General Description

General description of HELM3 configuration values for environment specific cases and their purpose.

Introduction

We present here description of HELM3 deployment structure for environment specific cases. You can change parameters based on the deployment specifics and your requirements. Here are the configurations divided into sections.

During platform deployment the current and the Common values charts merge into one general chart.

global:

apiDocsImage:

"elasticio/api-docs:HASHVERSION" - image for API documentation service.

cloudProvider:

"GCP" - (GCP by default). Supported values (AWS, GCP and AZURE)

containerRuntime:

docker - Container runtime which is used by selected cloudProvider. Allowed values: containerd, docker.

replicas:

Replicas of microservices: These are not all microservices but only the ones where you can define number of replicas per your requirements and need. Other services have their replica sets hard-coded in their configurations. Check the platform microservices section for more details on each service.

dockerRegistry: `2`

api: `2`

branRead: `2`

branWrite: `2`

dockerRegistry: `2`

facelessApi: `2`

frontend: `2`

goldDragonCoin: `2`

lookout: `2`

maester: `2`

pss: `2`

steward: `2`

webhooks: `2`

raven: `2`

nodeSelectors:

The platform uses these node selectors to decide which node pull must be used to run container. and ordinaryTask labels.

platform:

platform - the default value.

longRunningTask:

longrunning - the default value.

ordinaryTask:

ordinary - the default value.

services:

componentsPusher:

name: "components-pusher" - name of the service which pushes the components.

enabled: true - Boolean, set to true to enable the service.

pullSecret: - the secret used to fetch the docker images from the dockerhub.

configMapName: "component-pusher-config" - the components configuration for the pusher.

api:

resources:

limits:

cpu: 3

requests:

cpu: 2

dockerRegistry:

loadBalancerIp:

docker_regisrty_internal_ip - Internal IP used for internal docker registry access.

secured:

docker-registry-tls - the name of the tls secret

tlsSecretName:

docker-registry-cert-name - (false by default) enables tls for the docker registry service.

fluentd:

execGelfProto:

eio_exec_gelf_protocol - GrayLog GELF input protocol for flow steps logs. (If not provided, the GELF_PROTOCOL is used).

execGelfHost:

eio_exec_gelf_host - GrayLog GELF input host for flow steps logs. (If not provided, GELF_HOST is used).

execGelfPort:

eio_exec_gelf_port - GrayLog GELF input port for flow steps logs. (If not provided, GELF_PORT is used).

ironBank:

enabled: true

Enable or disable the ironBank service.

pssLoadBalancer:

ip:

storage_slugs_lb_ip - Internal IP for platform storage slugs ingress which is used by Agents.

quotaService:

enabled:

true - Enable or disable the quota service.

maester:

enabled:

true

steward:

pssBackwardCompatibility:

true

entrypoints:

bloodyGate:

agent_vpn_entrypoint - entry point ip/domain for a VPN agent.

loadBalancer:

load_balancer_ip - Public IP for the platform ingress.

storage:

slugsSubPath:

storage_slugs_sub_path_slugs

stewardSubPath:

storage_slugs_sub_path_steward

storageClassName:

platform-storage-slugs

persistentVolumeClaimName:

platform-storage-slugs-volume-claim

type:

s3 - Can be one of 4 supported types: nfs, azure, aws-efs-csi-driver and s3. aws-efs-csi-driver requires EFS CSI driver to be installed. See docs for the Amazon EFS CSI driver configuration

fileSystemId:

fs-03f24358 - AWS EFS file system ID. Skip if not using type aws-efs-csi-driver

config:

name:

platform-storage-slugs-volume

server:

nfs_server_address - NFS instance address used for platform-storage-slugs if storage_slugs_storage_type is nfs.

path:

nfs_share - NFS share name used for platform-storage-slugs if storage_slugs_storage_type is nfs.

size:

500Gi - En example value.

gid:

1502

componentsConfiguration:

The components-pusher configuration containing the information for each component you need the service to push automatically. Copy and paste this configuration to suit your needs.

developmentTeam: teamName

teamName - this is the name of the default team where you deploy your components.

components:

componentName:

componentName - a unique name you use in your development name. It must match with the name you have already used to push a component into the team. Please pay attention, this must be the parameter name, not the value.

targetTag:

latest - Image tag for pulling into the internal docker registry.

dockerRepoName:

"orgName/repoName" - Image name by which to pull repo from registry

developmentTeam:

teamName - An optional environment variable contaning the team name where to create the RepoBuild. Will override root developmentTeam on the components level if provided.

access:

team - An optional environment variable which sets the access level for the component in the platform context. The default value is global.

General Description

Introduction

global:

apiDocsImage:

cloudProvider:

containerRuntime:

replicas:

dockerRegistry: 2

api: 2

branRead: 2

branWrite: 2

dockerRegistry: 2

facelessApi: 2

frontend: 2

goldDragonCoin: 2

lookout: 2

maester: 2

pss: 2

steward: 2

webhooks: 2

raven: 2

nodeSelectors:

platform:

longRunningTask:

ordinaryTask:

services:

componentsPusher:

api:

dockerRegistry:

loadBalancerIp:

secured:

tlsSecretName:

fluentd:

execGelfProto:

execGelfHost:

execGelfPort:

ironBank:

pssLoadBalancer:

quotaService:

maester:

steward:

entrypoints:

bloodyGate:

loadBalancer:

storage:

slugsSubPath:

stewardSubPath:

storageClassName:

persistentVolumeClaimName:

type:

fileSystemId:

config:

componentsConfiguration:

dockerRegistry: `2`

api: `2`

branRead: `2`

branWrite: `2`

dockerRegistry: `2`

facelessApi: `2`

frontend: `2`

goldDragonCoin: `2`

lookout: `2`

maester: `2`

pss: `2`

steward: `2`

webhooks: `2`

raven: `2`