Common Values

Platform release - v22.38

Description of HELM3 common configuration values for all environments and their purpose.

Introduction

This document describes the HELM3 deployment parameters and their descriptions which are common for all environments. Check the general description for explanations and specifications for different environments.

Here are the configurations divided into sections.

global:

version:

22.38 - The format is year (YY) and week (WW) added with an extra optional release (V).

affinityKey:

app - Kubernetes configuration for assigning pods to the correct nodes.

cloudProvider:

GCP by default. Supported values: AWS, GCP and AZURE.

containerRuntime:

Container runtime used by the cloudProvider. Allowed values: containerd, docker

displayPlatformVersion:

Whether we should expose platform version for end-user. Will be displayed at least in frontend UI and API responses. Allowed values: true, false

persistentMessages:

Allowed values: true or false. Enables deliveryMode : 2 (persistent) for all components on the installation which use supported sailor versions (sailor-nodejs from 2.7.0 and sailor-jvm from 3.4.0). Default value: false.

secrets:

admiral:

"admiral-secrets" - a separate secrets for the new replicated-admiral. Not used for now.

platform:

Secret containing main bulk of platform environment variables. Check the Platform environment secret section for more information.

platformServices:

Auto-generated secret for service discovery. It contains the internal URLs for the platform services.

imagePull:

This is the platform docker registry secret.

gitReceiverPrivateKey:

Secret containing an RSA private key. Check the Git-receiver secret section for more.

azureStorage: ""

dockerRegistry:

Secret used by the whole platform to pull platform microservice images from the dockerhub. Check the platform docker registry secret for details.

dockerRegistryPush:

Platform uses this secret to push component docker container images to the docker registry. Check the docker registry push secret description for more information.

dockerRegistryHtpasswdSecret:

Platform uses this secret in the configuration of username/password authentication for internal docker registry. Check the Docker registry htpasswd secret description for more information.

mongodbTlsCertificateKey:

clientKeySecretName - Secret name with tls certificate and key. If specified, will be mounted to the services and specified in the tlsCertificateKeyFile connection option.

mongodbTlsCA:

caSecretName - Secret name with CA certificate to validate mongodb server certificate in the client side. If specified, will be mounted to the services and specified in the tlsCAFile connection option.

namespaces:

Namespaces: You must create these namespaces in your Kubernetes cluster beforehand. HELM3 chart installations expect to find these namespaces during the installation of the platform version starting from the 21.31 release. Check namespaces page for More instructions.

tasks: "tasks"

Platform uses this namespace for pods running the integration flow steps. You can pick an arbitrary name but you must define it beforehand.

platform: "platform"

Platform uses this namespace for the pods running the platform microservices.

monitoring: "monitoring"

Platform uses this namespace for the pods running the monitoring microservices.

appNames:

Service Apps: Links to charts for all microservices. Each app has a separate descriptors and charts pulled during the platform deployment. For more information check the platform microservices section.

admiral: "admiral"

api: "api"

apiDocs: "api-docs"

bloodyGate: "bloody-gate"

branRead: "bran-read"

branWrite: "bran-write"

cache: "cache"

defaultBackend: "default-backend"

dockerRegistry: "docker-registry"

facelessApi: "faceless-api"

facelessTokeRefresher: "faceless-token-refresher"

fluentd: "eio-fluentd"

frontend: "frontend"

gendry: "gendry"

gitReceiver: "gitreceiver"

goldDragonCoin: "gold-dragon-coin"

handmaiden: "handmaiden"

ingress: "ingress-nginx"

ironBank: "iron-bank"

knightOfTheBloodyGate: "knight-of-the-bloody-gate"

lookout: "lookout"

maester: "maester"

pss: "platform-storage-slugs"

quotaService: "quota-service"

raven: "raven"

s3: "s3"

scheduler: "scheduler"

stakaterReloader: "stakater-reloader"

steward: "steward"

webhooks: "webhooks"

wiper: "wiper"

services:

Service availability: By default all services are enabled. You can disable any service by changing the value of enable parameter from true to false. However, we do not recommend doing this for system critical services. Consult the platform microservices section to know which services are critical.

admiral:

enabled: true

name: "admiral-service"

apiDocs:

enabled: true

name: "api-docs-service"

port: 8000

api:

enabled: true

name: "api-service"

port: 9000

resources:

limits:

cpu: 3

requests:

cpu: 2

bloodyGate:

enabled: true

name: "bloody-gate-service"

port: 3000

branRead:

enabled: true

name: "bran-read-service"

port: 5961

branWrite:

name: "bran-write-service"

enabled: true

cache:

enabled: true

name: "cache-service"

port: 6379

defaultBackend:

enabled: true

name: "default-backend-service"

port: 8080

dockerRegistry:

enabled: true

name: "docker-registry-service"

storageDriver: "filesystem"

nodePort: 31000

loadBalancerIp: “”

path: "elasticio"

uri: ""

secured: false

facelessApi:

enabled: true

name: "faceless-api-service"

port: 1396

facelessTokeRefresher:

enabled: true

name: "faceless-token-refresher-service"

port: 11396

fluentd:

enabled: true

name: "fluentd-service"

execGelfProto: ""

execGelfHost: ""

execGelfPort: ""

frontend:

enabled: true

name: "frontend-service"

port: 8000

gendry:

name: "gendry-service"

enabled: true

configMapName: "gendry-config"

gitReceiver:

enabled: true

name: "gitreceiver-service"

port: 4022

goldDragonCoin:

enabled: true

name: "gold-dragon-coin-service"

port: 9000

handmaiden:

name: "handmaiden-service"

enabled: true

issuer:

name: letsencrypt-issuer

Available values: issuer/cluster-issuer

kind: issuer

ingress:

enabled: true

error5xxUrl: ""

defaultBackendPort: ""

name: "ingress-loadbalancer"

httpPort: 80

httpsPort: 443

sshPort: 22

ironBank:

enabled: true

name: "iron-bank-service"

port: 3000

knightOfTheBloodyGate:

enabled: true

name: "knight-of-the-bloody-gate-service"

port: 3000

lookout:

name: "lookout-service"

enabled: true

maester:

enabled: true

name: "maester-service"

port: 3002

maesterRedis:

enabled: true

useSentinels: false

weather we should use sentinels for redis

name: "maester-redis-service"

port: 6379

pss:

enabled: false

name: "platform-storage-slugs-service"

port: 9999

pssLoadBalancer:

enabled: true

name: "platform-storage-slugs-loadbalancer"

port: 9999

quotaService:

enabled: true

name: "quota-service-service"

port: 3002

raven:

enabled: true

name: "raven-service"

port: 8070

s3:

enabled: false

name: "s3-service"

port: 3000

scheduler:

name: "scheduler-service"

enabled: true

stakaterReloader:

enabled: true

steward:

enabled: true

name: "steward-service"

port: 8200

pssBackwardCompatibility: false

webhooks:

enabled: true

name: "webhooks-service"

port: 5000

wiper:

enabled: true

prometheusScrape:

Prometheus: These parameters enable data scrapping from the services. All data is sent to the Prometheus service. Our team uses for monitoring and alerting purposes.

admiral: "true"

api: "true"

branRead: "true"

branWrite: "true"

facelessApi: "true"

facelessTokenRefresher: "true"

ironBank: "true"

maester: "true"

s3: "true"

cache: "true"

raven: "true"

scheduler: "true"

fluentd: "true"

webhooks: "true"