solr
Helm chart
iamguarded
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# This file has been modified by Chainguard, Inc.
2
#
3
# Copyright Chainguard, Inc. All Rights Reserved.
4
# Chainguard, Inc. modifications are subject to the license
5
# available at: https://www.chainguard.dev/legal/software-license-agreement
6
#
7
# Copyright Broadcom, Inc. All Rights Reserved.
8
# SPDX-License-Identifier: APACHE-2.0
9
10
## @section Global parameters
11
## Global Docker image parameters
12
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
13
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
14
##
15
16
## @param global.imageRegistry Global Docker image registry
17
## @param global.imagePullSecrets Global Docker registry secret names as an array
18
## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)
19
## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead
20
##
21
global:
22
imageRegistry: ""
23
## E.g.
24
## imagePullSecrets:
25
## - myRegistryKeySecretName
26
##
27
imagePullSecrets: []
28
defaultStorageClass: ""
29
storageClass: ""
30
## Security parameters
31
##
32
security:
33
## @param global.security.allowInsecureImages Allows skipping image verification
34
allowInsecureImages: false
35
## Compatibility adaptations for Kubernetes platforms
36
##
37
compatibility:
38
## Compatibility adaptations for Openshift
39
##
40
openshift:
41
## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
42
##
43
adaptSecurityContext: auto
44
org: ""
45
## @section Common parameters
46
##
47
48
## @param kubeVersion Override Kubernetes version
49
##
50
kubeVersion: ""
51
## @param nameOverride String to partially override common.names.fullname template (will maintain the release name)
52
##
53
nameOverride: ""
54
## @param fullnameOverride String to fully override common.names.fullname template
55
##
56
fullnameOverride: ""
57
## @param clusterDomain Kubernetes cluster domain
58
##
59
clusterDomain: cluster.local
60
## @param commonLabels Add labels to all the deployed resources
61
##
62
commonLabels: {}
63
## @param commonAnnotations Add annotations to all the deployed resources
64
##
65
commonAnnotations: {}
66
## @param extraDeploy Extra objects to deploy (value evaluated as a template)
67
##
68
extraDeploy: []
69
## @param usePasswordFiles Mount credentials as files instead of using environment variables
70
##
71
usePasswordFiles: true
72
## Enable diagnostic mode in the statefulset
73
##
74
diagnosticMode:
75
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
76
##
77
enabled: false
78
## @param diagnosticMode.command Command to override all containers in the statefulset
79
##
80
command:
81
- sleep
82
## @param diagnosticMode.args Args to override all containers in the statefulset
83
##
84
args:
85
- infinity
86
## @section Solr parameters
87
##
88
89
## Iamguarded Solr image version
90
## @param image.registry [default: REGISTRY_NAME] Solr image registry
91
## @param image.repository [default: REPOSITORY_NAME/solr] Solr image repository
92
## @skip image.tag Solr image tag (immutable tags are recommended)
93
## @param image.digest Solr image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
94
## @param image.pullPolicy image pull policy
95
## @param image.pullSecrets Specify docker-registry secret names as an array
96
## @param image.debug Specify if debug values should be set
97
##
98
image:
99
registry: cgr.dev
100
repository: chainguard-private/solr-iamguarded
101
tag: 9.10.1
102
digest: ""
103
## Specify a imagePullPolicy
104
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
105
##
106
pullPolicy: IfNotPresent
107
## Optionally specify an array of imagePullSecrets.
108
## Secrets must be manually created in the namespace.
109
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
110
## e.g:
111
## pullSecrets:
112
## - myRegistryKeySecretName
113
##
114
pullSecrets: []
115
## Set to true if you would like to see extra information on logs
116
##
117
debug: false
118
auth:
119
## @param auth.enabled Enable Solr authentication
120
##
121
enabled: true
122
## @param auth.adminUsername Solr admin username
123
##
124
adminUsername: admin
125
## @param auth.adminPassword Solr admin password. Autogenerated if not provided.
126
##
127
adminPassword: ""
128
## @param auth.existingSecret Existing secret with Solr password
129
##
130
existingSecret: ""
131
## @param auth.existingSecretPasswordKey Password key to be retrieved from existing secret
132
## NOTE: ignored unless `auth.existingSecret` parameter is set
133
##
134
existingSecretPasswordKey: "solr-password"
135
## @param coreNames Solr core names to be created
136
##
137
coreNames:
138
- my-core
139
## @param cloudEnabled Enable Solr cloud mode
140
##
141
cloudEnabled: true
142
## @param cloudBootstrap Enable cloud bootstrap. It will be performed from the node 0.
143
##
144
cloudBootstrap: true
145
## @param collection Solr collection name
146
##
147
collection: my-collection
148
## @param collectionShards Number of collection shards
149
##
150
collectionShards: 1
151
## @param collectionReplicas Number of collection replicas
152
##
153
collectionReplicas: 2
154
## @param serverDirectory Name of the created directory for the server
155
##
156
serverDirectory: "server"
157
## @param javaMem Java memory options to pass to the Solr container
158
##
159
javaMem: ""
160
## @param heap Java Heap options to pass to the Solr container
161
##
162
heap: ""
163
## @param command Override Solr entrypoint string
164
##
165
command:
166
- /scripts/setup.sh
167
## @param args Arguments for the provided command if needed
168
##
169
args: []
170
## @param extraEnvVars Additional environment variables to set
171
## Example:
172
## extraEnvVars:
173
## - name: FOO
174
## value: "bar"
175
##
176
extraEnvVars: []
177
## @param extraEnvVarsCM ConfigMap with extra environment variables
178
##
179
extraEnvVarsCM: ""
180
## @param extraEnvVarsSecret Secret with extra environment variables
181
##
182
extraEnvVarsSecret: ""
183
## @section Solr statefulset parameters
184
##
185
186
## @param replicaCount Number of solr replicas
187
##
188
replicaCount: 3
189
## @param revisionHistoryLimit The number of old history to retain to allow rollback
190
## NOTE: Explicitly setting this field to 0, will result in cleaning up all the history of your Deployment, thus that Deployment will not be able to roll back.
191
revisionHistoryLimit: 10
192
## @param containerPorts.http Solr HTTP container port
193
##
194
containerPorts:
195
http: 8983
196
## Configure extra options for Solr containers' liveness, readiness and startup probes
197
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
198
## @param livenessProbe.enabled Enable livenessProbe on Solr containers
199
## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
200
## @param livenessProbe.periodSeconds Period seconds for livenessProbe
201
## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
202
## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
203
## @param livenessProbe.successThreshold Success threshold for livenessProbe
204
##
205
livenessProbe:
206
enabled: true
207
initialDelaySeconds: 40
208
periodSeconds: 10
209
timeoutSeconds: 15
210
failureThreshold: 6
211
successThreshold: 1
212
## @param readinessProbe.enabled Enable readinessProbe on Solr containers
213
## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
214
## @param readinessProbe.periodSeconds Period seconds for readinessProbe
215
## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
216
## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
217
## @param readinessProbe.successThreshold Success threshold for readinessProbe
218
##
219
readinessProbe:
220
enabled: true
221
initialDelaySeconds: 60
222
periodSeconds: 10
223
timeoutSeconds: 15
224
failureThreshold: 6
225
successThreshold: 1
226
## @param startupProbe.enabled Enable startupProbe on Solr containers
227
## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
228
## @param startupProbe.periodSeconds Period seconds for startupProbe
229
## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
230
## @param startupProbe.failureThreshold Failure threshold for startupProbe
231
## @param startupProbe.successThreshold Success threshold for startupProbe
232
##
233
startupProbe:
234
enabled: false
235
initialDelaySeconds: 40
236
periodSeconds: 10
237
timeoutSeconds: 15
238
failureThreshold: 15
239
successThreshold: 1
240
## @param customLivenessProbe Custom livenessProbe that overrides the default one
241
##
242
customLivenessProbe: {}
243
## @param customReadinessProbe Custom readinessProbe that overrides the default one
244
##
245
customReadinessProbe: {}
246
## @param customStartupProbe Custom startupProbe that overrides the default one
247
##
248
customStartupProbe: {}
249
## @param lifecycleHooks lifecycleHooks for the Solr container to automate configuration before or after startup
250
##
251
lifecycleHooks: {}
252
## Solr resource requests and limits
253
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
254
## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
255
##
256
resourcesPreset: "medium"
257
## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
258
## Example:
259
## resources:
260
## requests:
261
## cpu: 2
262
## memory: 512Mi
263
## limits:
264
## cpu: 3
265
## memory: 1024Mi
266
##
267
resources: {}
268
## Solr pods' Security Context
269
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
270
## @param podSecurityContext.enabled Enable Solr pods' Security Context
271
## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
272
## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface
273
## @param podSecurityContext.supplementalGroups Set filesystem extra groups
274
## @param podSecurityContext.fsGroup Set Solr pod's Security Context fsGroup
275
##
276
podSecurityContext:
277
enabled: true
278
fsGroupChangePolicy: Always
279
sysctls: []
280
supplementalGroups: []
281
fsGroup: 1001
282
## Solr containers' Security Context
283
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
284
## @param containerSecurityContext.enabled Enabled containers' Security Context
285
## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
286
## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
287
## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
288
## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
289
## @param containerSecurityContext.privileged Set container's Security Context privileged
290
## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
291
## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
292
## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
293
## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
294
##
295
containerSecurityContext:
296
enabled: true
297
seLinuxOptions: {}
298
runAsUser: 1001
299
runAsGroup: 1001
300
runAsNonRoot: true
301
privileged: false
302
readOnlyRootFilesystem: true
303
allowPrivilegeEscalation: false
304
capabilities:
305
drop: ["ALL"]
306
seccompProfile:
307
type: "RuntimeDefault"
308
## @param automountServiceAccountToken Mount Service Account token in pod
309
##
310
automountServiceAccountToken: false
311
## @param hostAliases Solr pods host aliases
312
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
313
##
314
hostAliases: []
315
## @param podLabels Extra labels for Solr pods
316
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
317
##
318
podLabels: {}
319
## @param podAnnotations Annotations for Solr pods
320
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
321
##
322
podAnnotations: {}
323
## @param podAffinityPreset Solr pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
324
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
325
##
326
podAffinityPreset: ""
327
## @param podAntiAffinityPreset Solr pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
328
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
329
##
330
podAntiAffinityPreset: soft
331
## Node affinity preset
332
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
333
##
334
nodeAffinityPreset:
335
## @param nodeAffinityPreset.type Solr node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
336
##
337
type: ""
338
## @param nodeAffinityPreset.key Solr node label key to match Ignored if `affinity` is set.
339
## E.g.
340
## key: "kubernetes.io/e2e-az-name"
341
##
342
key: ""
343
## @param nodeAffinityPreset.values Solr node label values to match. Ignored if `affinity` is set.
344
## E.g.
345
## values:
346
## - e2e-az1
347
## - e2e-az2
348
##
349
values: []
350
## @param affinity Affinity settings for Solr pod assignment. Evaluated as a template
351
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
352
##
353
affinity: {}
354
## @param nodeSelector Node labels for Solr pods assignment. Evaluated as a template
355
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
356
##
357
nodeSelector: {}
358
## @param tolerations Tolerations for Solr pods assignment. Evaluated as a template
359
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
360
##
361
tolerations: []
362
## @param topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
363
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
364
##
365
topologySpreadConstraints: []
366
## @param podManagementPolicy Management Policy for Solr StatefulSet
367
## StatefulSet controller supports relaxing its ordering guarantees while preserving its uniqueness and identity guarantees
368
## There are two valid pod management policies: OrderedReady and Parallel
369
## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy
370
##
371
podManagementPolicy: Parallel
372
## @param priorityClassName Solr pods' priority.
373
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
374
##
375
priorityClassName: ""
376
## @param schedulerName Kubernetes pod scheduler registry
377
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
378
##
379
schedulerName: ""
380
## @param updateStrategy.type Solr statefulset strategy type
381
## @param updateStrategy.rollingUpdate Solr statefulset rolling update configuration parameters
382
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
383
##
384
updateStrategy:
385
type: RollingUpdate
386
rollingUpdate: {}
387
## @param enableServiceLinks Whether information about services should be injected into pod's environment variable
388
## The environment variables injected by service links are not used, but can lead to slow boot times or slow running of the scripts when there are many services in the current namespace.
389
## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`.
390
##
391
enableServiceLinks: true
392
## Solr Pod Disruption Budget configuration
393
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
394
## @param pdb.create Enable a Pod Disruption Budget creation
395
## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled
396
## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable
397
##
398
pdb:
399
create: true
400
minAvailable: ""
401
maxUnavailable: ""
402
## @param extraVolumes Optionally specify extra list of additional volumes for the Solr pod(s)
403
##
404
extraVolumes: []
405
## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Solr container(s)
406
##
407
extraVolumeMounts: []
408
## @param initContainers Add init containers to the Solr pod(s)
409
## Example:
410
## initContainers:
411
## - name: your-image-name
412
## image: your-image
413
## imagePullPolicy: Always
414
## ports:
415
## - name: portname
416
## containerPort: 1234
417
##
418
initContainers: []
419
## @param sidecars Add sidecars to the Solr pod(s)
420
## Example:
421
## sidecars:
422
## - name: your-image-name
423
## image: your-image
424
## imagePullPolicy: Always
425
## ports:
426
## - name: portname
427
## containerPort: 1234
428
##
429
sidecars: []
430
## @section Traffic Exposure parameters
431
##
432
service:
433
## @param service.type Kubernetes Service type
434
##
435
type: ClusterIP
436
## @param service.ports.http Solr HTTP service port
437
##
438
ports:
439
http: 8983
440
## @param service.nodePorts.http Node port for the HTTP service
441
## NOTE: choose port between <30000-32767>
442
##
443
nodePorts:
444
http: ""
445
## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin
446
## Values: ClientIP or None
447
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
448
##
449
sessionAffinity: None
450
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
451
## sessionAffinityConfig:
452
## clientIP:
453
## timeoutSeconds: 300
454
##
455
sessionAffinityConfig: {}
456
## @param service.clusterIP Solr service Cluster IP
457
## e.g.:
458
## clusterIP: None
459
##
460
clusterIP: ""
461
## @param service.loadBalancerIP Solr service Load Balancer IP
462
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
463
##
464
loadBalancerIP: ""
465
## @param service.loadBalancerSourceRanges Solr service Load Balancer sources
466
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
467
## e.g:
468
## loadBalancerSourceRanges:
469
## - 10.10.10.0/24
470
##
471
loadBalancerSourceRanges: []
472
## @param service.externalTrafficPolicy Solr service external traffic policy
473
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
474
##
475
externalTrafficPolicy: Cluster
476
## @param service.annotations Additional custom annotations for Solr service
477
##
478
annotations: {}
479
## @param service.extraPorts Extra ports to expose in the Solr service (normally used with the `sidecar` value)
480
##
481
extraPorts: []
482
## Headless service properties
483
##
484
headless:
485
## @param service.headless.annotations Annotations for the headless service.
486
##
487
annotations: {}
488
## Network Policies
489
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
490
##
491
networkPolicy:
492
## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created
493
##
494
enabled: true
495
## @param networkPolicy.allowExternal Don't require client label for connections
496
## The Policy model to apply. When set to false, only pods with the correct
497
## client label will have network access to the ports the application is listening
498
## on. When true, the app will accept connections from any source
499
## (with the correct destination port).
500
##
501
allowExternal: true
502
## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
503
##
504
allowExternalEgress: true
505
## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
506
## e.g:
507
## extraIngress:
508
## - ports:
509
## - port: 1234
510
## from:
511
## - podSelector:
512
## - matchLabels:
513
## - role: frontend
514
## - podSelector:
515
## - matchExpressions:
516
## - key: role
517
## operator: In
518
## values:
519
## - frontend
520
extraIngress: []
521
## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
522
## e.g:
523
## extraEgress:
524
## - ports:
525
## - port: 1234
526
## to:
527
## - podSelector:
528
## - matchLabels:
529
## - role: frontend
530
## - podSelector:
531
## - matchExpressions:
532
## - key: role
533
## operator: In
534
## values:
535
## - frontend
536
##
537
extraEgress: []
538
## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
539
## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
540
##
541
ingressNSMatchLabels: {}
542
ingressNSPodMatchLabels: {}
543
## Solr ingress parameters
544
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
545
##
546
ingress:
547
## @param ingress.enabled Enable ingress record generation for Solr
548
##
549
enabled: false
550
## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
551
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
552
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
553
##
554
ingressClassName: ""
555
## @param ingress.pathType Ingress path type
556
##
557
pathType: ImplementationSpecific
558
## @param ingress.apiVersion Force Ingress API version (automatically detected if not set)
559
##
560
apiVersion: ""
561
## @param ingress.hostname Default host for the ingress record
562
##
563
hostname: solr.local
564
## @param ingress.path Default path for the ingress record
565
## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
566
##
567
path: /
568
## @param ingress.annotations [object] Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
569
## Use this parameter to set the required annotations for cert-manager, see
570
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
571
## e.g:
572
## annotations:
573
## kubernetes.io/ingress.class: nginx
574
## cert-manager.io/cluster-issuer: cluster-issuer-name
575
##
576
annotations: {}
577
## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter
578
## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
579
## You can:
580
## - Use the `ingress.secrets` parameter to create this TLS secret
581
## - Rely on cert-manager to create it by setting the corresponding annotations
582
## - Rely on Helm to create self-signed certificates by setting `ingress.selfSigned=true`
583
##
584
tls: false
585
## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
586
##
587
selfSigned: false
588
## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record
589
## e.g:
590
## extraHosts:
591
## - name: solr.local
592
## path: /
593
##
594
extraHosts: []
595
## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host.
596
## For example: The ALB ingress controller requires a special rule for handling SSL redirection.
597
## extraPaths:
598
## - path: /*
599
## backend:
600
## serviceName: ssl-redirect
601
## servicePort: use-annotation
602
##
603
extraPaths: []
604
## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record.
605
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
606
## extraTls:
607
## - hosts:
608
## - solr.local
609
## secretName: solr.local-tls
610
##
611
extraTls: []
612
## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets
613
## key and certificate should start with -----BEGIN CERTIFICATE----- or
614
## -----BEGIN RSA PRIVATE KEY-----
615
##
616
## name should line up with a tlsSecret set further up
617
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
618
##
619
## It is also possible to create and manage the certificates outside of this helm chart
620
## Please see README.md for more information
621
## e.g:
622
## - name: solr.local-tls
623
## key:
624
## certificate:
625
##
626
secrets: []
627
## @param ingress.extraRules Additional rules to be covered with this ingress record
628
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
629
## e.g:
630
## extraRules:
631
## - host: solr.local
632
## http:
633
## path: /
634
## backend:
635
## service:
636
## name: solr-svc
637
## port:
638
## name: http
639
##
640
extraRules: []
641
## @section Persistence parameters
642
##
643
644
## Enable persistence using Persistent Volume Claims
645
## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
646
##
647
persistence:
648
## @param persistence.enabled Use a PVC to persist data.
649
##
650
enabled: true
651
## @param persistence.existingClaim A manually managed Persistent Volume and Claim
652
## If defined, PVC must be created manually before volume will be bound
653
## The value is evaluated as a template
654
##
655
existingClaim: ""
656
## @param persistence.storageClass Storage class of backing PVC
657
## If defined, storageClassName: <storageClass>
658
## If set to "-", storageClassName: "", which disables dynamic provisioning
659
## If undefined (the default) or set to null, no storageClassName spec is
660
## set, choosing the default provisioner.
661
##
662
storageClass: ""
663
## @param persistence.accessModes Persistent Volume Access Modes
664
##
665
accessModes:
666
- ReadWriteOnce
667
## @param persistence.size Size of data volume
668
##
669
size: 8Gi
670
## @param persistence.annotations Persistence annotations for Solr
671
##
672
annotations: {}
673
## @param persistence.mountPath Persistence mount path for Solr
674
##
675
mountPath: /iamguarded/solr
676
## @param persistence.subPath Path within the volume from which the container's
677
## volume should be mounted. Defaults to "" (volume's root).
678
##
679
subPath: ""
680
## @param persistence.subPathExpr Expanded path within the volume from which
681
## the container's volume should be mounted. Behaves similarly to SubPath but
682
## environment variable references $(VAR_NAME) are expanded using the
683
## container's environment. Defaults to "" (volume's root).
684
## SubPathExpr and SubPath are mutually exclusive.
685
##
686
subPathExpr: ""
687
## @param persistence.selector Selector to match an existing Persistent Volume for Solr data PVC
688
## If set, the PVC can't have a PV dynamically provisioned for it
689
## E.g.
690
## selector:
691
## matchLabels:
692
## app: my-app
693
##
694
selector: {}
695
## @section Persistent Volume Claim Retention Policy
696
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention
697
##
698
persistentVolumeClaimRetentionPolicy:
699
## @param persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for Solr Statefulset
700
##
701
enabled: false
702
## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced
703
##
704
whenScaled: Retain
705
## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted
706
##
707
whenDeleted: Retain
708
## @section Volume Permissions parameters
709
##
710
711
## Init containers parameters:
712
## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node
713
##
714
volumePermissions:
715
## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume
716
##
717
enabled: false
718
## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry
719
## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository
720
## @skip volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended)
721
## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
722
## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy
723
## @param volumePermissions.image.pullSecrets Init container volume-permissions image pull secrets
724
##
725
image:
726
registry: cgr.dev
727
repository: chainguard-private/os-shell-iamguarded
728
tag: 1.0.0
729
digest: ""
730
pullPolicy: IfNotPresent
731
## Optionally specify an array of imagePullSecrets.
732
## Secrets must be manually created in the namespace.
733
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
734
## Example:
735
## pullSecrets:
736
## - myRegistryKeySecretName
737
##
738
pullSecrets: []
739
## Init container resource requests and limits
740
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
741
## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
742
##
743
resourcesPreset: "nano"
744
## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
745
## Example:
746
## resources:
747
## requests:
748
## cpu: 2
749
## memory: 512Mi
750
## limits:
751
## cpu: 3
752
## memory: 1024Mi
753
##
754
resources: {}
755
## Init container' Security Context
756
## Note: the chown of the data folder is done to containerSecurityContext.runAsUser
757
## and not the below volumePermissions.containerSecurityContext.runAsUser
758
## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
759
## @param volumePermissions.containerSecurityContext.runAsUser User ID for the init container
760
##
761
containerSecurityContext:
762
seLinuxOptions: {}
763
runAsUser: 0
764
## @section Other Parameters
765
##
766
767
## Service account for Solr to use.
768
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
769
##
770
serviceAccount:
771
## @param serviceAccount.create Enable creation of ServiceAccount for Solr pod
772
##
773
create: true
774
## @param serviceAccount.name The name of the ServiceAccount to use.
775
## If not set and create is true, a name is generated using the common.names.fullname template
776
##
777
name: ""
778
## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
779
## Can be set to false if pods using this serviceAccount do not need to use K8s API
780
##
781
automountServiceAccountToken: false
782
## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount
783
##
784
annotations: {}
785
## @section Solr TLS parameters
786
##
787
788
## TLS configuration
789
##
790
tls:
791
## @param tls.enabled Enable the TLS/SSL configuration
792
##
793
enabled: false
794
## @param tls.autoGenerated Create self-signed TLS certificates. Currently only supports PEM certificates
795
##
796
autoGenerated: false
797
## @param tls.certificatesSecretName Name of the secret that contains the certificates
798
## It should contain two keys called "keystore.p12" and "trustore.p12" with the files in JKS or P12 format
799
## certificatesSecretName: cert-files
800
##
801
certificatesSecretName: ""
802
## @param tls.passwordsSecretName Set the name of the secret that contains the passwords for the certificate files
803
## It should contain two keys called "tls-keystore-password" and "tls-truststore-password".
804
## e.g:
805
## passwordsSecretName: my-passwords
806
##
807
passwordsSecretName: ""
808
## @param tls.keystorePassword Password to access the keystore when it's password-protected
809
##
810
keystorePassword: ""
811
## @param tls.truststorePassword Password to access the truststore when it's password-protected
812
##
813
truststorePassword: ""
814
## We usually recommend not to specify default resources and to leave this as a conscious
815
## choice for the user. This also increases chances charts run on environments with little
816
## resources, such as Minikube. If you do want to specify resources, uncomment the following
817
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
818
## @param tls.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if tls.resources is set (tls.resources is recommended for production).
819
##
820
resourcesPreset: "nano"
821
## @param tls.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
822
## Example:
823
## resources:
824
## requests:
825
## cpu: 2
826
## memory: 512Mi
827
## limits:
828
## cpu: 3
829
## memory: 1024Mi
830
##
831
resources: {}
832
## @section Metrics parameters
833
##
834
835
## Configuration for the Solr Prometheus exporter
836
##
837
metrics:
838
## @param metrics.enabled Deploy a Solr Prometheus exporter deployment to expose metrics
839
##
840
enabled: false
841
## @param metrics.revisionHistoryLimit The number of old history to retain to allow rollback
842
## NOTE: Explicitly setting this field to 0, will result in cleaning up all the history of your Deployment, thus that Deployment will not be able to rollback.
843
revisionHistoryLimit: 10
844
## @param metrics.configFile Config file with metrics to export by the Solr prometheus metrics. To change it mount a different file using `extraConfigMaps`
845
##
846
configFile: "/opt/iamguarded/solr/prometheus-exporter/conf/solr-exporter-config.xml"
847
## @param metrics.threads Number of Solr exporter threads
848
##
849
threads: 7
850
## @param metrics.command Override Solr entrypoint string.
851
##
852
command: []
853
## @param metrics.args Arguments for the provided command if needed
854
##
855
args: []
856
## @param metrics.extraEnvVars Additional environment variables to set
857
## Example:
858
## extraEnvVars:
859
## - name: FOO
860
## value: "bar"
861
##
862
extraEnvVars: []
863
## @param metrics.extraEnvVarsCM ConfigMap with extra environment variables
864
##
865
extraEnvVarsCM: ""
866
## @param metrics.extraEnvVarsSecret Secret with extra environment variables
867
##
868
extraEnvVarsSecret: ""
869
## @param metrics.containerPorts.http Solr Prometheus exporter HTTP container port
870
##
871
containerPorts:
872
http: 9231
873
## Configure extra options for liveness probe
874
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
875
## @param metrics.livenessProbe.enabled Enable livenessProbe on Solr Prometheus exporter containers
876
## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
877
## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe
878
## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
879
## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe
880
## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe
881
##
882
livenessProbe:
883
enabled: true
884
initialDelaySeconds: 10
885
periodSeconds: 5
886
timeoutSeconds: 15
887
failureThreshold: 15
888
successThreshold: 1
889
## @param metrics.readinessProbe.enabled Enable readinessProbe on Solr Prometheus exporter containers
890
## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
891
## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe
892
## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
893
## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe
894
## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe
895
##
896
readinessProbe:
897
enabled: true
898
initialDelaySeconds: 10
899
periodSeconds: 5
900
timeoutSeconds: 15
901
failureThreshold: 15
902
successThreshold: 15
903
## @param metrics.startupProbe.enabled Enable startupProbe on Solr Prometheus exporter containers
904
## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
905
## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe
906
## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe
907
## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe
908
## @param metrics.startupProbe.successThreshold Success threshold for startupProbe
909
##
910
startupProbe:
911
enabled: false
912
initialDelaySeconds: 30
913
periodSeconds: 10
914
timeoutSeconds: 1
915
failureThreshold: 15
916
successThreshold: 1
917
## @param metrics.customLivenessProbe Custom livenessProbe that overrides the default one
918
##
919
customLivenessProbe: {}
920
## @param metrics.customReadinessProbe Custom readinessProbe that overrides the default one
921
##
922
customReadinessProbe: {}
923
## @param metrics.customStartupProbe Custom startupProbe that overrides the default one
924
##
925
customStartupProbe: {}
926
## Solr Prometheus exporter resource requests and limits
927
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
928
## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production).
929
##
930
resourcesPreset: "nano"
931
## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
932
## Example:
933
## resources:
934
## requests:
935
## cpu: 2
936
## memory: 512Mi
937
## limits:
938
## cpu: 3
939
## memory: 1024Mi
940
##
941
resources: {}
942
## Solr Prometheus exporter containers' Security Context
943
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
944
## @param metrics.containerSecurityContext.enabled Enabled containers' Security Context
945
## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
946
## @param metrics.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
947
## @param metrics.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
948
## @param metrics.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
949
## @param metrics.containerSecurityContext.privileged Set container's Security Context privileged
950
## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
951
## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
952
## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped
953
## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
954
##
955
containerSecurityContext:
956
enabled: true
957
seLinuxOptions: {}
958
runAsUser: 1001
959
runAsGroup: 1001
960
runAsNonRoot: true
961
privileged: false
962
readOnlyRootFilesystem: true
963
allowPrivilegeEscalation: false
964
capabilities:
965
drop: ["ALL"]
966
seccompProfile:
967
type: "RuntimeDefault"
968
## Solr Prometheus exporter pods' Security Context
969
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
970
## @param metrics.podSecurityContext.enabled Enable Solr Prometheus exporter pods' Security Context
971
## @param metrics.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
972
## @param metrics.podSecurityContext.sysctls Set kernel settings using the sysctl interface
973
## @param metrics.podSecurityContext.supplementalGroups Set filesystem extra groups
974
## @param metrics.podSecurityContext.fsGroup Group ID for the pods.
975
##
976
podSecurityContext:
977
enabled: true
978
fsGroupChangePolicy: Always
979
sysctls: []
980
supplementalGroups: []
981
fsGroup: 1001
982
## @param metrics.podLabels Additional labels for Solr Prometheus exporter pod(s)
983
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
984
##
985
podLabels: {}
986
## @param metrics.podAnnotations Additional annotations for Solr Prometheus exporter pod(s)
987
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
988
##
989
podAnnotations: {}
990
## @param metrics.podAffinityPreset Solr Prometheus exporter pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
991
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
992
##
993
podAffinityPreset: ""
994
## @param metrics.podAntiAffinityPreset Solr Prometheus exporter pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
995
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
996
##
997
podAntiAffinityPreset: soft
998
## Node affinity preset
999
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
1000
##
1001
nodeAffinityPreset:
1002
## @param metrics.nodeAffinityPreset.type Solr Prometheus exporter node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
1003
##
1004
type: ""
1005
## @param metrics.nodeAffinityPreset.key Solr Prometheus exporter node label key to match Ignored if `affinity` is set.
1006
## E.g.
1007
## key: "kubernetes.io/e2e-az-name"
1008
##
1009
key: ""
1010
## @param metrics.nodeAffinityPreset.values Solr Prometheus exporter node label values to match. Ignored if `affinity` is set.
1011
## E.g.
1012
## values:
1013
## - e2e-az1
1014
## - e2e-az2
1015
##
1016
values: []
1017
## @param metrics.affinity Affinity settings for Solr Prometheus exporter pod assignment. Evaluated as a template
1018
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
1019
##
1020
affinity: {}
1021
## @param metrics.nodeSelector Node labels for Solr Prometheus exporter pods assignment. Evaluated as a template
1022
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
1023
##
1024
nodeSelector: {}
1025
## @param metrics.tolerations Tolerations for Solr Prometheus exporter pods assignment. Evaluated as a template
1026
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
1027
##
1028
tolerations: []
1029
## @param metrics.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
1030
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
1031
##
1032
topologySpreadConstraints: []
1033
## @param metrics.priorityClassName Solr Prometheus exporter pods' priority.
1034
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
1035
##
1036
priorityClassName: ""
1037
## @param metrics.schedulerName Kubernetes pod scheduler registry
1038
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
1039
##
1040
schedulerName: ""
1041
## @param metrics.automountServiceAccountToken Mount Service Account token in pod
1042
##
1043
automountServiceAccountToken: false
1044
## @param metrics.hostAliases Solr Prometheus exporter pod host aliases
1045
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
1046
##
1047
hostAliases: []
1048
## @param metrics.updateStrategy.type Solr Prometheus exporter deployment strategy type
1049
## @param metrics.updateStrategy.rollingUpdate Solr Prometheus exporter deployment rolling update configuration parameters
1050
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
1051
##
1052
updateStrategy:
1053
type: RollingUpdate
1054
rollingUpdate: {}
1055
## @param metrics.extraVolumes Optionally specify extra list of additional volumes for the Solr Prometheus exporter pod(s)
1056
##
1057
extraVolumes: []
1058
## @param metrics.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Solr Prometheus exporter container(s)
1059
##
1060
extraVolumeMounts: []
1061
## @param metrics.initContainers Add init containers to the Solr Prometheus exporter pod(s)
1062
## Example:
1063
## initContainers:
1064
## - name: your-image-name
1065
## image: your-image
1066
## imagePullPolicy: Always
1067
## ports:
1068
## - name: portname
1069
## containerPort: 1234
1070
##
1071
initContainers: []
1072
## @param metrics.sidecars Add sidecars to the Solr Prometheus exporter pod(s)
1073
## Example:
1074
## sidecars:
1075
## - name: your-image-name
1076
## image: your-image
1077
## imagePullPolicy: Always
1078
## ports:
1079
## - name: portname
1080
## containerPort: 1234
1081
##
1082
sidecars: []
1083
## Service for the Solr Prometheus exporter deployment
1084
##
1085
service:
1086
## @param metrics.service.type Kubernetes Service type
1087
##
1088
type: "ClusterIP"
1089
## @param metrics.service.ports.http Solr Prometheus exporter HTTP service port
1090
##
1091
ports:
1092
http: 9231
1093
## @param metrics.service.sessionAffinity Control where client requests go, to the same pod or round-robin
1094
## Values: ClientIP or None
1095
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
1096
##
1097
sessionAffinity: None
1098
## @param metrics.service.clusterIP Solr Prometheus exporter service Cluster IP
1099
## e.g.:
1100
## clusterIP: None
1101
##
1102
clusterIP: ""
1103
## @param metrics.service.annotations annotations for Solr Prometheus exporter service
1104
##
1105
annotations: {}
1106
## @param metrics.service.labels Additional labels for Solr Prometheus exporter service
1107
##
1108
labels: {}
1109
## Prometheus Operator ServiceMonitor configuration
1110
##
1111
serviceMonitor:
1112
## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
1113
##
1114
enabled: false
1115
## @param metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)
1116
##
1117
namespace: ""
1118
## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped.
1119
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
1120
##
1121
interval: ""
1122
## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
1123
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
1124
##
1125
scrapeTimeout: ""
1126
## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus
1127
##
1128
additionalLabels: {}
1129
## @param metrics.serviceMonitor.selector Prometheus instance selector labels
1130
##
1131
selector: {}
1132
## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
1133
##
1134
relabelings: []
1135
## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
1136
##
1137
metricRelabelings: []
1138
## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
1139
##
1140
honorLabels: false
1141
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
1142
##
1143
jobLabel: ""
1144
## Custom PrometheusRule to be defined
1145
## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
1146
##
1147
prometheusRule:
1148
## @param metrics.prometheusRule.enabled Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator
1149
##
1150
enabled: false
1151
## @param metrics.prometheusRule.namespace The namespace in which the prometheusRule will be created
1152
##
1153
namespace: ""
1154
## @param metrics.prometheusRule.additionalLabels Additional labels for the prometheusRule
1155
##
1156
additionalLabels: {}
1157
## @param metrics.prometheusRule.rules Custom Prometheus rules
1158
## e.g:
1159
## rules:
1160
## - alert: SolrDown
1161
## expr: solr_up{service="{{ template "common.names.fullname" . }}-exporter"} == 0
1162
## for: 2m
1163
## labels:
1164
## severity: error
1165
## annotations:
1166
## summary: Solr instance {{ "{{ $labels.instance }}" }} down
1167
## description: Solr instance {{ "{{ $labels.instance }}" }} is down
1168
##
1169
rules: []
1170
## @section ZooKeeper parameters
1171
##
1172
1173
## ZooKeeper chart configuration
1174
##
1175
zookeeper:
1176
## @param zookeeper.enabled Enable ZooKeeper deployment. Needed for Solr cloud
1177
##
1178
enabled: true
1179
## @param zookeeper.fourlwCommandsWhitelist A list of comma separated Four Letter Words commands that can be executed
1180
##
1181
fourlwCommandsWhitelist: srvr,mntr,conf,ruok
1182
## @param zookeeper.containerPorts.client ZooKeeper client container port
1183
##
1184
containerPorts:
1185
client: 2181
1186
## @param zookeeper.replicaCount Number of ZooKeeper nodes
1187
##
1188
replicaCount: 3
1189
## ZooKeeper Persistence parameters
1190
## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
1191
## @param zookeeper.persistence.enabled Enable persistence on ZooKeeper using PVC(s)
1192
## @param zookeeper.persistence.storageClass Persistent Volume storage class
1193
## @param zookeeper.persistence.accessModes Persistent Volume access modes
1194
## @param zookeeper.persistence.size Persistent Volume size
1195
##
1196
persistence:
1197
enabled: true
1198
storageClass: ""
1199
accessModes:
1200
- ReadWriteOnce
1201
size: 8Gi
1202
image:
1203
digest: ""
1204
registry: cgr.dev
1205
repository: chainguard-private/zookeeper-iamguarded
1206
tag: 3.9.5
1207
volumePermissions:
1208
image:
1209
digest: ""
1210
registry: cgr.dev
1211
repository: chainguard-private/os-shell-iamguarded
1212
tag: 1.0.0
1213
## External Zookeeper Configuration
1214
## All of these values are only used if `zookeeper.enabled=false`
1215
##
1216
externalZookeeper:
1217
## @param externalZookeeper.servers List of external zookeeper servers to use
1218
##
1219
servers: []
1220
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.