Generic Helm Chart

This chart is a template for common Kubernetes resource manifests, which should cover most use cases. Please read through the list of possible configuration parameters. If you miss a specific feature, you can easily add it via a pull request. If you don't think you can do that, just create a JIRA issue in the Container Platform Team JIRA project (Key: COP)

Change Log

In CHANGELOG.md are all changes since version 1.0.0 tracked with the corresponding migration guides.

Examples

You can find an example setup using the generic-chart in the examples directory. If you search of a more specific use-case, have a look at the test values.yaml in the tests/ directory.

Configuration

Parameter	Description	Default
replicaCount	Amount of Pod replicas	1
topologyKey	topologyKey	``
revisionHistoryLimit	Amount of old ReplicaSets for this Deployment should be retained	1
image.repository	URL to the container registry with organisation and repository	nil
image.tag	Image tag of the provided container repository	nil
image.pullPolicy	The pull policy when a image should be pulled (IfNotPresent, Always)	IfNotPresent
imagePullSecrets	Reference a Secret which should be use to authenticate against a container registry	nil
nameOverride	Override the fullname with this name	""
namespaceOverride	Overrides the namespace in every resource	nil
serviceAccount.create	If a ServiceAccount should be created. If false a ServiceAccount must be provided and configured correctly with its name under serviceAccount.name.	true
serviceAccount.name	Name of the ServiceAccount. If not set and create is true, a name is generated using the name template	nil
serviceAccount.automountServiceAccountToken	If true the Secret with the Token and Certificates of the ServiceAccount is mounted. Only required when access to the master API is necessary	false
serviceAccount.annotations	Sets annotations for the ServiceAccount	{}
network	Map of ports which should be exposed for services type ClusterIP. Adds ports section to the Pod template, adds ports section to Service and can create Ingress or Route and ServiceMonitor for the ports.	network.http.servicePort: 8080
network.{}.servicePort	Port number of the Service (e.g. 8080, 8443). If nil no port on the Service is exposed	nil
network.{}.containerPort	The port which is exposed on the Pod. If nil corresponds to the network.{}.servicePort	nil
network.{}.ingress	If not nil creates an Ingress or Route for the Service and its servicePort. If set to {} see ingress.zone	nil
network.{}.ingress.host	Sets the hostname for the Ingress or Route. If nil see ingress.zone	nil
network.{}.ingress.annotations	Sets annotations for the Ingress or Route instance	{}
network.{}.ingress.path	Sets the path for the Ingress or Route instance	/
network.{}.ingress.termination	TLS termination for the Ingress or Route instance. Possible values are edge, passthrough or reencrypt	edge
network.{}.ingress.enableIstioIngressGateway	Publish this service outside service mesh	false
network.{}.ingress.addAsEnv	If true, adds network.{}.ingress.host as environment variable. Default name is "INGRESS_HOST_"	false
network.{}.ingress.envNameOverride	Overrides the generated environment variable name which is set by network.{}.ingress.addAsEnv	nil
network.{}.ingress.enableIstioIngressGateway	Publish this service outside service mesh	false
network.{}.serviceMonitor	If set to {} creates a ServiceMonitor for the Service and its servicePort with default values for interval,path and scheme	nil
network.{}.serviceMonitor.interval	Interval at which metrics should be scraped	30s
network.{}.serviceMonitor.path	HTTP path to scrape for metrics.	/metrics
network.{}.serviceMonitor.scheme	HTTP scheme to scrape metrics	http
network.{}.serviceMonitor.extraConfig	Any additional configuration available under endpoints of the ServiceMonitor	nil
serviceLoadBalancer	Map of ports which should be exposed for services type LoadBalancer. Adds ports section to the Pod template, adds ports section to Service and can create ServiceMonitor for the ports.	nil
serviceLoadBalancer.{}.servicePort	Port number of the Service (e.g. 8080, 8443). If nil no port on the Service is exposed	nil
serviceLoadBalancer.{}.containerPort	The port which is exposed on the Pod. If nil corresponds to the network.{}.servicePort	nil
serviceLoadBalancer.{}.serviceMonitor	If set to {} creates a ServiceMonitor for the Service and its servicePort with default values for interval,path and scheme	nil
serviceLoadBalancer.{}.serviceMonitor.interval	Interval at which metrics should be scraped	30s
serviceLoadBalancer.{}.serviceMonitor.path	HTTP path to scrape for metrics.	/metrics
serviceLoadBalancer.{}.serviceMonitor.scheme	HTTP scheme to scrape metrics	http
serviceLoadBalancer.{}.serviceMonitor.extraConfig	Any additional configuration available under endpoints of the ServiceMonitor	nil
serviceLoadBalancerIP	LoadBalancer IP on which service will be exposed	nil
serviceLoadBalancerAnnotations	Sets annotations for the LoadBalancer type Service	nil
service.type	Service type (ClusterIP, NodePort, ExternalName)	ClusterIP
service.annotations	Sets annotations for the Service
ingress.controller	Sets the type of the ingress controller (e.g. Route, Ingress)	Route
ingress.zone	Deprecated: If set to ch or sh and network.{}.ingress.host is nil, the hostname is generated (~ $CHART_NAME-$RELEASE_NAME.$ZONE$ENV.os1.balgroupit.com)	nil
externalSecret.secretStoreRef	.spec.secretStoreRef of ExternalSecret	{}
externalSecret.target	.spec.target of ExternalSecret	externalSecret.target
externalSecret.addAsEnv	Mounts all referenced secret keys as environment variables	true
externalSecret.mountPath	If set, mounts all referenced Secret keys as file. Path should NOT end with a /.	nil
externalSecret.overrideName	Overrides default name of ExternalSecret or its resulting Secret	.Release.Name
externalSecret.refs	References to secrets in HashiCorp Vault	[]
externalSecret.refs.vaultPath	Path to secret in HashiCorp Vault (e.g. secrets/apps/exampleApplication/T/exampleSecret)	[]
externalSecret.refs.vaultKey	Key of the secret in HashiCorp Vault (e.g. password)	nil
externalSecret.refs.secretKey	Key for secret in the Kubernetes Secret (e.g. USERNAME). If not defined, externalSecret.refs.vaultKey is used.	externalSecret.refs.vaultKey
externalSecret.refs.addAsEnv	If true, secretKey is mounted as environment variable. Overrides externalSecret.addAsEnv	externalSecret.addAsEnv
externalSecret.refs.mountPath	If set, secretKey is mounted as file on given mountPath. Can only overrides externalSecret.mountPath but disable it	externalSecret.mountPath
externalSecret.refsFrom	References to secrets in HashiCorp Vault using all KV-pairs from a specified path	[]
externalSecret.refsFrom.vaultPath	Path to secret in HashiCorp Vault (e.g. secrets/apps/exampleApplication/T/exampleSecret), all contained KV-pairs will be added	[]
env	List of environment variables for the Deployment	nil
envFrom	Set environment variables from a ConfigMap or Secret. See envFrom	nil
deployment.stateful.enabled	If true uses StatefulSet instead of Deployment	false
deployment.stateful.podManagementPolicy	Defines podManagementPolicy for the StatefulSet	OrderedReady
deployment.stateful.servicePerPod	If deployment.stateful is true, a Service per stateful Pod is created. Required for e.g. Remote EJBs	true
deployment.stateful.routePerService	If deployment.stateful is true, a Route per stateful Service is created. Required for e.g. Remote EJBs	true
deployment.strategy	Specifies the strategy used to replace old Pods by new ones	type: RollingUpdate
persistence.enabled	If true a PVC is created	false
persistence.name	The name of the PVC	generic-chart.name
persistence.accessModes	accessModes of the PVC (ReadWriteOnce, ReadWriteMany)	ReadWriteOnce
persistence.storageClass	[storageClass] of the PVC (trident-nfs-snapshot, trident-nfs)	nil
persistence.size	Size of the PVC (e.g. 512Mi, 10Gi, 1Ti)	nil
persistence.volumeMountPath	Path where to volume should be mounted (e.g. /var/data/). If set, volumes and volumeMounts are configured	nil
persistence.annotations	Sets annotations for the PersistentVolumeClaim	{}
volumes	Set Volumes available to the Pod	[]
volumeMounts	Mounts a Volume defined in volumes in the container.	[]
readinessProbe	Defines the readinessProbe	{}
livenessProbe	Defines the livenessProbe	{}
startupProbe	Defines the startupProbe	{}
resources	CPU/Memory resource requests/limits	{}
podSecurityContext	securityContext of the Pod	{}
securityContext	securityContext for the container	{}
nodeSelector	nodeSelector schedules Pods only on matching nodes	{}
tolerations	tolerations allows to schedule Pods on nodes with taints	{}
affinity	Set affinity to control how pods are scheduled	{}
defaultAffinityRules.enabled	If true prevents that the Pod defined in replicaCount are not scheduled on the same node	true
annotations	Sets annotations for the Pod	{}
command	Sets command for the Pod.	[]
args	Sets args for the Pod.	[]
initContainers	Sets initContainers for the Pod.	[]
additionalContainers	Define additional containers for the Pod.	[]
enableServiceMesh	Enable or disable deployment of pods in a service mesh	false
enableReloader	Enable or disable automatic restarts of pods if a referenced ConfigMap or Secret has changed. More Info	false

Contributions

If you contribute new featuers or fix a bug, please update the .version in the Chart.yaml according to SemVer and update the documentation.

Testing

To run tests

make test

To update the snapshot files

make test-update

If you want to add your own test case, simply copy tests/simple in a new directory and adjust the test.yaml and values.yaml accordingly.