mongodb-sharded

Helm chart

Last changed

Request a free trial

Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.

Tag:

# This file has been modified by Chainguard, Inc.

# Chainguard, Inc. modifications are subject to the license

# available at: https://www.chainguard.dev/legal/software-license-agreement

# SPDX-License-Identifier: APACHE-2.0

## @section Global parameters

## Global Docker image parameters

## Please, note that this will override the image parameters, including dependencies, configured to use the global value

## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass

## @param global.imageRegistry Global Docker image registry

## @param global.imagePullSecrets Global Docker registry secret names as an array

## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)

## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead

global:

imageRegistry: ""

## E.g.

## imagePullSecrets:

## - myRegistryKeySecretName

imagePullSecrets: []

defaultStorageClass: ""

storageClass: ""

## Security parameters

security:

## @param global.security.allowInsecureImages Allows skipping image verification

allowInsecureImages: false

## Compatibility adaptations for Kubernetes platforms

compatibility:

## Compatibility adaptations for Openshift

openshift:

## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)

adaptSecurityContext: auto

org: ""

## @section Common parameters

## @param kubeVersion Override Kubernetes version

kubeVersion: ""

## @param nameOverride String to partially override common.names.name

nameOverride: ""

## @param fullnameOverride String to fully override common.names.fullname

fullnameOverride: ""

## @param namespaceOverride String to fully override common.names.namespace

namespaceOverride: ""

## @param commonLabels Labels to add to all deployed objects

commonLabels: {}

## @param commonAnnotations Annotations to add to all deployed objects

commonAnnotations: {}

## @param clusterDomain Kubernetes cluster domain name

clusterDomain: cluster.local

## @param extraDeploy Array of extra objects to deploy with the release

extraDeploy: []

## Enable diagnostic mode in the deployment

diagnosticMode:

## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)

enabled: false

## @param diagnosticMode.command Command to override all containers in the deployment

command:

- sleep

## @param diagnosticMode.args Args to override all containers in the deployment

args:

- infinity

## @section MongoDB(®) Sharded parameters

## Iamguarded MongoDB(®) Sharded image version

## ref: https://hub.docker.com/r/iamguarded/mongodb-sharded/tags/

## @param image.registry [default: REGISTRY_NAME] MongoDB(®) Sharded image registry

## @param image.repository [default: REPOSITORY_NAME/mongodb-sharded] MongoDB(®) Sharded Image name

## @skip image.tag MongoDB(®) Sharded image tag (immutable tags are recommended)

## @param image.digest MongoDB(®) Sharded image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag

## @param image.pullPolicy MongoDB(®) Sharded image pull policy

## @param image.pullSecrets Specify docker-registry secret names as an array

## @param image.debug Specify if debug logs should be enabled

image:

100

registry: cgr.dev

101

repository: chainguard-private/mongodb-sharded-iamguarded

102

tag: 8.2.5

103

digest: ""

104

## Specify a imagePullPolicy

105

## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images

106

107

pullPolicy: IfNotPresent

108

## Optionally specify an array of imagePullSecrets.

109

## Secrets must be manually created in the namespace.

110

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

111

## e.g:

112

## pullSecrets:

113

## - myRegistryKeySecretName

114

115

pullSecrets: []

116

## Set to true if you would like to see extra information on logs

117

118

debug: false

119

## MongoDB(®) Authentication parameters

120

121

auth:

122

## @param auth.enabled Enable authentication

123

## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/

124

125

enabled: true

126

## @param auth.rootUser MongoDB(®) root user

127

128

rootUser: root

129

## @param auth.rootPassword MongoDB(®) root password

130

## ref: https://github.com/iamguarded/containers/tree/main/iamguarded/mongodb#setting-the-root-user-and-password-on-first-run

131

132

rootPassword: ""

133

## @param auth.replicaSetKey Key used for authentication in the replicaset

134

135

replicaSetKey: ""

136

## @param auth.existingSecret Existing secret with MongoDB(®) credentials (keys: `mongodb-password`, `mongodb-root-password`, `mongodb-replica-set-key`)

137

## NOTE: When it's set the previous parameters are ignored.

138

139

existingSecret: ""

140

## @param auth.usePasswordFiles Mount credentials as files instead of using environment variables

141

142

usePasswordFiles: true

143

## @param shards Number of shards to be created

144

## ref: https://docs.mongodb.com/manual/core/sharded-cluster-shards/

145

146

shards: 2

147

## Properties for all of the pods in the cluster (shards, config servers and mongos)

148

149

common:

150

## @param common.mongodbEnableNumactl Enable launch MongoDB instance prefixed with "numactl --interleave=all"

151

## ref: https://docs.mongodb.com/manual/administration/production-notes/#mongodb-and-numa-hardware

152

153

mongodbEnableNumactl: false

154

## @param common.useHostnames Enable DNS hostnames in the replica set config

155

156

useHostnames: true

157

## @param common.mongodbEnableIPv6 Switch to enable/disable IPv6 on MongoDB®

158

## ref: https://github.com/iamguarded/containers/tree/main/iamguarded/mongodb#enablingdisabling-ipv6

159

160

mongodbEnableIPv6: false

161

## @param common.mongodbDirectoryPerDB Switch to enable/disable DirectoryPerDB on MongoDB®

162

## ref: https://github.com/iamguarded/containers/tree/main/iamguarded/mongodb#enablingdisabling-directoryperdb

163

164

mongodbDirectoryPerDB: false

165

## @param common.mongodbSystemLogVerbosity MongoDB® system log verbosity level

166

## ref: https://docs.mongodb.com/manual/reference/program/mongo/#cmdoption-mongo-ipv6

167

168

mongodbSystemLogVerbosity: 0

169

## @param common.mongodbDisableSystemLog Whether to disable MongoDB® system log or not

170

## ref: https://github.com/iamguarded/containers/tree/main/iamguarded/mongodb#configuring-system-log-verbosity-level

171

172

mongodbDisableSystemLog: false

173

## @param common.mongodbInitRetryAttempts Maximum retries for checking the MongoDB® initialization status

174

175

mongodbInitRetryAttempts: 24

176

## @param common.mongodbInitRetryDelay Time (in seconds) to wait between retries for checking the MongoDB® initialization status

177

178

mongodbInitRetryDelay: 5

179

## @param common.initScriptsCM Configmap with init scripts to execute

180

181

initScriptsCM: ""

182

## @param common.initScriptsSecret Secret with init scripts to execute (for sensitive data)

183

184

initScriptsSecret: ""

185

## @param common.extraEnvVars An array to add extra env vars

186

## For example:

187

## extraEnvVars:

188

## - name: KIBANA_ELASTICSEARCH_URL

189

## value: test

190

191

extraEnvVars: []

192

## @param common.extraEnvVarsCM Name of a ConfigMap containing extra env vars

193

194

extraEnvVarsCM: ""

195

## @param common.extraEnvVarsSecret Name of a Secret containing extra env vars

196

197

extraEnvVarsSecret: ""

198

## @param common.sidecars Add sidecars to the pod

199

## For example:

200

## sidecars:

201

## - name: your-image-name

202

## image: your-image

203

## imagePullPolicy: Always

204

## ports:

205

## - name: portname

206

## containerPort: 1234

207

208

sidecars: []

209

## @param common.initContainers Add init containers to the pod

210

## For example:

211

## initcontainers:

212

## - name: your-image-name

213

## image: your-image

214

## imagePullPolicy: Always

215

216

initContainers: []

217

## @param common.podAnnotations Additional pod annotations

218

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

219

220

podAnnotations: {}

221

## @param common.podLabels Additional pod labels

222

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

223

224

podLabels: {}

225

## @param common.extraVolumes Array to add extra volumes

226

227

extraVolumes: []

228

## @param common.extraVolumeMounts Array to add extra mounts (normally used with extraVolumes)

229

230

extraVolumeMounts: []

231

## @param common.containerPorts.mongodb MongoDB container port

232

233

containerPorts:

234

mongodb: 27017

235

## K8s Service Account.

236

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

237

238

serviceAccount:

239

## @param common.serviceAccount.create Whether to create a Service Account for all pods automatically

240

241

create: true

242

## @param common.serviceAccount.name Name of a Service Account to be used by all Pods

243

## If not set and create is true, a name is generated using the XXX.fullname template

244

245

246

## @param common.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)

247

248

annotations: {}

249

## @param common.serviceAccount.automountServiceAccountToken Automount service account token for the server service account

250

251

automountServiceAccountToken: false

252

## Init containers parameters:

253

## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.

254

255

volumePermissions:

256

## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work)

257

258

enabled: false

259

## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry

260

## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name

261

## @skip volumePermissions.image.tag Init container volume-permissions image tag

262

## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag

263

## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy

264

## @param volumePermissions.image.pullSecrets Init container volume-permissions image pull secrets

265

266

image:

267

registry: cgr.dev

268

repository: chainguard-private/os-shell-iamguarded

269

tag: 1.0.0

270

digest: ""

271

pullPolicy: IfNotPresent

272

## Optionally specify an array of imagePullSecrets.

273

## Secrets must be manually created in the namespace.

274

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

275

## e.g:

276

## pullSecrets:

277

## - myRegistryKeySecretName

278

279

pullSecrets: []

280

## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).

281

## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15

282

283

resourcesPreset: "nano"

284

## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)

285

## Example:

286

## resources:

287

## requests:

288

## cpu: 2

289

## memory: 512Mi

290

## limits:

291

## cpu: 3

292

## memory: 1024Mi

293

294

resources: {}

295

## Kubernetes service type

296

## ref: https://kubernetes.io/docs/concepts/services-networking/service/

297

298

service:

299

## @param service.name Specify an explicit service name

300

301

302

## @param service.annotations Additional service annotations (evaluate as a template)

303

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

304

305

annotations: {}

306

## @param service.type Service type

307

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types

308

309

type: ClusterIP

310

## @param service.externalTrafficPolicy External traffic policy

311

## Enable client source IP preservation

312

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types

313

314

externalTrafficPolicy: Cluster

315

## @param service.ports.mongodb MongoDB® service port

316

317

ports:

318

mongodb: 27017

319

## @param service.clusterIP Static clusterIP or None for headless services

320

## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.16/#servicespec-v1-core

321

322

clusterIP: ""

323

## @param service.nodePorts.mongodb Specify the nodePort value for the LoadBalancer and NodePort service types.

324

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport

325

326

nodePorts:

327

mongodb: ""

328

## @param service.nodePorts.metrics Specify the metrics nodePort value for the LoadBalancer and NodePort service types.

329

330

metrics: ""

331

## @param service.externalIPs External IP list to use with ClusterIP service type

332

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips

333

334

externalIPs: []

335

## @param service.loadBalancerIP Static IP Address to use for LoadBalancer service type

336

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer

337

338

loadBalancerIP: ""

339

## @param service.loadBalancerSourceRanges List of IP ranges allowed access to load balancer (if supported)

340

## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service

341

342

loadBalancerSourceRanges: []

343

## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value)

344

345

extraPorts: []

346

## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"

347

## If "ClientIP", consecutive client requests will be directed to the same mongos Pod

348

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies

349

350

sessionAffinity: None

351

## @param service.sessionAffinityConfig Additional settings for the sessionAffinity

352

## sessionAffinityConfig:

353

## clientIP:

354

## timeoutSeconds: 300

355

356

sessionAffinityConfig: {}

357

## Headless service properties

358

359

headless:

360

## @param service.headless.annotations Annotations for the headless service.

361

362

annotations: {}

363

## Network Policies

364

## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/

365

366

networkPolicy:

367

## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created

368

369

enabled: true

370

## @param networkPolicy.allowExternal Don't require server label for connections

371

## The Policy model to apply. When set to false, only pods with the correct

372

## server label will have network access to the ports server is listening

373

## on. When true, server will accept connections from any source

374

## (with the correct destination port).

375

376

allowExternal: true

377

## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.

378

379

allowExternalEgress: true

380

## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy

381

## e.g:

382

## extraIngress:

383

## - ports:

384

## - port: 1234

385

## from:

386

## - podSelector:

387

## - matchLabels:

388

## - role: frontend

389

## - podSelector:

390

## - matchExpressions:

391

## - key: role

392

## operator: In

393

## values:

394

## - frontend

395

extraIngress: []

396

## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy

397

## e.g:

398

## extraEgress:

399

## - ports:

400

## - port: 1234

401

## to:

402

## - podSelector:

403

## - matchLabels:

404

## - role: frontend

405

## - podSelector:

406

## - matchExpressions:

407

## - key: role

408

## operator: In

409

## values:

410

## - frontend

411

412

extraEgress: []

413

## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces

414

## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces

415

416

ingressNSMatchLabels: {}

417

ingressNSPodMatchLabels: {}

418

## @section Config Server parameters

419

420

421

## Config Server replica set properties

422

## ref: https://docs.mongodb.com/manual/core/sharded-cluster-config-servers/

423

424

configsvr:

425

## @param configsvr.replicaCount Number of nodes in the replica set (the first node will be primary)

426

427

replicaCount: 1

428

## @param configsvr.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if configsvr.resources is set (configsvr.resources is recommended for production).

429

## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15

430

431

resourcesPreset: "small"

432

## @param configsvr.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)

433

## Example:

434

## resources:

435

## requests:

436

## cpu: 2

437

## memory: 512Mi

438

## limits:

439

## cpu: 3

440

## memory: 1024Mi

441

## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

442

443

resources: {}

444

## @param configsvr.automountServiceAccountToken Mount Service Account token in pod

445

446

automountServiceAccountToken: false

447

## @param configsvr.hostAliases Deployment pod host aliases

448

## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/

449

450

hostAliases: []

451

## @param configsvr.mongodbExtraFlags MongoDB® additional command line flags

452

## Can be used to specify command line flags, for example:

453

## mongodbExtraFlags:

454

## - "--wiredTigerCacheSizeGB=2"

455

456

mongodbExtraFlags: []

457

## @param configsvr.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template

458

## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods

459

460

topologySpreadConstraints: []

461

## @param configsvr.priorityClassName Pod priority class name

462

## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/

463

464

priorityClassName: ""

465

## @param configsvr.podAffinityPreset Config Server Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

466

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

467

468

podAffinityPreset: ""

469

## @param configsvr.podAntiAffinityPreset Config Server Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

470

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

471

472

podAntiAffinityPreset: soft

473

## Node affinity preset

474

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity

475

476

nodeAffinityPreset:

477

## @param configsvr.nodeAffinityPreset.type Config Server Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

478

479

type: ""

480

## @param configsvr.nodeAffinityPreset.key Config Server Node label key to match Ignored if `affinity` is set.

481

## E.g.

482

## key: "kubernetes.io/e2e-az-name"

483

484

key: ""

485

## @param configsvr.nodeAffinityPreset.values Config Server Node label values to match. Ignored if `affinity` is set.

486

## E.g.

487

## values:

488

## - e2e-az1

489

## - e2e-az2

490

491

values: []

492

## @param configsvr.affinity Config Server Affinity for pod assignment

493

## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

494

## Note: configsvr.podAffinityPreset, configsvr.podAntiAffinityPreset, and configsvr.nodeAffinityPreset will be ignored when it's set

495

496

affinity: {}

497

## @param configsvr.nodeSelector Config Server Node labels for pod assignment

498

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/

499

500

nodeSelector: {}

501

## @param configsvr.tolerations Config Server Tolerations for pod assignment

502

## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

503

504

tolerations: []

505

## @param configsvr.podManagementPolicy Statefulset's pod management policy, allows parallel startup of pods

506

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies

507

508

podManagementPolicy: OrderedReady

509

## @param configsvr.updateStrategy.type updateStrategy for MongoDB® Primary, Secondary and Arbiter statefulsets

510

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies

511

512

updateStrategy:

513

type: RollingUpdate

514

## @param configsvr.config MongoDB® configuration file

515

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

516

517

config: ""

518

## @param configsvr.configCM ConfigMap name with Config Server configuration file (cannot be used with configsvr.config)

519

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

520

521

configCM: ""

522

## @param configsvr.extraEnvVars An array to add extra env vars

523

## For example:

524

## extraEnvVars:

525

## - name: KIBANA_ELASTICSEARCH_URL

526

## value: test

527

528

extraEnvVars: []

529

## @param configsvr.extraEnvVarsCM Name of a ConfigMap containing extra env vars

530

531

extraEnvVarsCM: ""

532

## @param configsvr.extraEnvVarsSecret Name of a Secret containing extra env vars

533

534

extraEnvVarsSecret: ""

535

## @param configsvr.sidecars Add sidecars to the pod

536

## For example:

537

## sidecars:

538

## - name: your-image-name

539

## image: your-image

540

## imagePullPolicy: Always

541

## ports:

542

## - name: portname

543

## containerPort: 1234

544

545

sidecars: []

546

## @param configsvr.initContainers Add init containers to the pod

547

## For example:

548

## initcontainers:

549

## - name: your-image-name

550

## image: your-image

551

## imagePullPolicy: Always

552

553

initContainers: []

554

## @param configsvr.podAnnotations Additional pod annotations

555

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

556

557

podAnnotations: {}

558

## @param configsvr.podLabels Additional pod labels

559

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

560

561

podLabels: {}

562

## @param configsvr.extraVolumes Array to add extra volumes. Requires setting `extraVolumeMounts`

563

564

extraVolumes: []

565

## @param configsvr.extraVolumeMounts Array to add extra mounts (normally used with extraVolumes). Normally used with `extraVolumes`

566

567

extraVolumeMounts: []

568

## @param configsvr.schedulerName Use an alternate scheduler, e.g. "stork".

569

## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/

570

571

schedulerName: ""

572

## Pod disruption budget

573

574

pdb:

575

## @param configsvr.pdb.create Enable pod disruption budget

576

577

create: true

578

## @param configsvr.pdb.minAvailable Minimum number of available config pods allowed (`0` to disable)

579

580

minAvailable: 0

581

## @param configsvr.pdb.maxUnavailable Maximum number of unavailable config pods allowed (`0` to disable)

582

583

maxUnavailable: 1

584

## Enable persistence using Persistent Volume Claims

585

## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/

586

587

persistence:

588

## @param configsvr.persistence.enabled Use a PVC to persist data

589

590

enabled: true

591

## @param configsvr.persistence.mountPath Path to mount the volume at

592

## MongoDB® images.

593

594

mountPath: /iamguarded/mongodb

595

## @param configsvr.persistence.subPath Subdirectory of the volume to mount at (evaluated as a template)

596

## Useful in dev environments and one PV for multiple services.

597

598

subPath: ""

599

## @param configsvr.persistence.storageClass Storage class of backing PVC

600

## If defined, storageClassName: <storageClass>

601

## If set to "-", storageClassName: "", which disables dynamic provisioning

602

## If undefined (the default) or set to null, no storageClassName spec is

603

## set, choosing the default provisioner. (gp2 on AWS, standard on

604

## GKE, AWS & OpenStack)

605

606

storageClass: ""

607

## @param configsvr.persistence.accessModes Use volume as ReadOnly or ReadWrite

608

609

accessModes:

610

- ReadWriteOnce

611

## @param configsvr.persistence.size PersistentVolumeClaim size

612

613

size: 8Gi

614

## @param configsvr.persistence.annotations Persistent Volume annotations

615

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

616

617

annotations: {}

618

## @param configsvr.persistence.selector Selector to match an existing Persistent Volume for Config Server data PVC

619

## A label query over volumes to consider for binding (e.g. when using local volumes)

620

621

selector: {}

622

## Persistent Volume Claim Retention Policy

623

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention

624

625

persistentVolumeClaimRetentionPolicy:

626

## @param configsvr.persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for Config Server StatefulSet

627

628

enabled: false

629

## @param configsvr.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced

630

631

whenScaled: Retain

632

## @param configsvr.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted

633

634

whenDeleted: Retain

635

## K8s Service Account.

636

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

637

638

serviceAccount:

639

## @param configsvr.serviceAccount.create Specifies whether a ServiceAccount should be created for Config Server

640

641

create: true

642

## @param configsvr.serviceAccount.name Name of a Service Account to be used by Config Server

643

## If not set and create is true, a name is generated using the XXX.fullname template

644

645

646

## @param configsvr.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)

647

648

annotations: {}

649

## @param configsvr.serviceAccount.automountServiceAccountToken Automount service account token for the server service account

650

651

automountServiceAccountToken: false

652

## Use a external config server instead of deploying one

653

654

external:

655

## @param configsvr.external.host Primary node of an external Config Server replicaset

656

657

host: ""

658

## @param configsvr.external.rootPassword Root password of the external Config Server replicaset

659

660

rootPassword: ""

661

## @param configsvr.external.replicasetName Replicaset name of an external Config Server

662

663

replicasetName: ""

664

## @param configsvr.external.replicasetKey Replicaset key of an external Config Server

665

666

replicasetKey: ""

667

## Configure Pods Security Context

668

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

669

## @param configsvr.podSecurityContext.enabled Enable security context

670

## @param configsvr.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy

671

## @param configsvr.podSecurityContext.sysctls Set kernel settings using the sysctl interface

672

## @param configsvr.podSecurityContext.supplementalGroups Set filesystem extra groups

673

## @param configsvr.podSecurityContext.fsGroup Group ID for the container

674

675

podSecurityContext:

676

enabled: true

677

fsGroupChangePolicy: Always

678

sysctls: []

679

supplementalGroups: []

680

fsGroup: 1001

681

## Configure Container Security Context

682

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container

683

## @param configsvr.containerSecurityContext.enabled Enabled containers' Security Context

684

## @param configsvr.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container

685

## @param configsvr.containerSecurityContext.runAsUser Set containers' Security Context runAsUser

686

## @param configsvr.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup

687

## @param configsvr.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot

688

## @param configsvr.containerSecurityContext.privileged Set container's Security Context privileged

689

## @param configsvr.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem

690

## @param configsvr.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation

691

## @param configsvr.containerSecurityContext.capabilities.drop List of capabilities to be dropped

692

## @param configsvr.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile

693

694

containerSecurityContext:

695

enabled: true

696

seLinuxOptions: {}

697

runAsUser: 1001

698

runAsGroup: 1001

699

runAsNonRoot: true

700

privileged: false

701

readOnlyRootFilesystem: true

702

allowPrivilegeEscalation: false

703

capabilities:

704

drop: ["ALL"]

705

seccompProfile:

706

type: "RuntimeDefault"

707

## @param configsvr.command Override default container command (useful when using custom images)

708

709

command:

710

- /bin/bash

711

- /entrypoint/replicaset-entrypoint.sh

712

## @param configsvr.args Override default container args (useful when using custom images)

713

714

args: []

715

## @param configsvr.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully

716

## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods

717

718

terminationGracePeriodSeconds: ""

719

## @param configsvr.lifecycleHooks for the Config Server container(s) to automate configuration before or after startup

720

721

lifecycleHooks: {}

722

## Configure extra options for liveness probes

723

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

724

## @param configsvr.livenessProbe.enabled Enable livenessProbe

725

## @param configsvr.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe

726

## @param configsvr.livenessProbe.periodSeconds Period seconds for livenessProbe

727

## @param configsvr.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe

728

## @param configsvr.livenessProbe.failureThreshold Failure threshold for livenessProbe

729

## @param configsvr.livenessProbe.successThreshold Success threshold for livenessProbe

730

731

livenessProbe:

732

enabled: true

733

initialDelaySeconds: 60

734

periodSeconds: 30

735

timeoutSeconds: 20

736

failureThreshold: 2

737

successThreshold: 1

738

## Configure extra options for readiness probe

739

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

740

## @param configsvr.readinessProbe.enabled Enable readinessProbe

741

## @param configsvr.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe

742

## @param configsvr.readinessProbe.periodSeconds Period seconds for readinessProbe

743

## @param configsvr.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe

744

## @param configsvr.readinessProbe.failureThreshold Failure threshold for readinessProbe

745

## @param configsvr.readinessProbe.successThreshold Success threshold for readinessProbe

746

747

readinessProbe:

748

enabled: true

749

initialDelaySeconds: 10

750

periodSeconds: 30

751

timeoutSeconds: 20

752

failureThreshold: 6

753

successThreshold: 1

754

## Configure extra options for startup probe

755

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

756

## @param configsvr.startupProbe.enabled Enable startupProbe

757

## @param configsvr.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe

758

## @param configsvr.startupProbe.periodSeconds Period seconds for startupProbe

759

## @param configsvr.startupProbe.timeoutSeconds Timeout seconds for startupProbe

760

## @param configsvr.startupProbe.failureThreshold Failure threshold for startupProbe

761

## @param configsvr.startupProbe.successThreshold Success threshold for startupProbe

762

763

startupProbe:

764

enabled: true

765

initialDelaySeconds: 0

766

periodSeconds: 10

767

timeoutSeconds: 5

768

failureThreshold: 30

769

successThreshold: 1

770

## @param configsvr.customLivenessProbe Custom livenessProbe that overrides the default one

771

772

customLivenessProbe: {}

773

## @param configsvr.customReadinessProbe Custom readinessProbe that overrides the default one

774

775

customReadinessProbe: {}

776

## @param configsvr.customStartupProbe Custom startupProbe that overrides the default one

777

778

customStartupProbe: {}

779

## @section Mongos parameters

780

781

782

## Mongos properties

783

## ref: https://docs.mongodb.com/manual/reference/program/mongos/#bin.mongos

784

785

mongos:

786

## @param mongos.replicaCount Number of replicas

787

788

replicaCount: 1

789

## @param mongos.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if mongos.resources is set (mongos.resources is recommended for production).

790

## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15

791

792

resourcesPreset: "small"

793

## @param mongos.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)

794

## Example:

795

## resources:

796

## requests:

797

## cpu: 2

798

## memory: 512Mi

799

## limits:

800

## cpu: 3

801

## memory: 1024Mi

802

## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

803

804

resources: {}

805

## @param mongos.automountServiceAccountToken Mount Service Account token in pod

806

807

automountServiceAccountToken: false

808

## @param mongos.hostAliases Deployment pod host aliases

809

## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/

810

811

hostAliases: []

812

## @param mongos.mongodbExtraFlags MongoDB® additional command line flags

813

## Can be used to specify command line flags, for example:

814

## mongodbExtraFlags:

815

## - "--wiredTigerCacheSizeGB=2"

816

817

mongodbExtraFlags: []

818

## @param mongos.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template

819

## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods

820

821

topologySpreadConstraints: []

822

## @param mongos.priorityClassName Pod priority class name

823

## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/

824

825

priorityClassName: ""

826

## @param mongos.podAffinityPreset Mongos Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

827

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

828

829

podAffinityPreset: ""

830

## @param mongos.podAntiAffinityPreset Mongos Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

831

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

832

833

podAntiAffinityPreset: soft

834

## Node affinity preset

835

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity

836

837

nodeAffinityPreset:

838

## @param mongos.nodeAffinityPreset.type Mongos Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

839

840

type: ""

841

## @param mongos.nodeAffinityPreset.key Mongos Node label key to match Ignored if `affinity` is set.

842

## E.g.

843

## key: "kubernetes.io/e2e-az-name"

844

845

key: ""

846

## @param mongos.nodeAffinityPreset.values Mongos Node label values to match. Ignored if `affinity` is set.

847

## E.g.

848

## values:

849

## - e2e-az1

850

## - e2e-az2

851

852

values: []

853

## @param mongos.affinity Mongos Affinity for pod assignment

854

## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

855

## Note: mongos.podAffinityPreset, mongos.podAntiAffinityPreset, and mongos.nodeAffinityPreset will be ignored when it's set

856

857

affinity: {}

858

## @param mongos.nodeSelector Mongos Node labels for pod assignment

859

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/

860

861

nodeSelector: {}

862

## @param mongos.tolerations Mongos Tolerations for pod assignment

863

## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

864

865

tolerations: []

866

## @param mongos.podManagementPolicy Statefulsets pod management policy, allows parallel startup of pods

867

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies

868

869

podManagementPolicy: OrderedReady

870

## @param mongos.updateStrategy.type updateStrategy for MongoDB® Primary, Secondary and Arbiter statefulsets

871

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies

872

873

updateStrategy:

874

type: RollingUpdate

875

## @param mongos.config MongoDB® configuration file

876

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

877

878

config: ""

879

## @param mongos.configCM ConfigMap name with MongoDB® configuration file (cannot be used with mongos.config)

880

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

881

882

configCM: ""

883

## @param mongos.extraEnvVars An array to add extra env vars

884

## For example:

885

## extraEnvVars:

886

## - name: KIBANA_ELASTICSEARCH_URL

887

## value: test

888

889

extraEnvVars: []

890

## @param mongos.extraEnvVarsCM Name of a ConfigMap containing extra env vars

891

892

extraEnvVarsCM: ""

893

## @param mongos.extraEnvVarsSecret Name of a Secret containing extra env vars

894

895

extraEnvVarsSecret: ""

896

## @param mongos.sidecars Add sidecars to the pod

897

## For example:

898

## sidecars:

899

## - name: your-image-name

900

## image: your-image

901

## imagePullPolicy: Always

902

## ports:

903

## - name: portname

904

## containerPort: 1234

905

906

sidecars: []

907

## @param mongos.initContainers Add init containers to the pod

908

## For example:

909

## initcontainers:

910

## - name: your-image-name

911

## image: your-image

912

## imagePullPolicy: Always

913

914

initContainers: []

915

## @param mongos.podAnnotations Additional pod annotations

916

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

917

918

podAnnotations: {}

919

## @param mongos.podLabels Additional pod labels

920

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

921

922

podLabels: {}

923

## @param mongos.extraVolumes Array to add extra volumes. Requires setting `extraVolumeMounts`

924

925

extraVolumes: []

926

## @param mongos.extraVolumeMounts Array to add extra volume mounts. Normally used with `extraVolumes`.

927

928

extraVolumeMounts: []

929

## @param mongos.schedulerName Use an alternate scheduler, e.g. "stork".

930

## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/

931

932

schedulerName: ""

933

## @param mongos.useStatefulSet Use StatefulSet instead of Deployment

934

935

useStatefulSet: false

936

## When using a statefulset, you can enable one service per replica

937

## This is useful when exposing the mongos through load balancers to make sure clients

938

## connect to the same mongos and therefore can follow their cursors

939

940

servicePerReplica:

941

## @param mongos.servicePerReplica.enabled Create one service per mongos replica (must be used with statefulset)

942

943

enabled: false

944

## @param mongos.servicePerReplica.annotations Additional service annotations (evaluate as a template)

945

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

946

947

annotations: {}

948

## @param mongos.servicePerReplica.type Service type

949

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types

950

951

type: ClusterIP

952

## @param mongos.servicePerReplica.externalTrafficPolicy External traffic policy

953

## Enable client source IP preservation

954

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types

955

956

externalTrafficPolicy: Cluster

957

## @param mongos.servicePerReplica.port MongoDB® service port

958

959

port: 27017

960

## @param mongos.servicePerReplica.clusterIPs Array of static clusterIPs for each MongoDB@reg; replica. Length must be the same as mongos.replicaCount

961

## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.16/#servicespec-v1-core

962

963

clusterIPs: []

964

## @param mongos.servicePerReplica.nodePorts Array of node ports used for each MongoDB@reg; replica. Length must be the same as mongos.replicaCount

965

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport

966

967

nodePorts: []

968

## @param mongos.servicePerReplica.externalIPs External IP list to use with ClusterIP service type

969

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips

970

971

externalIPs: []

972

## @param mongos.servicePerReplica.loadBalancerIPs Array of static IP Address to use for each replica LoadBalancer service type. Length must be the same as mongos.replicaCount

973

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer

974

975

loadBalancerIPs: []

976

## @param mongos.servicePerReplica.loadBalancerSourceRanges List of IP ranges allowed access to load balancer (if supported)

977

## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service

978

979

loadBalancerSourceRanges: []

980

## @param mongos.servicePerReplica.extraPorts Extra ports to expose (normally used with the `sidecar` value)

981

982

extraPorts: []

983

## @param mongos.servicePerReplica.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"

984

## If "ClientIP", consecutive client requests will be directed to the same mongos Pod

985

## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies

986

987

sessionAffinity: None

988

## @param mongos.servicePerReplica.sessionAffinityConfig Additional settings for the sessionAffinity

989

## sessionAffinityConfig:

990

## clientIP:

991

## timeoutSeconds: 300

992

993

sessionAffinityConfig: {}

994

## Pod disruption budget

995

996

pdb:

997

## @param mongos.pdb.create Enable pod disruption budget

998

999

create: true

1000

## @param mongos.pdb.minAvailable Minimum number of available mongo pods allowed (`0` to disable)

1001

1002

minAvailable: 0

1003

## @param mongos.pdb.maxUnavailable Maximum number of unavailable mongo pods allowed (`0` to disable)

1004

1005

maxUnavailable: 1

1006

## K8s Service Account.

1007

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

1008

1009

serviceAccount:

1010

## @param mongos.serviceAccount.create Whether to create a Service Account for mongos automatically

1011

1012

create: true

1013

## @param mongos.serviceAccount.name Name of a Service Account to be used by mongos

1014

## If not set and create is true, a name is generated using the XXX.fullname template

1015

1016

1017

## @param mongos.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)

1018

1019

annotations: {}

1020

## @param mongos.serviceAccount.automountServiceAccountToken Automount service account token for the server service account

1021

1022

automountServiceAccountToken: false

1023

## Configure Pods Security Context

1024

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

1025

## @param mongos.podSecurityContext.enabled Enable security context

1026

## @param mongos.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy

1027

## @param mongos.podSecurityContext.sysctls Set kernel settings using the sysctl interface

1028

## @param mongos.podSecurityContext.supplementalGroups Set filesystem extra groups

1029

## @param mongos.podSecurityContext.fsGroup Group ID for the container

1030

1031

podSecurityContext:

1032

enabled: true

1033

fsGroupChangePolicy: Always

1034

sysctls: []

1035

supplementalGroups: []

1036

fsGroup: 1001

1037

## Configure Container Security Context

1038

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container

1039

## @param mongos.containerSecurityContext.enabled Enabled containers' Security Context

1040

## @param mongos.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container

1041

## @param mongos.containerSecurityContext.runAsUser Set containers' Security Context runAsUser

1042

## @param mongos.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup

1043

## @param mongos.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot

1044

## @param mongos.containerSecurityContext.privileged Set container's Security Context privileged

1045

## @param mongos.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem

1046

## @param mongos.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation

1047

## @param mongos.containerSecurityContext.capabilities.drop List of capabilities to be dropped

1048

## @param mongos.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile

1049

1050

containerSecurityContext:

1051

enabled: true

1052

seLinuxOptions: {}

1053

runAsUser: 1001

1054

runAsGroup: 1001

1055

runAsNonRoot: true

1056

privileged: false

1057

readOnlyRootFilesystem: true

1058

allowPrivilegeEscalation: false

1059

capabilities:

1060

drop: ["ALL"]

1061

seccompProfile:

1062

type: "RuntimeDefault"

1063

## @param mongos.command Override default container command (useful when using custom images)

1064

1065

command: []

1066

## @param mongos.args Override default container args (useful when using custom images)

1067

1068

args: []

1069

## @param mongos.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully

1070

## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods

1071

1072

terminationGracePeriodSeconds: ""

1073

## @param mongos.lifecycleHooks for the Mongo container(s) to automate configuration before or after startup

1074

1075

lifecycleHooks: {}

1076

## Configure extra options for liveness probes

1077

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1078

## @param mongos.livenessProbe.enabled Enable livenessProbe

1079

## @param mongos.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe

1080

## @param mongos.livenessProbe.periodSeconds Period seconds for livenessProbe

1081

## @param mongos.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe

1082

## @param mongos.livenessProbe.failureThreshold Failure threshold for livenessProbe

1083

## @param mongos.livenessProbe.successThreshold Success threshold for livenessProbe

1084

1085

livenessProbe:

1086

enabled: true

1087

initialDelaySeconds: 60

1088

periodSeconds: 30

1089

timeoutSeconds: 20

1090

failureThreshold: 2

1091

successThreshold: 1

1092

## Configure extra options for readiness probe

1093

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1094

## @param mongos.readinessProbe.enabled Enable readinessProbe

1095

## @param mongos.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe

1096

## @param mongos.readinessProbe.periodSeconds Period seconds for readinessProbe

1097

## @param mongos.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe

1098

## @param mongos.readinessProbe.failureThreshold Failure threshold for readinessProbe

1099

## @param mongos.readinessProbe.successThreshold Success threshold for readinessProbe

1100

1101

readinessProbe:

1102

enabled: true

1103

initialDelaySeconds: 10

1104

periodSeconds: 30

1105

timeoutSeconds: 20

1106

failureThreshold: 6

1107

successThreshold: 1

1108

## Configure extra options for startup probe

1109

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1110

## @param mongos.startupProbe.enabled Enable startupProbe

1111

## @param mongos.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe

1112

## @param mongos.startupProbe.periodSeconds Period seconds for startupProbe

1113

## @param mongos.startupProbe.timeoutSeconds Timeout seconds for startupProbe

1114

## @param mongos.startupProbe.failureThreshold Failure threshold for startupProbe

1115

## @param mongos.startupProbe.successThreshold Success threshold for startupProbe

1116

1117

startupProbe:

1118

enabled: false

1119

initialDelaySeconds: 0

1120

periodSeconds: 10

1121

timeoutSeconds: 5

1122

failureThreshold: 30

1123

successThreshold: 1

1124

## @param mongos.customLivenessProbe Custom livenessProbe that overrides the default one

1125

1126

customLivenessProbe: {}

1127

## @param mongos.customReadinessProbe Custom readinessProbe that overrides the default one

1128

1129

customReadinessProbe: {}

1130

## @param mongos.customStartupProbe Custom startupProbe that overrides the default one

1131

1132

customStartupProbe: {}

1133

## @section Shard configuration: Data node parameters

1134

1135

1136

## Shard replica set properties

1137

## ref: https://docs.mongodb.com/manual/replication/index.html

1138

1139

shardsvr:

1140

## Properties for data nodes (primary and secondary)

1141

1142

dataNode:

1143

## @param shardsvr.dataNode.replicaCount Number of nodes in each shard replica set (the first node will be primary)

1144

1145

replicaCount: 1

1146

## @param shardsvr.dataNode.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if shardsvr.dataNode.resources is set (shardsvr.dataNode.resources is recommended for production).

1147

## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15

1148

1149

resourcesPreset: "medium"

1150

## @param shardsvr.dataNode.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)

1151

## Example:

1152

## resources:

1153

## requests:

1154

## cpu: 2

1155

## memory: 512Mi

1156

## limits:

1157

## cpu: 3

1158

## memory: 1024Mi

1159

## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

1160

1161

resources: {}

1162

## @param shardsvr.dataNode.mongodbExtraFlags MongoDB® additional command line flags

1163

## Can be used to specify command line flags, for example:

1164

## mongodbExtraFlags:

1165

## - "--wiredTigerCacheSizeGB=2"

1166

1167

mongodbExtraFlags: []

1168

## @param shardsvr.dataNode.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template

1169

## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods

1170

1171

topologySpreadConstraints: []

1172

## @param shardsvr.dataNode.priorityClassName Pod priority class name

1173

## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/

1174

1175

priorityClassName: ""

1176

## @param shardsvr.dataNode.podAffinityPreset Data nodes Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

1177

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

1178

1179

podAffinityPreset: ""

1180

## @param shardsvr.dataNode.podAntiAffinityPreset Data nodes Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

1181

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

1182

1183

podAntiAffinityPreset: soft

1184

## Node affinity preset

1185

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity

1186

1187

nodeAffinityPreset:

1188

## @param shardsvr.dataNode.nodeAffinityPreset.type Data nodes Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

1189

1190

type: ""

1191

## @param shardsvr.dataNode.nodeAffinityPreset.key Data nodes Node label key to match Ignored if `affinity` is set.

1192

## E.g.

1193

## key: "kubernetes.io/e2e-az-name"

1194

1195

key: ""

1196

## @param shardsvr.dataNode.nodeAffinityPreset.values Data nodes Node label values to match. Ignored if `affinity` is set.

1197

## E.g.

1198

## values:

1199

## - e2e-az1

1200

## - e2e-az2

1201

1202

values: []

1203

## @param shardsvr.dataNode.affinity Data nodes Affinity for pod assignment

1204

## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

1205

## You can set dataNodeLoopId (or any other parameter) by setting the below code block under this 'affinity' section:

1206

## affinity:

1207

## matchLabels:

1208

## shard: "{{ .dataNodeLoopId }}"

1209

1210

## Note: shardsvr.dataNode.podAffinityPreset, shardsvr.dataNode.podAntiAffinityPreset, and shardsvr.dataNode.nodeAffinityPreset will be ignored when it's set

1211

1212

affinity: {}

1213

## @param shardsvr.dataNode.nodeSelector Data nodes Node labels for pod assignment

1214

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/

1215

## You can set dataNodeLoopId (or any other parameter) by setting the below code block under this 'nodeSelector' section:

1216

## nodeSelector: { shardId: "{{ .dataNodeLoopId }}" }

1217

1218

nodeSelector: {}

1219

## @param shardsvr.dataNode.tolerations Data nodes Tolerations for pod assignment

1220

## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

1221

## You can set dataNodeLoopId (or any other parameter) by setting the below code block under this 'nodeSelector' section:

1222

## tolerations:

1223

## - key: "shardId"

1224

## operator: "Equal"

1225

## value: "{{ .dataNodeLoopId }}"

1226

## effect: "NoSchedule"

1227

1228

tolerations: []

1229

## @param shardsvr.dataNode.podManagementPolicy podManagementPolicy for the statefulset, allows parallel startup of pods

1230

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies

1231

1232

podManagementPolicy: OrderedReady

1233

## @param shardsvr.dataNode.updateStrategy.type updateStrategy for MongoDB® Primary, Secondary and Arbiter statefulsets

1234

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies

1235

1236

updateStrategy:

1237

type: RollingUpdate

1238

## @param shardsvr.dataNode.automountServiceAccountToken Mount Service Account token in pod

1239

1240

automountServiceAccountToken: false

1241

## @param shardsvr.dataNode.hostAliases Deployment pod host aliases

1242

## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/

1243

1244

hostAliases: []

1245

## @param shardsvr.dataNode.config Entries for the MongoDB® config file

1246

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

1247

1248

config: ""

1249

## @param shardsvr.dataNode.configCM ConfigMap name with MongoDB® configuration (cannot be used with shardsvr.dataNode.config)

1250

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

1251

1252

configCM: ""

1253

## @param shardsvr.dataNode.extraEnvVars An array to add extra env vars

1254

## For example:

1255

## extraEnvVars:

1256

## - name: KIBANA_ELASTICSEARCH_URL

1257

## value: test

1258

1259

extraEnvVars: []

1260

## @param shardsvr.dataNode.extraEnvVarsCM Name of a ConfigMap containing extra env vars

1261

1262

extraEnvVarsCM: ""

1263

## @param shardsvr.dataNode.extraEnvVarsSecret Name of a Secret containing extra env vars

1264

1265

extraEnvVarsSecret: ""

1266

## @param shardsvr.dataNode.sidecars Attach additional containers (evaluated as a template)

1267

## For example:

1268

## sidecars:

1269

## - name: your-image-name

1270

## image: your-image

1271

## imagePullPolicy: Always

1272

## ports:

1273

## - name: portname

1274

## containerPort: 1234

1275

1276

sidecars: []

1277

## @param shardsvr.dataNode.initContainers Add init containers to the pod

1278

## For example:

1279

## initcontainers:

1280

## - name: your-image-name

1281

## image: your-image

1282

## imagePullPolicy: Always

1283

1284

initContainers: []

1285

## @param shardsvr.dataNode.podAnnotations Additional pod annotations

1286

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

1287

1288

podAnnotations: {}

1289

## @param shardsvr.dataNode.podLabels Additional pod labels

1290

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

1291

1292

podLabels: {}

1293

## @param shardsvr.dataNode.extraVolumes Array to add extra volumes. Requires setting `extraVolumeMounts`

1294

1295

extraVolumes: []

1296

## @param shardsvr.dataNode.extraVolumeMounts Array to add extra mounts. Normally used with `extraVolumes`

1297

1298

extraVolumeMounts: []

1299

## @param shardsvr.dataNode.schedulerName Use an alternate scheduler, e.g. "stork".

1300

## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/

1301

1302

schedulerName: ""

1303

## Pod disruption budget

1304

1305

pdb:

1306

## @param shardsvr.dataNode.pdb.create Enable pod disruption budget

1307

1308

create: true

1309

## @param shardsvr.dataNode.pdb.minAvailable Minimum number of available data pods allowed (`0` to disable)

1310

1311

minAvailable: 0

1312

## @param shardsvr.dataNode.pdb.maxUnavailable Maximum number of unavailable data pods allowed (`0` to disable)

1313

1314

maxUnavailable: 1

1315

## K8s Service Account.

1316

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

1317

1318

serviceAccount:

1319

## @param shardsvr.dataNode.serviceAccount.create Specifies whether a ServiceAccount should be created for shardsvr

1320

1321

create: true

1322

## @param shardsvr.dataNode.serviceAccount.name Name of a Service Account to be used by shardsvr data pods

1323

## If not set and create is true, a name is generated using the XXX.fullname template

1324

1325

1326

## @param shardsvr.dataNode.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)

1327

1328

annotations: {}

1329

## @param shardsvr.dataNode.serviceAccount.automountServiceAccountToken Automount service account token for the server service account

1330

1331

automountServiceAccountToken: false

1332

## Configure Pods Security Context

1333

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

1334

## @param shardsvr.dataNode.podSecurityContext.enabled Enable security context

1335

## @param shardsvr.dataNode.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy

1336

## @param shardsvr.dataNode.podSecurityContext.sysctls Set kernel settings using the sysctl interface

1337

## @param shardsvr.dataNode.podSecurityContext.supplementalGroups Set filesystem extra groups

1338

## @param shardsvr.dataNode.podSecurityContext.fsGroup Group ID for the container

1339

1340

podSecurityContext:

1341

enabled: true

1342

fsGroupChangePolicy: Always

1343

sysctls: []

1344

supplementalGroups: []

1345

fsGroup: 1001

1346

## Configure Container Security Context

1347

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container

1348

## @param shardsvr.dataNode.containerSecurityContext.enabled Enabled containers' Security Context

1349

## @param shardsvr.dataNode.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container

1350

## @param shardsvr.dataNode.containerSecurityContext.runAsUser Set containers' Security Context runAsUser

1351

## @param shardsvr.dataNode.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup

1352

## @param shardsvr.dataNode.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot

1353

## @param shardsvr.dataNode.containerSecurityContext.privileged Set container's Security Context privileged

1354

## @param shardsvr.dataNode.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem

1355

## @param shardsvr.dataNode.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation

1356

## @param shardsvr.dataNode.containerSecurityContext.capabilities.drop List of capabilities to be dropped

1357

## @param shardsvr.dataNode.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile

1358

1359

containerSecurityContext:

1360

enabled: true

1361

seLinuxOptions: {}

1362

runAsUser: 1001

1363

runAsGroup: 1001

1364

runAsNonRoot: true

1365

privileged: false

1366

readOnlyRootFilesystem: true

1367

allowPrivilegeEscalation: false

1368

capabilities:

1369

drop: ["ALL"]

1370

seccompProfile:

1371

type: "RuntimeDefault"

1372

## @param shardsvr.dataNode.command Override default container command (useful when using custom images)

1373

1374

command:

1375

- /bin/bash

1376

- /entrypoint/replicaset-entrypoint.sh

1377

## @param shardsvr.dataNode.args Override default container args (useful when using custom images)

1378

1379

args: []

1380

## @param shardsvr.dataNode.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully

1381

## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods

1382

1383

terminationGracePeriodSeconds: ""

1384

## @param shardsvr.dataNode.lifecycleHooks for the Data container(s) to automate configuration before or after startup

1385

1386

lifecycleHooks: {}

1387

## Configure extra options for liveness probes

1388

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1389

## @param shardsvr.dataNode.livenessProbe.enabled Enable livenessProbe

1390

## @param shardsvr.dataNode.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe

1391

## @param shardsvr.dataNode.livenessProbe.periodSeconds Period seconds for livenessProbe

1392

## @param shardsvr.dataNode.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe

1393

## @param shardsvr.dataNode.livenessProbe.failureThreshold Failure threshold for livenessProbe

1394

## @param shardsvr.dataNode.livenessProbe.successThreshold Success threshold for livenessProbe

1395

1396

livenessProbe:

1397

enabled: true

1398

initialDelaySeconds: 60

1399

periodSeconds: 30

1400

timeoutSeconds: 20

1401

failureThreshold: 2

1402

successThreshold: 1

1403

## Configure extra options for readiness probe

1404

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1405

## @param shardsvr.dataNode.readinessProbe.enabled Enable readinessProbe

1406

## @param shardsvr.dataNode.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe

1407

## @param shardsvr.dataNode.readinessProbe.periodSeconds Period seconds for readinessProbe

1408

## @param shardsvr.dataNode.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe

1409

## @param shardsvr.dataNode.readinessProbe.failureThreshold Failure threshold for readinessProbe

1410

## @param shardsvr.dataNode.readinessProbe.successThreshold Success threshold for readinessProbe

1411

1412

readinessProbe:

1413

enabled: true

1414

initialDelaySeconds: 10

1415

periodSeconds: 30

1416

timeoutSeconds: 20

1417

failureThreshold: 6

1418

successThreshold: 1

1419

## Configure extra options for startup probe

1420

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1421

## @param shardsvr.dataNode.startupProbe.enabled Enable startupProbe

1422

## @param shardsvr.dataNode.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe

1423

## @param shardsvr.dataNode.startupProbe.periodSeconds Period seconds for startupProbe

1424

## @param shardsvr.dataNode.startupProbe.timeoutSeconds Timeout seconds for startupProbe

1425

## @param shardsvr.dataNode.startupProbe.failureThreshold Failure threshold for startupProbe

1426

## @param shardsvr.dataNode.startupProbe.successThreshold Success threshold for startupProbe

1427

1428

startupProbe:

1429

enabled: false

1430

initialDelaySeconds: 0

1431

periodSeconds: 10

1432

timeoutSeconds: 5

1433

failureThreshold: 30

1434

successThreshold: 1

1435

## @param shardsvr.dataNode.customLivenessProbe Custom livenessProbe that overrides the default one

1436

1437

customLivenessProbe: {}

1438

## @param shardsvr.dataNode.customReadinessProbe Custom readinessProbe that overrides the default one

1439

1440

customReadinessProbe: {}

1441

## @param shardsvr.dataNode.customStartupProbe Custom startupProbe that overrides the default one

1442

1443

customStartupProbe: {}

1444

## @section Shard configuration: Persistence parameters

1445

1446

1447

## Enable persistence using Persistent Volume Claims

1448

## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/

1449

1450

persistence:

1451

## @param shardsvr.persistence.enabled Use a PVC to persist data

1452

1453

enabled: true

1454

## @param shardsvr.persistence.mountPath The path the volume will be mounted at, useful when using different MongoDB® images.

1455

1456

mountPath: /iamguarded/mongodb

1457

## @param shardsvr.persistence.subPath Subdirectory of the volume to mount at (evaluated as a template)

1458

## Useful in development environments and one PV for multiple services.

1459

1460

subPath: ""

1461

## @param shardsvr.persistence.storageClass Storage class of backing PVC

1462

## If defined, storageClassName: <storageClass>

1463

## If set to "-", storageClassName: "", which disables dynamic provisioning

1464

## If undefined (the default) or set to null, no storageClassName spec is

1465

## set, choosing the default provisioner. (gp2 on AWS, standard on

1466

## GKE, AWS & OpenStack)

1467

1468

storageClass: ""

1469

## @param shardsvr.persistence.accessModes Use volume as ReadOnly or ReadWrite

1470

1471

accessModes:

1472

- ReadWriteOnce

1473

## @param shardsvr.persistence.size PersistentVolumeClaim size

1474

1475

size: 8Gi

1476

## @param shardsvr.persistence.annotations Additional volume annotations

1477

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

1478

1479

annotations: {}

1480

## @param shardsvr.persistence.selector Selector to match an existing Persistent Volume for Shard data PVC

1481

## A label query over volumes to consider for binding (e.g. when using local volumes)

1482

## Selector can be defined with static and dynamic options:

1483

## selector:

1484

## matchLabels:

1485

## app: web

1486

## shard: shard{{ .Index }}

1487

1488

## shard{{ .Index }} will be substituted to shard0, shard1 accordingly

1489

1490

selector: {}

1491

## Persistent Volume Claim Retention Policy

1492

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention

1493

1494

persistentVolumeClaimRetentionPolicy:

1495

## @param shardsvr.persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for Shard replicas StatefulSet

1496

1497

enabled: false

1498

## @param shardsvr.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced

1499

1500

whenScaled: Retain

1501

## @param shardsvr.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted

1502

1503

whenDeleted: Retain

1504

## @section Shard configuration: Arbiter parameters

1505

1506

1507

## Properties for arbiter nodes

1508

## ref: https://docs.mongodb.com/manual/tutorial/add-replica-set-arbiter/

1509

1510

arbiter:

1511

## @param shardsvr.arbiter.replicaCount Number of arbiters in each shard replica set (the first node will be primary)

1512

1513

replicaCount: 0

1514

## @param shardsvr.arbiter.automountServiceAccountToken Mount Service Account token in pod

1515

1516

automountServiceAccountToken: false

1517

## @param shardsvr.arbiter.hostAliases Deployment pod host aliases

1518

## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/

1519

1520

hostAliases: []

1521

## @param shardsvr.arbiter.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if shardsvr.arbiter.resources is set (shardsvr.arbiter.resources is recommended for production).

1522

## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15

1523

1524

resourcesPreset: "small"

1525

## @param shardsvr.arbiter.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)

1526

## Example:

1527

## resources:

1528

## requests:

1529

## cpu: 2

1530

## memory: 512Mi

1531

## limits:

1532

## cpu: 3

1533

## memory: 1024Mi

1534

## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

1535

1536

resources: {}

1537

## @param shardsvr.arbiter.mongodbExtraFlags MongoDB® additional command line flags

1538

## Can be used to specify command line flags, for example:

1539

## mongodbExtraFlags:

1540

## - "--wiredTigerCacheSizeGB=2"

1541

1542

mongodbExtraFlags: []

1543

## @param shardsvr.arbiter.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template

1544

## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods

1545

1546

topologySpreadConstraints: []

1547

## @param shardsvr.arbiter.priorityClassName Pod priority class name

1548

## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/

1549

1550

priorityClassName: ""

1551

## @param shardsvr.arbiter.podAffinityPreset Arbiter's Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

1552

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

1553

1554

podAffinityPreset: ""

1555

## @param shardsvr.arbiter.podAntiAffinityPreset Arbiter's Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

1556

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity

1557

1558

podAntiAffinityPreset: soft

1559

## Node affinity preset

1560

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity

1561

1562

nodeAffinityPreset:

1563

## @param shardsvr.arbiter.nodeAffinityPreset.type Arbiter's Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`

1564

1565

type: ""

1566

## @param shardsvr.arbiter.nodeAffinityPreset.key Arbiter's Node label key to match Ignored if `affinity` is set.

1567

## E.g.

1568

## key: "kubernetes.io/e2e-az-name"

1569

1570

key: ""

1571

## @param shardsvr.arbiter.nodeAffinityPreset.values Arbiter's Node label values to match. Ignored if `affinity` is set.

1572

## E.g.

1573

## values:

1574

## - e2e-az1

1575

## - e2e-az2

1576

1577

values: []

1578

## @param shardsvr.arbiter.affinity Arbiter's Affinity for pod assignment

1579

## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

1580

## You can set arbiterLoopId (or any other parameter) by setting the below code block under this 'affinity' section:

1581

## affinity:

1582

## matchLabels:

1583

## shard: "{{ .arbiterLoopId }}"

1584

1585

## Note: shardsvr.arbiter.podAffinityPreset, shardsvr.arbiter.podAntiAffinityPreset, and shardsvr.arbiter.nodeAffinityPreset will be ignored when it's set

1586

1587

affinity: {}

1588

## @param shardsvr.arbiter.nodeSelector Arbiter's Node labels for pod assignment

1589

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/

1590

1591

nodeSelector: {}

1592

## @param shardsvr.arbiter.tolerations Arbiter's Tolerations for pod assignment

1593

## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

1594

1595

tolerations: []

1596

## @param shardsvr.arbiter.podManagementPolicy Statefulset's pod management policy, allows parallel startup of pods

1597

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies

1598

1599

podManagementPolicy: OrderedReady

1600

## @param shardsvr.arbiter.updateStrategy.type updateStrategy for MongoDB® Primary, Secondary and Arbiter statefulsets

1601

## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies

1602

1603

updateStrategy:

1604

type: RollingUpdate

1605

## @param shardsvr.arbiter.config MongoDB® configuration file

1606

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

1607

1608

config: ""

1609

## @param shardsvr.arbiter.configCM ConfigMap name with MongoDB® configuration file (cannot be used with shardsvr.arbiter.config)

1610

## ref: http://docs.mongodb.org/manual/reference/configuration-options/

1611

1612

configCM: ""

1613

## @param shardsvr.arbiter.extraEnvVars An array to add extra env vars

1614

## For example:

1615

## extraEnvVars:

1616

## - name: KIBANA_ELASTICSEARCH_URL

1617

## value: test

1618

1619

extraEnvVars: []

1620

## @param shardsvr.arbiter.extraEnvVarsCM Name of a ConfigMap containing extra env vars

1621

1622

extraEnvVarsCM: ""

1623

## @param shardsvr.arbiter.extraEnvVarsSecret Name of a Secret containing extra env vars

1624

1625

extraEnvVarsSecret: ""

1626

## @param shardsvr.arbiter.sidecars Add sidecars to the pod

1627

## For example:

1628

## sidecars:

1629

## - name: your-image-name

1630

## image: your-image

1631

## imagePullPolicy: Always

1632

## ports:

1633

## - name: portname

1634

## containerPort: 1234

1635

1636

sidecars: []

1637

## @param shardsvr.arbiter.initContainers Add init containers to the pod

1638

## For example:

1639

## initcontainers:

1640

## - name: your-image-name

1641

## image: your-image

1642

## imagePullPolicy: Always

1643

1644

initContainers: []

1645

## @param shardsvr.arbiter.podAnnotations Additional pod annotations

1646

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

1647

1648

podAnnotations: {}

1649

## @param shardsvr.arbiter.podLabels Additional pod labels

1650

## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

1651

1652

podLabels: {}

1653

## @param shardsvr.arbiter.extraVolumes Array to add extra volumes

1654

1655

extraVolumes: []

1656

## @param shardsvr.arbiter.extraVolumeMounts Array to add extra mounts (normally used with extraVolumes)

1657

1658

extraVolumeMounts: []

1659

## @param shardsvr.arbiter.schedulerName Use an alternate scheduler, e.g. "stork".

1660

## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/

1661

1662

schedulerName: ""

1663

## K8s Service Account.

1664

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

1665

1666

serviceAccount:

1667

## @param shardsvr.arbiter.serviceAccount.create Specifies whether a ServiceAccount should be created for shardsvr arbiter nodes

1668

1669

create: true

1670

## @param shardsvr.arbiter.serviceAccount.name Name of a Service Account to be used by shardsvr arbiter pods

1671

## If not set and create is true, a name is generated using the XXX.fullname template

1672

1673

1674

## @param shardsvr.arbiter.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)

1675

1676

annotations: {}

1677

## @param shardsvr.arbiter.serviceAccount.automountServiceAccountToken Automount service account token for the server service account

1678

1679

automountServiceAccountToken: false

1680

## Configure Pods Security Context

1681

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

1682

## @param shardsvr.arbiter.podSecurityContext.enabled Enable security context

1683

## @param shardsvr.arbiter.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy

1684

## @param shardsvr.arbiter.podSecurityContext.sysctls Set kernel settings using the sysctl interface

1685

## @param shardsvr.arbiter.podSecurityContext.supplementalGroups Set filesystem extra groups

1686

## @param shardsvr.arbiter.podSecurityContext.fsGroup Group ID for the container

1687

1688

podSecurityContext:

1689

enabled: true

1690

fsGroupChangePolicy: Always

1691

sysctls: []

1692

supplementalGroups: []

1693

fsGroup: 1001

1694

## Configure Container Security Context

1695

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container

1696

## @param shardsvr.arbiter.containerSecurityContext.enabled Enabled containers' Security Context

1697

## @param shardsvr.arbiter.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container

1698

## @param shardsvr.arbiter.containerSecurityContext.runAsUser Set containers' Security Context runAsUser

1699

## @param shardsvr.arbiter.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup

1700

## @param shardsvr.arbiter.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot

1701

## @param shardsvr.arbiter.containerSecurityContext.privileged Set container's Security Context privileged

1702

## @param shardsvr.arbiter.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem

1703

## @param shardsvr.arbiter.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation

1704

## @param shardsvr.arbiter.containerSecurityContext.capabilities.drop List of capabilities to be dropped

1705

## @param shardsvr.arbiter.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile

1706

1707

containerSecurityContext:

1708

enabled: true

1709

seLinuxOptions: {}

1710

runAsUser: 1001

1711

runAsGroup: 1001

1712

runAsNonRoot: true

1713

privileged: false

1714

readOnlyRootFilesystem: true

1715

allowPrivilegeEscalation: false

1716

capabilities:

1717

drop: ["ALL"]

1718

seccompProfile:

1719

type: "RuntimeDefault"

1720

## @param shardsvr.arbiter.command Override default container command (useful when using custom images)

1721

1722

command: []

1723

## @param shardsvr.arbiter.args Override default container args (useful when using custom images)

1724

1725

args: []

1726

## @param shardsvr.arbiter.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully

1727

## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods

1728

1729

terminationGracePeriodSeconds: ""

1730

## @param shardsvr.arbiter.lifecycleHooks for the arbiter container(s) to automate configuration before or after startup

1731

1732

lifecycleHooks: {}

1733

## Configure extra options for liveness probes

1734

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1735

## @param shardsvr.arbiter.livenessProbe.enabled Enable livenessProbe

1736

## @param shardsvr.arbiter.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe

1737

## @param shardsvr.arbiter.livenessProbe.periodSeconds Period seconds for livenessProbe

1738

## @param shardsvr.arbiter.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe

1739

## @param shardsvr.arbiter.livenessProbe.failureThreshold Failure threshold for livenessProbe

1740

## @param shardsvr.arbiter.livenessProbe.successThreshold Success threshold for livenessProbe

1741

1742

livenessProbe:

1743

enabled: true

1744

initialDelaySeconds: 60

1745

periodSeconds: 30

1746

timeoutSeconds: 20

1747

failureThreshold: 2

1748

successThreshold: 1

1749

## Configure extra options for readiness probe

1750

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1751

## @param shardsvr.arbiter.readinessProbe.enabled Enable readinessProbe

1752

## @param shardsvr.arbiter.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe

1753

## @param shardsvr.arbiter.readinessProbe.periodSeconds Period seconds for readinessProbe

1754

## @param shardsvr.arbiter.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe

1755

## @param shardsvr.arbiter.readinessProbe.failureThreshold Failure threshold for readinessProbe

1756

## @param shardsvr.arbiter.readinessProbe.successThreshold Success threshold for readinessProbe

1757

1758

readinessProbe:

1759

enabled: true

1760

initialDelaySeconds: 10

1761

periodSeconds: 30

1762

timeoutSeconds: 20

1763

failureThreshold: 6

1764

successThreshold: 1

1765

## Configure extra options for startup probe

1766

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1767

## @param shardsvr.arbiter.startupProbe.enabled Enable startupProbe

1768

## @param shardsvr.arbiter.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe

1769

## @param shardsvr.arbiter.startupProbe.periodSeconds Period seconds for startupProbe

1770

## @param shardsvr.arbiter.startupProbe.timeoutSeconds Timeout seconds for startupProbe

1771

## @param shardsvr.arbiter.startupProbe.failureThreshold Failure threshold for startupProbe

1772

## @param shardsvr.arbiter.startupProbe.successThreshold Success threshold for startupProbe

1773

1774

startupProbe:

1775

enabled: false

1776

initialDelaySeconds: 0

1777

periodSeconds: 10

1778

timeoutSeconds: 5

1779

failureThreshold: 30

1780

successThreshold: 1

1781

## @param shardsvr.arbiter.customLivenessProbe Custom livenessProbe that overrides the default one

1782

1783

customLivenessProbe: {}

1784

## @param shardsvr.arbiter.customReadinessProbe Custom readinessProbe that overrides the default one

1785

1786

customReadinessProbe: {}

1787

## @param shardsvr.arbiter.customStartupProbe Custom startupProbe that overrides the default one

1788

1789

customStartupProbe: {}

1790

## @section Metrics parameters

1791

1792

1793

metrics:

1794

## @param metrics.enabled Start a side-car prometheus exporter

1795

1796

enabled: false

1797

## @param metrics.image.registry [default: REGISTRY_NAME] MongoDB® exporter image registry

1798

## @param metrics.image.repository [default: REPOSITORY_NAME/mongodb-exporter] MongoDB® exporter image name

1799

## @skip metrics.image.tag MongoDB® exporter image tag

1800

## @param metrics.image.digest MongoDB® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag

1801

## @param metrics.image.pullPolicy MongoDB® exporter image pull policy

1802

## @param metrics.image.pullSecrets MongoDB® exporter image pull secrets

1803

1804

image:

1805

registry: cgr.dev

1806

repository: chainguard-private/prometheus-mongodb-exporter-iamguarded

1807

tag: 0.49.0

1808

digest: ""

1809

pullPolicy: Always

1810

## Optionally specify an array of imagePullSecrets.

1811

## Secrets must be manually created in the namespace.

1812

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

1813

## e.g:

1814

## pullSecrets:

1815

## - myRegistryKeySecretName

1816

1817

pullSecrets: []

1818

## @param metrics.useTLS Whether to connect to MongoDB® with TLS

1819

1820

useTLS: false

1821

## @param metrics.extraArgs String with extra arguments to the metrics exporter

1822

## ref: https://github.com/percona/mongodb_exporter/blob/main/main.go

1823

1824

extraArgs: ""

1825

## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production).

1826

## More information: https://github.com/iamguarded/charts/blob/main/iamguarded/common/templates/_resources.tpl#L15

1827

1828

resourcesPreset: "nano"

1829

## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)

1830

## Example:

1831

## resources:

1832

## requests:

1833

## cpu: 2

1834

## memory: 512Mi

1835

## limits:

1836

## cpu: 3

1837

## memory: 1024Mi

1838

## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

1839

1840

resources: {}

1841

## Configure Container Security Context

1842

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container

1843

## @param metrics.containerSecurityContext.enabled Enabled containers' Security Context

1844

## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container

1845

## @param metrics.containerSecurityContext.runAsUser Set containers' Security Context runAsUser

1846

## @param metrics.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup

1847

## @param metrics.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot

1848

## @param metrics.containerSecurityContext.privileged Set container's Security Context privileged

1849

## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem

1850

## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation

1851

## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped

1852

## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile

1853

1854

containerSecurityContext:

1855

enabled: true

1856

seLinuxOptions: {}

1857

runAsUser: 1001

1858

runAsGroup: 1001

1859

runAsNonRoot: true

1860

privileged: false

1861

readOnlyRootFilesystem: true

1862

allowPrivilegeEscalation: false

1863

capabilities:

1864

drop: ["ALL"]

1865

seccompProfile:

1866

type: "RuntimeDefault"

1867

## Metrics exporter liveness probe

1868

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)

1869

## @param metrics.livenessProbe.enabled Enable livenessProbe

1870

## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe

1871

## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe

1872

## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe

1873

## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe

1874

## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe

1875

1876

livenessProbe:

1877

enabled: false

1878

initialDelaySeconds: 15

1879

periodSeconds: 5

1880

timeoutSeconds: 5

1881

failureThreshold: 3

1882

successThreshold: 1

1883

## Metrics exporter liveness and readiness probes

1884

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)

1885

## @param metrics.readinessProbe.enabled Enable readinessProbe

1886

## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe

1887

## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe

1888

## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe

1889

## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe

1890

## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe

1891

1892

readinessProbe:

1893

enabled: false

1894

initialDelaySeconds: 5

1895

periodSeconds: 5

1896

timeoutSeconds: 1

1897

failureThreshold: 3

1898

successThreshold: 1

1899

## Configure extra options for startup probe

1900

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes

1901

## @param metrics.startupProbe.enabled Enable startupProbe

1902

## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe

1903

## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe

1904

## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe

1905

## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe

1906

## @param metrics.startupProbe.successThreshold Success threshold for startupProbe

1907

1908

startupProbe:

1909

enabled: false

1910

initialDelaySeconds: 0

1911

periodSeconds: 5

1912

timeoutSeconds: 2

1913

failureThreshold: 15

1914

successThreshold: 1

1915

## @param metrics.customLivenessProbe Custom livenessProbe that overrides the default one

1916

1917

customLivenessProbe: {}

1918

## @param metrics.customReadinessProbe Custom readinessProbe that overrides the default one

1919

1920

customReadinessProbe: {}

1921

## @param metrics.customStartupProbe Custom startupProbe that overrides the default one

1922

1923

customStartupProbe: {}

1924

## @param metrics.containerPorts.metrics Port of the Prometheus metrics container

1925

1926

containerPorts:

1927

metrics: 9216

1928

## @param metrics.podAnnotations [object] Metrics exporter pod Annotation

1929

1930

podAnnotations:

1931

prometheus.io/scrape: "true"

1932

prometheus.io/port: "{{ .Values.metrics.containerPort }}"

1933

## Prometheus Service Monitor

1934

## ref: https://github.com/coreos/prometheus-operator

1935

## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint

1936

1937

podMonitor:

1938

## @param metrics.podMonitor.enabled Create PodMonitor Resource for scraping metrics using PrometheusOperator

1939

1940

enabled: false

1941

## @param metrics.podMonitor.namespace Namespace where podmonitor resource should be created

1942

1943

namespace: monitoring

1944

## @param metrics.podMonitor.interval Specify the interval at which metrics should be scraped

1945

1946

interval: 30s

1947

## @param metrics.podMonitor.scrapeTimeout Specify the timeout after which the scrape is ended

1948

## e.g:

1949

## scrapeTimeout: 30s

1950

1951

scrapeTimeout: ""

1952

## @param metrics.podMonitor.additionalLabels Additional labels that can be used so PodMonitors will be discovered by Prometheus

1953

## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec

1954

1955

additionalLabels: {}

1956

The trusted source for open source

Talk to an expert

Privacy

Terms

mongodb-sharded

The trusted source for open source

Product

Solutions

Customers

Resources

Company