| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # Default values for skywalking. |
| # This is a YAML-formatted file. |
| # Declare variables to be passed into your templates. |
| |
| serviceAccounts: |
| oap: |
| |
| oap: |
| name: oap |
| # When 'dynamicConfigEnabled' set to true, enable oap dynamic configuration through k8s configmap, |
| # Note: The default configmap data is empty, please refer to the detailed documentation (https://github.com/apache/skywalking/blob/master/docs/en/setup/backend/dynamic-config.md) |
| # Sync period in seconds. Defaults to 60 seconds. env: SW_CONFIG_CONFIGMAP_PERIOD |
| dynamicConfigEnabled: false |
| image: |
| repository: apache/skywalking-oap-server |
| tag: 8.1.0-es6 |
| pullPolicy: IfNotPresent |
| storageType: elasticsearch |
| ports: |
| grpc: 11800 |
| rest: 12800 |
| replicas: 2 |
| service: |
| type: ClusterIP |
| javaOpts: -Xmx2g -Xms2g |
| antiAffinity: "soft" |
| nodeAffinity: {} |
| nodeSelector: {} |
| tolerations: [] |
| resources: {} |
| # limits: |
| # cpu: 8 |
| # memory: 8Gi |
| # requests: |
| # cpu: 8 |
| # memory: 4Gi |
| # podAnnotations: |
| # example: oap-foo |
| envoy: |
| als: |
| enabled: false |
| # more envoy ALS ,please refer to https://github.com/apache/skywalking/blob/master/docs/en/setup/envoy/als_setting.md#observe-service-mesh-through-als |
| istio: |
| adapter: |
| enabled: false |
| env: |
| # more env, please refer to https://hub.docker.com/r/apache/skywalking-oap-server |
| # or https://github.com/apache/skywalking-docker/blob/master/6/6.4/oap/README.md#sw_telemetry |
| ui: |
| name: ui |
| replicas: 1 |
| image: |
| repository: apache/skywalking-ui |
| tag: 8.1.0 |
| pullPolicy: IfNotPresent |
| # podAnnotations: |
| # example: oap-foo |
| ingress: |
| enabled: false |
| annotations: {} |
| # kubernetes.io/ingress.class: nginx |
| # kubernetes.io/tls-acme: "true" |
| path: / |
| hosts: [] |
| # - skywalking.local |
| tls: [] |
| # - secretName: skywalking-tls |
| # hosts: |
| # - skywalking.local |
| service: |
| type: ClusterIP |
| # clusterIP: None |
| externalPort: 80 |
| internalPort: 8080 |
| ## External IP addresses of service |
| ## Default: nil |
| ## |
| # externalIPs: |
| # - 192.168.0.1 |
| # |
| ## LoadBalancer IP if service.type is LoadBalancer |
| ## Default: nil |
| ## |
| # loadBalancerIP: 10.2.2.2 |
| # Annotation example: setup ssl with aws cert when service.type is LoadBalancer |
| # service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:EXAMPLE_CERT |
| annotations: {} |
| ## Limit load balancer source ips to list of CIDRs (where available) |
| # loadBalancerSourceRanges: [] |
| |
| elasticsearch: |
| enabled: true |
| config: # For users of an existing elasticsearch cluster,takes effect when `elasticsearch.enabled` is false |
| port: |
| http: 9200 |
| host: elasticsearch # es service on kubernetes or host |
| user: "xxx" # [optional] |
| password: "xxx" # [optional] |
| clusterName: "elasticsearch" |
| nodeGroup: "master" |
| |
| # The service that non master groups will try to connect to when joining the cluster |
| # This should be set to clusterName + "-" + nodeGroup for your master group |
| masterService: "" |
| |
| # Elasticsearch roles that will be applied to this nodeGroup |
| # These will be set as environment variables. E.g. node.master=true |
| roles: |
| master: "true" |
| ingest: "true" |
| data: "true" |
| |
| replicas: 3 |
| minimumMasterNodes: 2 |
| |
| esMajorVersion: "" |
| |
| # Allows you to add any config files in /usr/share/elasticsearch/config/ |
| # such as elasticsearch.yml and log4j2.properties |
| esConfig: {} |
| # elasticsearch.yml: | |
| # key: |
| # nestedkey: value |
| # log4j2.properties: | |
| # key = value |
| |
| # Extra environment variables to append to this nodeGroup |
| # This will be appended to the current 'env:' key. You can use any of the kubernetes env |
| # syntax here |
| extraEnvs: [] |
| # - name: MY_ENVIRONMENT_VAR |
| # value: the_value_goes_here |
| |
| # A list of secrets and their paths to mount inside the pod |
| # This is useful for mounting certificates for security and for mounting |
| # the X-Pack license |
| secretMounts: [] |
| # - name: elastic-certificates |
| # secretName: elastic-certificates |
| # path: /usr/share/elasticsearch/config/certs |
| |
| image: "docker.elastic.co/elasticsearch/elasticsearch" |
| imageTag: "6.8.6" |
| imagePullPolicy: "IfNotPresent" |
| |
| podAnnotations: {} |
| # iam.amazonaws.com/role: es-cluster |
| |
| # additionals labels |
| labels: {} |
| |
| esJavaOpts: "-Xmx1g -Xms1g" |
| |
| resources: |
| requests: |
| cpu: "100m" |
| memory: "2Gi" |
| limits: |
| cpu: "1000m" |
| memory: "2Gi" |
| |
| initResources: {} |
| # limits: |
| # cpu: "25m" |
| # # memory: "128Mi" |
| # requests: |
| # cpu: "25m" |
| # memory: "128Mi" |
| |
| sidecarResources: {} |
| # limits: |
| # cpu: "25m" |
| # # memory: "128Mi" |
| # requests: |
| # cpu: "25m" |
| # memory: "128Mi" |
| |
| networkHost: "0.0.0.0" |
| |
| volumeClaimTemplate: |
| accessModes: [ "ReadWriteOnce" ] |
| resources: |
| requests: |
| storage: 30Gi |
| |
| rbac: |
| create: false |
| serviceAccountName: "" |
| |
| podSecurityPolicy: |
| create: false |
| name: "" |
| spec: |
| privileged: true |
| fsGroup: |
| rule: RunAsAny |
| runAsUser: |
| rule: RunAsAny |
| seLinux: |
| rule: RunAsAny |
| supplementalGroups: |
| rule: RunAsAny |
| volumes: |
| - secret |
| - configMap |
| - persistentVolumeClaim |
| |
| persistence: |
| enabled: false |
| annotations: {} |
| |
| extraVolumes: "" |
| # - name: extras |
| # emptyDir: {} |
| |
| extraVolumeMounts: "" |
| # - name: extras |
| # mountPath: /usr/share/extras |
| # readOnly: true |
| |
| extraInitContainers: "" |
| # - name: do-something |
| # image: busybox |
| # command: ['do', 'something'] |
| |
| # This is the PriorityClass settings as defined in |
| # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass |
| priorityClassName: "" |
| |
| # By default this will make sure two pods don't end up on the same node |
| # Changing this to a region would allow you to spread pods across regions |
| antiAffinityTopologyKey: "kubernetes.io/hostname" |
| |
| # Hard means that by default pods will only be scheduled if there are enough nodes for them |
| # and that they will never end up on the same node. Setting this to soft will do this "best effort" |
| antiAffinity: "hard" |
| |
| # This is the node affinity settings as defined in |
| # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature |
| nodeAffinity: {} |
| |
| # The default is to deploy all pods serially. By setting this to parallel all pods are started at |
| # the same time when bootstrapping the cluster |
| podManagementPolicy: "Parallel" |
| |
| protocol: http |
| httpPort: 9200 |
| transportPort: 9300 |
| |
| service: |
| labels: {} |
| labelsHeadless: {} |
| type: ClusterIP |
| nodePort: "" |
| annotations: {} |
| httpPortName: http |
| transportPortName: transport |
| |
| updateStrategy: RollingUpdate |
| |
| # This is the max unavailable setting for the pod disruption budget |
| # The default value of 1 will make sure that kubernetes won't allow more than 1 |
| # of your pods to be unavailable during maintenance |
| maxUnavailable: 1 |
| |
| podSecurityContext: |
| fsGroup: 1000 |
| runAsUser: 1000 |
| |
| # The following value is deprecated, |
| # please use the above podSecurityContext.fsGroup instead |
| fsGroup: "" |
| |
| securityContext: |
| capabilities: |
| drop: |
| - ALL |
| # readOnlyRootFilesystem: true |
| runAsNonRoot: true |
| runAsUser: 1000 |
| |
| # How long to wait for elasticsearch to stop gracefully |
| terminationGracePeriod: 120 |
| |
| sysctlVmMaxMapCount: 262144 |
| |
| readinessProbe: |
| failureThreshold: 3 |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| successThreshold: 3 |
| timeoutSeconds: 5 |
| |
| # https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status |
| clusterHealthCheckParams: "wait_for_status=green&timeout=1s" |
| |
| ## Use an alternate scheduler. |
| ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ |
| ## |
| schedulerName: "" |
| |
| imagePullSecrets: [] |
| nodeSelector: {} |
| tolerations: [] |
| |
| # Enabling this will publically expose your Elasticsearch instance. |
| # Only enable this if you have security enabled on your cluster |
| ingress: |
| enabled: false |
| annotations: {} |
| # kubernetes.io/ingress.class: nginx |
| # kubernetes.io/tls-acme: "true" |
| path: / |
| hosts: |
| - chart-example.local |
| tls: [] |
| # - secretName: chart-example-tls |
| # hosts: |
| # - chart-example.local |
| |
| nameOverride: "" |
| fullnameOverride: "" |
| |
| # https://github.com/elastic/helm-charts/issues/63 |
| masterTerminationFix: false |
| |
| lifecycle: {} |
| # preStop: |
| # exec: |
| # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] |
| # postStart: |
| # exec: |
| # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] |
| |
| sysctlInitContainer: |
| enabled: true |
| |
| keystore: [] |
| |
| nameOverride: "" |
| fullnameOverride: "" |