additionalArgs |
list |
[] |
Additinal arguments to be added to the operator's args list. |
additionalEnv |
list |
[] |
Array containing extra environment variables which can be templated. For example: - name: RELEASE_NAME value: "{{ .Release.Name }}" - name: MY_VAR value: "mySpecialKey" |
affinity |
object |
{} |
Affinity for the operator to be installed. |
commonAnnotations |
object |
{} |
Annotations to be added to all other resources. |
config |
object |
{"create":true,"data":{},"name":"cnpg-controller-manager-config","secret":false} |
Operator configuration. |
config.create |
bool |
true |
Specifies whether the secret should be created. |
config.data |
object |
{} |
The content of the configmap/secret, see https://cloudnative-pg.io/documentation/current/operator_conf/#available-options for all the available options. |
config.name |
string |
"cnpg-controller-manager-config" |
The name of the configmap/secret to use. |
config.secret |
bool |
false |
Specifies whether it should be stored in a secret, instead of a configmap. |
containerSecurityContext |
object |
See below |
Container Security Context. |
containerSecurityContext.enableSecurityContext |
bool |
true |
Determines whether the container-level securityContext is included in the Deployment. Set to false to disable the container securityContext (useful for OpenShift). |
containerSecurityContext.allowPrivilegeEscalation |
bool |
false |
Controls whether a process can gain more privileges than its parent process. |
containerSecurityContext.readOnlyRootFilesystem |
bool |
true |
Whether the container has a read-only root filesystem. |
containerSecurityContext.runAsUser |
int |
10001 |
The user ID to run the container process. |
containerSecurityContext.runAsGroup |
int |
10001 |
The group ID for the container process. |
containerSecurityContext.seccompProfile |
object |
{"type":"RuntimeDefault"} |
Seccomp profile for the container. |
containerSecurityContext.capabilities |
object |
{"drop":["ALL"]} |
Linux capabilities to be dropped from the container. |
crds.create |
bool |
true |
Specifies whether the CRDs should be created when installing the chart. |
dnsPolicy |
string |
"" |
|
fullnameOverride |
string |
"" |
|
hostNetwork |
bool |
false |
|
image.pullPolicy |
string |
"IfNotPresent" |
|
image.repository |
string |
"ghcr.io/cloudnative-pg/cloudnative-pg" |
|
image.tag |
string |
"" |
Overrides the image tag whose default is the chart appVersion. |
imagePullSecrets |
list |
[] |
|
monitoring.grafanaDashboard.annotations |
object |
{} |
Annotations that ConfigMaps can have to get configured in Grafana. |
monitoring.grafanaDashboard.configMapName |
string |
"cnpg-grafana-dashboard" |
The name of the ConfigMap containing the dashboard. |
monitoring.grafanaDashboard.create |
bool |
false |
|
monitoring.grafanaDashboard.labels |
object |
{} |
Labels that ConfigMaps should have to get configured in Grafana. |
monitoring.grafanaDashboard.namespace |
string |
"" |
Allows overriding the namespace where the ConfigMap will be created, defaulting to the same one as the Release. |
monitoring.grafanaDashboard.sidecarLabel |
string |
"grafana_dashboard" |
Label that ConfigMaps should have to be loaded as dashboards. DEPRECATED: Use labels instead. |
monitoring.grafanaDashboard.sidecarLabelValue |
string |
"1" |
Label value that ConfigMaps should have to be loaded as dashboards. DEPRECATED: Use labels instead. |
monitoring.podMonitorAdditionalLabels |
object |
{} |
Additional labels for the podMonitor |
monitoring.podMonitorEnabled |
bool |
false |
Specifies whether the monitoring should be enabled. Requires Prometheus Operator CRDs. |
monitoring.podMonitorMetricRelabelings |
list |
[] |
Metrics relabel configurations to apply to samples before ingestion. |
monitoring.podMonitorRelabelings |
list |
[] |
Relabel configurations to apply to samples before scraping. |
monitoringQueriesConfigMap.name |
string |
"cnpg-default-monitoring" |
The name of the default monitoring configmap. |
monitoringQueriesConfigMap.queries |
string |
`"backends:\n query: |
\n SELECT sa.datname\n , sa.usename\n , sa.application_name\n , states.state\n , COALESCE(sa.count, 0) AS total\n , COALESCE(sa.max_tx_secs, 0) AS max_tx_duration_seconds\n FROM ( VALUES ('active')\n , ('idle')\n , ('idle in transaction')\n , ('idle in transaction (aborted)')\n , ('fastpath function call')\n , ('disabled')\n ) AS states(state)\n LEFT JOIN (\n SELECT datname\n , state\n , usename\n , COALESCE(application_name, '') AS application_name\n , COUNT(*)\n , COALESCE(EXTRACT (EPOCH FROM (max(now() - xact_start))), 0) AS max_tx_secs\n FROM pg_catalog.pg_stat_activity\n GROUP BY datname, state, usename, application_name\n ) sa ON states.state = sa.state\n WHERE sa.usename IS NOT NULL\n metrics:\n - datname:\n usage: "LABEL"\n description: "Name of the database"\n - usename:\n usage: "LABEL"\n description: "Name of the user"\n - application_name:\n usage: "LABEL"\n description: "Name of the application"\n - state:\n usage: "LABEL"\n description: "State of the backend"\n - total:\n usage: "GAUGE"\n description: "Number of backends"\n - max_tx_duration_seconds:\n usage: "GAUGE"\n description: "Maximum duration of a transaction in seconds"\n\nbackends_waiting:\n query: |
nameOverride |
string |
"" |
|
nodeSelector |
object |
{} |
Nodeselector for the operator to be installed. |
podAnnotations |
object |
{} |
Annotations to be added to the pod. |
podLabels |
object |
{} |
Labels to be added to the pod. |
podSecurityContext |
object |
{"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}} |
Security Context for the whole pod. |
priorityClassName |
string |
"" |
Priority indicates the importance of a Pod relative to other Pods. |
rbac.aggregateClusterRoles |
bool |
false |
Aggregate ClusterRoles to Kubernetes default user-facing roles. Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles |
rbac.create |
bool |
true |
Specifies whether ClusterRole and ClusterRoleBinding should be created. |
replicaCount |
int |
1 |
|
resources |
object |
{} |
|
service.name |
string |
"cnpg-webhook-service" |
DO NOT CHANGE THE SERVICE NAME as it is currently used to generate the certificate and can not be configured |
service.port |
int |
443 |
|
service.type |
string |
"ClusterIP" |
|
serviceAccount.create |
bool |
true |
Specifies whether the service account should be created. |
serviceAccount.name |
string |
"" |
The name of the service account to use. If not set and create is true, a name is generated using the fullname template. |
tolerations |
list |
[] |
Tolerations for the operator to be installed. |
webhook |
object |
{"livenessProbe":{"initialDelaySeconds":3},"mutating":{"create":true,"failurePolicy":"Fail"},"port":9443,"readinessProbe":{"initialDelaySeconds":3},"validating":{"create":true,"failurePolicy":"Fail"}} |
The webhook configuration. |