/google/re2/wiki/Syntax. |
| # exact: value for exact string |
| exact: shop-frontend |
| |
| tagRoute: |
| # The name of the tag used to match the dubbo tag value in the request context. |
| name: gray |
| # Whether enable this rule or not, set enabled:false to disable this rule. |
| enabled: false |
| # The behaviour when the instance subset is empty after routing. |
| force: true |
| # The version of the tag rule definition, currently available version is v3.0. |
| configVersion: v3.0 |
| # Specify the specific priority for traffic (adjust within the range 1 ~ 100). |
| priority: 99 |
| # The identifier of the target application that this rule is about to control. |
| key: details |
| |
| observable: |
| ## Whether to enable the observability. |
| enabled: true |
| |
| zookeeper: |
| ## Whether to enable the zookeeper. |
| enabled: false |
| |
| ## Override the namespace where the resource is deployed. |
| namespaceOverride: ~ |
| |
| ## Labels to attach to the resource. |
| labels: ~ |
| |
| ## Annotations to attach to the resource. |
| annotations: ~ |
| |
| ## Specifies the cluster's domain name for DNS resolution. |
| clusterDomain: cluster.local |
| |
| ## Number of replicas for the Deployment. |
| replicas: 1 |
| |
| image: |
| # Source of the container image. |
| registry: docker.io/bitnami/zookeeper |
| # Version tag of the container image. |
| tag: 3.8.1-debian-11-r18 |
| # Image pull policy, available options are: Always, IfNotPresent, Never. |
| pullPolicy: IfNotPresent |
| # Set to 'true' to enable debug mode for the image. |
| debug: false |
| |
| securityContext: |
| # Whether to enable the security context. |
| enabled: true |
| # Defines the POSIX group ID that owns the pod's volumes. |
| fsGroup: 1001 |
| |
| containerSecurityContext: |
| # Whether to enable the container security context. |
| enabled: true |
| # Specifies the user ID under which the container should run. |
| runAsUser: 1001 |
| # Set to 'true' to run the container as a non-root user. |
| runAsNonRoot: true |
| # Set to 'false' to disallow privilege escalation for the container. |
| allowPrivilegeEscalation: false |
| |
| service: |
| # Labels to be applied to the service. |
| labels: ~ |
| # Annotations to be added to the service. |
| annotations: ~ |
| # Specifies the service type (ClusterIP, NodePort, LoadBalancer, etc.). |
| type: ClusterIP |
| # Specifies the ClusterIP for the service, or use "~" to auto-assign. |
| clusterIP: ~ |
| # List of external IPs to associate with the service. |
| externalIPs: ~ |
| # Specifies the IP address for a LoadBalancer service. |
| loadBalancerIP: ~ |
| # Restrict access to the LoadBalancer by IP ranges. |
| loadBalancerSourceRanges: ~ |
| # Specifies the LoadBalancer class (if applicable). |
| loadBalancerClass: ~ |
| # Specifies the session affinity mode (None, ClientIP) |
| sessionAffinity: None |
| # Set to 'true' to publish endpoints for not-ready pods. |
| publishNotReadyAddresses: true |
| |
| resources: |
| # Maximum CPU and memory resources allowed for the container. |
| limits: |
| # CPU usage limit. |
| cpu: 250m |
| # Memory usage limit. |
| memory: 256Mi |
| # Initial CPU and memory resource requests for the container. |
| requests: |
| # CPU usage request. |
| cpu: 250m |
| # Memory usage request. |
| memory: 256Mi |
| |
| startupProbe: |
| # Number of consecutive failures before marking the container as unhealthy. |
| failureThreshold: 6 |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 5 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 5 |
| exec: |
| # Run the specified command to check. |
| command: [ '/bin/bash', '-c', 'echo "ruok" | timeout 2 nc -w 2 localhost 2181 | grep imok' ] |
| |
| readinessProbe: |
| # Number of consecutive failures before marking the container as unhealthy. |
| failureThreshold: 6 |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 5 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 5 |
| exec: |
| # Run the specified command to check. |
| command: [ '/bin/bash', '-c', 'echo "ruok" | timeout 2 nc -w 2 localhost 2181 | grep imok' ] |
| |
| livenessProbe: |
| # Number of consecutive failures before marking the container as unhealthy. |
| failureThreshold: 6 |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 30 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 5 |
| exec: |
| # Run the specified command to check. |
| command: [ '/bin/bash', '-c', 'echo "ruok" | timeout 2 nc -w 2 localhost 2181 | grep imok' ] |
| |
| # This allows a dedicated log device to be used, and helps avoid competition between logging and snapshots. |
| dataLogDir: "" |
| # tickTime Basic time unit (in milliseconds) used by ZooKeeper for heartbeats. |
| tickTime: 2000 |
| # initLimit ZooKeeper uses to limit the length of time the ZooKeeper servers in quorum have to connect to a leader. |
| initLimit: 10 |
| # syncLimit How far out of date a server can be from a leader. |
| syncLimit: 5 |
| # preAllocSize Block size for transaction log file. |
| preAllocSize: 65536 |
| # snapCount The number of transactions recorded in the transaction log before a snapshot can be taken (and the transaction log rolled). |
| snapCount: 100000 |
| # fourlwCommandsWhitelist A list of comma separated Four Letter Words commands that can be executed. |
| fourlwCommandsWhitelist: srvr, mntr, ruok |
| # listenOnAllIPs Allow ZooKeeper to listen for connections from its peers on all available IP addresses. |
| listenOnAllIPs: false |
| # Ongoing data directory cleanup configuration |
| autopurge: |
| # snapRetainCount The most recent snapshots amount (and corresponding transaction logs) to retain. |
| snapRetainCount: 3 |
| # purgeInterval The time interval (in hours) for which the purge task has to be triggered. |
| purgeInterval: 0 |
| # maxClientCnxns Limits the number of concurrent connections that a single client may make to a single member of the ZooKeeper ensemble. |
| maxClientCnxns: 60 |
| # maxSessionTimeout Maximum session timeout (in milliseconds) that the server will allow the client to negotiate. |
| maxSessionTimeout: 40000 |
| # heapSize Size (in MB) for the Java Heap options (Xmx and Xms). |
| heapSize: 1024 |
| # logLevel Log level for the ZooKeeper server. ERROR by default. |
| logLevel: ERROR |
| # authentication parameters. |
| auth: |
| # authentication client settings. |
| client: |
| # auth.client.enabled Enable ZooKeeper client-server authentication. It uses SASL/Digest-MD5. |
| enabled: false |
| # auth.client.clientUser User that will use ZooKeeper clients to auth. |
| clientUser: "" |
| # auth.client.clientPassword Password that will use ZooKeeper clients to auth. |
| clientPassword: "" |
| # auth.client.serverUsers Comma, semicolon or whitespace separated list of user to be created. |
| serverUsers: "" |
| # auth.client.serverPasswords Comma, semicolon or whitespace separated list of passwords to assign to users when created. |
| serverPasswords: "" |
| # auth.client.existingSecret Use existing secret (ignores previous passwords). |
| existingSecret: "" |
| # authentication quorum settings. |
| quorum: |
| # auth.quorum.enabled Enable ZooKeeper server-server authentication. It uses SASL/Digest-MD5. |
| enabled: false |
| # auth.quorum.learnerUser User that the ZooKeeper quorumLearner will use to authenticate to quorumServers. |
| learnerUser: "" |
| # auth.quorum.learnerPassword Password that the ZooKeeper quorumLearner will use to authenticate to quorumServers. |
| learnerPassword: "" |
| # auth.quorum.serverUsers Comma, semicolon or whitespace separated list of users for the quorumServers. |
| serverUsers: "" |
| # auth.quorum.serverPasswords Comma, semicolon or whitespace separated list of passwords to assign to users when created. |
| serverPasswords: "" |
| # auth.quorum.existingSecret Use existing secret (ignores previous passwords). |
| existingSecret: "" |
| |
| nacos: |
| ## Whether to enable the nacos. |
| enabled: true |
| |
| ## Specifies the mode in which nacos is running (standalone, cluster, etc.). |
| mode: standalone |
| |
| ## Override the namespace where the resource is deployed. |
| namespaceOverride: ~ |
| |
| ## Labels to attach to the resource. |
| labels: ~ |
| |
| ## Annotations to attach to the resource. |
| annotations: ~ |
| |
| ## Specifies the cluster's domain name for DNS resolution. |
| clusterDomain: cluster.local |
| |
| ## Number of replicas for the Deployment. |
| replicas: 1 |
| |
| plugin: |
| # Whether to enable the plugin. |
| enabled: true |
| # Configure the container image for the plugin. |
| image: |
| # Docker registry where the plugin image is hosted. |
| registry: nacos/nacos-peer-finder-plugin |
| # Specifies the image tag to use. |
| tag: 1.1 |
| # Image pull policy (IfNotPresent, Always, Never). |
| pullPolicy: IfNotPresent |
| |
| image: |
| # Source of the container image. |
| registry: docker.io/nacos/nacos-server |
| # Version tag of the container image. |
| tag: v2.2.3 |
| # Image pull policy, available options are: Always, IfNotPresent, Never. |
| pullPolicy: IfNotPresent |
| |
| securityContext: |
| # Whether to enable the security context. |
| enabled: true |
| # Defines the POSIX group ID that owns the pod's volumes. |
| fsGroup: 1001 |
| |
| containerSecurityContext: |
| # Whether to enable the container security context. |
| enabled: true |
| # Specifies the user ID under which the container should run. |
| runAsUser: 1001 |
| # Set to 'true' to run the container as a non-root user. |
| runAsNonRoot: true |
| # Set to 'false' to disallow privilege escalation for the container. |
| allowPrivilegeEscalation: false |
| |
| service: |
| # Labels to be applied to the service. |
| labels: ~ |
| # Annotations to be added to the service. |
| annotations: ~ |
| # Specifies the service type (ClusterIP, NodePort, LoadBalancer, etc.). |
| type: NodePort |
| # Specifies the ClusterIP for the service, or use "~" to auto-assign. |
| clusterIP: ~ |
| # List of external IPs to associate with the service. |
| externalIPs: ~ |
| # Specifies the IP address for a LoadBalancer service. |
| loadBalancerIP: ~ |
| # Restrict access to the LoadBalancer by IP ranges. |
| loadBalancerSourceRanges: ~ |
| # Specifies the LoadBalancer class (if applicable). |
| loadBalancerClass: ~ |
| # Specifies the session affinity mode (None, ClientIP) |
| sessionAffinity: None |
| # Set to 'true' to publish endpoints for not-ready pods. |
| publishNotReadyAddresses: true |
| |
| startupProbe: |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 180 |
| # How often to perform the probe. |
| periodSeconds: 5 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 10 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The protocol used for the HTTP GET request (HTTP, HTTPS). |
| scheme: HTTP |
| # The port on which the HTTP GET request will be made. |
| port: 8848 |
| # The path to use for the HTTP GET request. |
| path: /nacos/v1/console/health/readiness |
| |
| readinessProbe: |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 10 |
| # How often to perform the probe. |
| periodSeconds: 5 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 10 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The protocol used for the HTTP GET request (HTTP, HTTPS). |
| scheme: HTTP |
| # The port on which the HTTP GET request will be made. |
| port: 8848 |
| # The path to use for the HTTP GET request. |
| path: /nacos/v1/console/health/readiness |
| |
| livenessProbe: |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 10 |
| # How often to perform the probe. |
| periodSeconds: 5 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 10 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The protocol used for the HTTP GET request (HTTP, HTTPS). |
| scheme: HTTP |
| # The port on which the HTTP GET request will be made. |
| port: 8848 |
| # The path to use for the HTTP GET request. |
| path: /nacos/v1/console/health/liveness |
| |
| resources: |
| # Maximum CPU and memory resources allowed for the container. |
| limits: |
| # CPU usage limit. |
| cpu: ~ |
| # Memory usage limit. |
| memory: ~ |
| # Initial CPU and memory resource requests for the container. |
| requests: |
| # CPU usage request. |
| cpu: ~ |
| # Memory usage request. |
| memory: ~ |
| |
| # Specifies the port on which the server should run. |
| serverPort: 8848 |
| |
| # Specifies the preferred host mode (e.g., 'hostname'). |
| preferhostmode: ~ |
| |
| storage: |
| # Specifies the storage type (embedded, mysql, etc.). |
| type: embedded |
| # For MySQL storage, you need to change the "embedded" to "mysql" before you can use the db configuration. |
| db: |
| # Specifies the database host. |
| host: localhost |
| # Specifies the database name. |
| name: nacos |
| # Specifies the database port. |
| port: 3306 |
| # Specifies the database username. |
| username: mysql |
| # Specifies the database password. |
| password: passw0rd |
| # Additional database connection parameters (if needed). |
| param: "" |
| |
| ingress: |
| ## Whether to enable the ingress. |
| enabled: false |
| |
| hosts: |
| # Specify the host for the admin Ingress |
| admin: admin.k8s.example |
| # Specify the host for the Prometheus Ingress |
| prometheus: prom.k8s.example |
| # Specify the host for the Grafana Ingress |
| grafana: grafana.k8s.example |
| |
| ## Override the name of the resource. |
| nameOverride: ~ |
| |
| ## Override the namespace where the resource is deployed. |
| namespaceOverride: ~ |
| |
| ## Labels to attach to the resource. |
| labels: ~ |
| |
| ## Annotations to attach to the resource. |
| annotations: ~ |
| |
| ## Node selector to constrain where the pods can be scheduled. |
| nodeSelector: ~ |
| |
| ## Number of replicas for the Deployment. |
| replicas: 1 |
| |
| image: |
| # Source of the container image. |
| registry: docker.io/traefik |
| # Version tag of the container image. |
| tag: v2.10.4 |
| # Image pull policy, available options are: Always, IfNotPresent, Never. |
| pullPolicy: IfNotPresent |
| |
| readinessProbe: |
| # Number of consecutive failures before marking the container as unhealthy. |
| failureThreshold: 1 |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 2 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 2 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The path to use for the HTTP GET request. |
| path: /ping |
| # The port on which the HTTP GET request will be made. |
| port: 9000 |
| # The protocol used for the HTTP GET request (HTTP, HTTPS). |
| scheme: HTTP |
| |
| livenessProbe: |
| # Number of consecutive failures before marking the container as unhealthy. |
| failureThreshold: 3 |
| # Delay before the probe is initiated. |
| initialDelaySeconds: 2 |
| # How often to perform the probe. |
| periodSeconds: 10 |
| # Minimum consecutive successes for the probe to be considered successful. |
| successThreshold: 1 |
| # Time to wait for the probe to complete. |
| timeoutSeconds: 2 |
| # Perform an HTTP GET request to check. |
| httpGet: |
| # The path to use for the HTTP GET request. |
| path: /ping |
| # The port on which the HTTP GET request will be made. |
| port: 9000 |
| # The protocol used for the HTTP GET request (HTTP, HTTPS). |
| scheme: HTTP |
| |
| strategy: |
| # Additional configuration for the RollingUpdate strategy can be specified here. |
| rollingUpdate: |
| # Maximum number of pods that can be created above the desired replica count. |
| maxSurge: 1 |
| # Maximum number of pods that can be unavailable during the update. |
| maxUnavailable: 0 |
| |
| securityContext: |
| # Specifies the user ID under which the container should run. |
| runAsUser: 65532 |
| # Specifies the group ID under which the container should run. |
| runAsGroup: 65532 |
| # Set to 'true' to run the container as a non-root user. |
| runAsNonRoot: true |
| |
| containersecurityContext: |
| # Configure Linux capabilities for the container. |
| capabilities: |
| # Drop all capabilities |
| drop: |
| - ALL |
| # Prevent the container from writing to the root file system. |
| readOnlyRootFilesystem: true |
| # Set to 'false' to disallow privilege escalation for the container. |
| allowPrivilegeEscalation: false |
| |
| resources: |
| # Maximum CPU and memory resources allowed for the container. |
| limits: |
| # CPU usage limit. |
| cpu: 100m |
| # Memory usage limit. |
| memory: 100Mi |
| # Initial CPU and memory resource requests for the container. |
| requests: |
| # CPU usage request. |
| cpu: 100m |
| # Memory usage request. |
| memory: 100Mi |
