forked from Ontotext-AD/graphdb-helm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalues.yaml
284 lines (269 loc) · 11.4 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
#
# Main configuration file
#
# To override single property use --set
# To override multiple, provide another values-override.yaml with the -f flag
# See https://helm.sh/docs/chart_template_guide/values_files/
global:
imagePullSecrets: []
storageClass: "standard"
imageRegistry: docker.io
# K8S API versions differ on Kubernetes and local Minikube installation.
# Please, refer to: https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/
versions:
api: apps/v1
service: v1
ingress: networking.k8s.io/v1
deployment: apps/v1
statefulset: apps/v1
secret: v1
configmap: v1
volume: v1
job: batch/v1
daemon: apps/v1
pvc: v1
pv: v1
# Top lvl flat for easier maintenance
images:
graphdb:
repository: ontotext/graphdb
tag: "10.2.1"
busybox:
repository: busybox
tag: "1.31"
####### DEPLOYMENT CONFIGURATIONS #######
deployment:
# -- Defines the policy with which components will request their image.
imagePullPolicy: IfNotPresent
# Secret used to pull Docker images. Uncomment to use it.
# Important: Must be created beforehand
# imagePullSecret: ontotext5
# -- The storage place where components will read/write their persistent data in case the default
# persistent volumes are used. They use the node's file system.
storage: /data
# -- The hostname and protocol at which the graphdb will be accessible.
# Needed to configure ingress as well as some components require it to properly render their UIs
protocol: http
# Important: This should be a resolvable hostname, not an IP address!
host: localhost
# Configures SSL termination on ingress level.
# See https://kubernetes.github.io/ingress-nginx/examples/tls-termination/
tls:
# -- Feature toggle for SSL termination. Disabled by default.
# If TLS is enabled, the protocol should also be updated (https)
enabled: false
# -- Name of a Kubernetes secret object with the key and certificate.
# If TLS is enabled, it's required to be provided, depending on the deployment.
secretName:
# -- Ingress related configurations
ingress:
enabled: true
class: nginx
# -- Sets extra ingress annotations
annotations: {}
# -- Sets the maximum size for all requests to the underlying Nginx
maxRequestSize: 512M
# -- Default timeouts in seconds for the underlying Nginx.
timeout:
connect: 5
read: 600
send: 600
# GraphDB database configurations
graphdb:
clusterConfig:
# -- Number of GraphDB nodes to be used in the cluster.
# Set value to 1 to run a standalone GraphDB instance.
nodesCount: 1
# -- A secret used for secure communication amongst the nodes in the cluster.
clusterSecret: s3cr37
# -- Timeout for the cluster creation CURL query.
# Note: By default helm waits for Kubernetes commands to complete for 5 minutes. You can increase that by adding "--timeout 10m" to the helm command.
clusterCreationTimeout: 60
# -- Cluster configuration parameters:
# The minimum wait time in milliseconds for a heartbeat from a leader.
electionMinTimeout: 8000
# The variable portion of each waiting period in milliseconds for a heartbeat.
electionRangeTimeout: 6000
# The interval in milliseconds between each heartbeat that is sent to follower nodes by the leader.
heartbeatInterval: 2000
#The size of the data blocks transferred during data replication streaming through the RPC protocol.
messageSize: 64
# The amount of time in milliseconds a follower node would wait before attempting to verify the last committed entry when the first verification is unsuccessful.
verificationTimeout: 1500
# -- References to configuration maps containing settings.js, users.js, graphdb.properties, and logback.xml files to overwrite
# the default GraphDB configuration. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-graphdb.html
configs:
# Override default settings configuration
#settingsConfigMap: graphdb-settings-configmap
# Override default users configuration
#usersConfigMap: graphdb-users-configmap
# Override default properties configuration
#propertiesConfigMap: graphdb-properties-configmap
# Override default logback configuration
#logbackConfigMap: graphdb-logback-configmap
# Optional configmap containing repository configuration ttl file(s). GraphDB will automatically create repositories with the provided repositories configuration files
# provisionRepositoriesConfigMap: graphdb-repositories-configmap
security:
# If the security is enabled, it's mandatory to have a provisioning user, so the health-checks and cluster linking can work properly
enabled: false
provisioningUsername: provisioner
# bcrypt encrypted password. default: iHaveSuperpowers
provisioningPassword: iHaveSuperpowers
# jobSecurityContext defines privilege and access control settings for all the job pods
jobPodSecurityContext: {}
# jobContainerSecurityContext defines privilege and access control settings for all the job containers
jobSecurityContext: {}
# -- Settings for the GraphDB cluster nodes
node:
# -- Reference to a secret containing 'graphdb.license' file to be used by the nodes.
# Important: Must be created beforehand
license:
# -- Java arguments with which node instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value
java_args: "-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport"
# Node scheduling options such as nodeSelector, affinity, tolerations, topologySpreadConstraints can be set here for ALL nodes.
# By default, no restrictions are applied.
nodeSelector: {}
affinity: {}
tolerations: []
topologySpreadConstraints: []
# -- Persistence configurations.
# By default, Helm will use a PV that reads and writes to the host file system.
persistence:
# use dynamic volume provisioning
volumeClaimTemplateSpec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "5Gi"
# -- Below are minimum requirements for data sets of up to 50 million RDF triples
# For resizing, refer according to the GraphDB documentation
# http://graphdb.ontotext.com/documentation/requirements.html
resources:
limits:
memory: 2Gi
cpu: 2000m
requests:
memory: 2Gi
cpu: 2000m
# -- Configurations for the GraphDB node startup probe. Misconfigured probe can lead to a failing cluster.
startupProbe:
httpGet:
path: /protocol
port: graphdb
failureThreshold: 30
timeoutSeconds: 5
periodSeconds: 10
# -- Configurations for the GraphDB node readiness probe. Misconfigured probe can lead to a failing cluster.
readinessProbe:
httpGet:
path: /protocol
port: graphdb
initialDelaySeconds: 5
timeoutSeconds: 5
periodSeconds: 10
# -- Configurations for the GraphDB node liveness probe. Misconfigured probe can lead to a failing cluster.
livenessProbe:
httpGet:
path: /protocol
port: graphdb
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 10
# additional environment variables to be set for the graphdb nodes
extraEnvFrom: []
# additional volumes to be set for the graphdb nodes
extraVolumes: []
# additional volume mounts to be set for the graphdb nodes
extraVolumeMounts: []
# podSecurityContext defines privilege and access control settings for the node pods.
podSecurityContext: {}
# securityContext defines privilege and access control settings for the node container running graphdb.
securityContext: {}
# provisionSecurityContext defines privilege and access control settings for the node containers provisioning configurations for graphdb.
initContainerSecurityContext: {}
# -- Settings for the GraphDB cluster proxy used to communicate with the GraphDB cluster
# Note: If there is no cluster (graphdb.clusterConfig.nodesCount is set to 1) no proxy will be deployed
clusterProxy:
# -- Number of cluster proxies used to access the GraphDB cluster
replicas: 1
# -- Java arguments with which the cluster proxy instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value
java_args: "-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport"
# -- Service type used by the graphdb-cluster-proxy service
# Note: If using ALB in AWS EKS this will default to being on the public internet
serviceType: LoadBalancer
# Node scheduling options such as nodeSelector, affinity, tolerations, topologySpreadConstraints can be set here for ALL nodes.
# By default, no restrictions are applied.
nodeSelector: {}
affinity: {}
tolerations: []
topologySpreadConstraints: []
# -- Minimum requirements for a successfully running GraphDB cluster proxy
resources:
limits:
memory: 1500Mi
cpu: 800m
requests:
memory: 1500Mi
cpu: 800m
# -- Persistence configurations.
# By default, Helm will use a PV that reads and writes to the host file system.
persistence:
# enable or disable proxy persistence
enablePersistence: true
# use dynamic volume provisioning
volumeClaimTemplateSpec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "500Mi"
# -- Configurations for the GraphDB cluster proxy startup probe. Misconfigured probe can lead to a failing cluster.
startupProbe:
httpGet:
path: /proxy/ready
port: gdb-proxy-port
failureThreshold: 60
timeoutSeconds: 3
periodSeconds: 5
# -- Configurations for the GraphDB cluster proxy readiness probe. Misconfigured probe can lead to a failing cluster.
readinessProbe:
httpGet:
path: /proxy/ready
port: gdb-proxy-port
timeoutSeconds: 5
periodSeconds: 10
# -- Configurations for the GraphDB cluster proxy liveness probe. Misconfigured probe can lead to a failing cluster.
livenessProbe:
httpGet:
path: /proxy/health
port: gdb-proxy-port
initialDelaySeconds: 120
timeoutSeconds: 5
periodSeconds: 10
# additional environment variables to be set for each cluster proxy
extraEnvFrom: []
# additional volumes to be set for each cluster proxy
extraVolumes: []
# additional volume mounts to be set for each cluster proxy
extraVolumeMounts: []
# podSecurityContext defines privilege and access control settings for the proxy pods.
podSecurityContext: {}
# securityContext defines privilege and access control settings for the proxy containers.
securityContext: {}
# GraphDB workbench configurations
workbench:
# -- This is the sub path at which GraphDB workbench can be opened.
# Should be configured in the API gateway (or any other proxy in front)
subpath: /graphdb
# WARNING: Setting enabled to true in most cloud providers will result in an error
# Attach additional PV which will be used as an import directory
# https://graphdb.ontotext.com/documentation/standard/loading-data-using-the-workbench.html#importing-server-files
import_directory_mount:
enabled: false
volumeClaimTemplateSpec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "10Gi"