This is a helm chart for installing Alfresco
Package repository hosting is graciously provided by Cloudsmith. Cloudsmith is the only fully hosted, cloud-native, universal package management solution, that enables your organization to create, store and share packages in any format, to any place, with total confidence.
You can install this helm chart on you K8s cluster. Keep in mind that you will need to add some --set
statements for
this to work:
helm install alfresco \
--repo 'https://repo.xenit.eu/public/open-source/helm/charts/'
Or you can use it as a dependency in your requirements.yaml
in your own chart.
dependencies:
- name: alfresco
version: 0.1.2
repository: https://repo.xenit.eu/public/open-source/helm/charts/
Make sure you have the following installed:
- Kubectl: https://kubernetes.io/docs/tasks/tools/#kubectl
- docker: https://www.docker.com/get-started/
- Helm: https://helm.sh/docs/intro/install/
- kind: https://kind.sigs.k8s.io/docs/user/quick-start/
- skaffold: https://skaffold.dev/docs/install/
-
To start the cluster you have to create one using kind with the config file as a parameter that is under the directory kind:
kind create cluster --config=kind/config.yaml
-
switch to kind-kind context :
kubectl config use-context kind-kind
-
Add An ingress controller by running this command after starting the cluster:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
-
set up the image pull secrets like in the example and add them to the
general.imagePullSecrets
Example :
apiVersion: v1
kind: Secret
metadata:
name: secretName
namespace: {{ .Release.Namespace | quote }}
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" <<registry>> <<username>> <<password>> (printf "%s:%s" .username .password | b64enc) | b64enc }}
-
wait for the ingress controller to be ready you can check by running this command :
kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=90s
-
some the services are disabled by default to minimize the resource usage such as :
- solr
- transformServices
- digitalWorkspace
to enable them modify the values inside local-values.yaml
-
finally, run skaffold (instead of helm) and wait for the ingress controller to be ready first:
skaffold dev
This helm chart supports a lot of features like share and desktop sync. You are however yourself responsible to provide an ACS image with the correct amps installed to support these features. Please note that this helm chart is build to support the xenit open source images. These are build on the official Alfresco Images but have additional K8S support. The deployments that rely on Xenit Images are the following:
- acs
- share
- postgresql
- solr
For more information take a look at
- Required: false
- Default: true
- Description: Whether this is an enterprise version of Alfresco. In a community version Transform Service Router, Transform Service Shared File Storage, Clustering (replica count should always have a max of 1 for ACS pods) and Digital Workspace are disabled.
- Required: false
- Default: false
- Description: Setting this parameter to true will set all replicas to 0 and alter the default nginx rules to redirect the normal pages to a 503 maintenance page.
- Required: false
- Default:
type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0
- Description: You can overwrite here the rollout strategy of deployments. This will be effective on ALL deployments in the helm chart that have strategy type RollingUpdate (default)
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to ALL deployments and statefullSets
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here. The secrets will be referenced in all Deployments and StatefullSets.
- Required: false
- Default: None
- Description: will set a serviceType on the services that are exposed via an ingress. This might be useful for example when you are working on AWS infra with an AWS ALB which requires NodePort services
- Required: false
- Default: None
- Description: Used in the ACS and SyncService pod to access the Database and to set the username of the rootuser of the postgres (if enabled)
- Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random user will be used.
- Required: false
- Default: None
- Description: Used in the ACS and SyncService pod to access the Database and to set the password of the rootuser of the postgres (if enabled)
- Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random password will be used.
- Required: false
- Default: true
- Description: A field to enabled/disable network policies.
- Required: false
- Default: cilium
- Description: A field to tell the helm chart what cni provider your cluster is using. By default we assume cilium. If this is not the case you will need to add a network policy to allow the following
- Alfresco to access heartbeat
- Required: false
- Default: false
- Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets)
- Please note that when you enable this you are yourself responsible to provide a secret acs-secret in the namespace that you will install this chart in.
- Secret data expected:
GLOBAL_objectstorage.store.myS3ContentStore.value.accessKey
GLOBAL_objectstorage.store.myS3ContentStore.value.secretKey
- Required: false
- Default: false
- Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets)
- Please note that when you enable this you are yourself responsible to provide a secret mq-secret in the namespace that you will install this chart in.
- Secret data expected:
ACTIVEMQ_ADMIN_LOGIN
ACTIVEMQ_ADMIN_PASSWORD
GLOBAL_messaging.broker.username
GLOBAL_messaging.broker.password
- Required: false
- Default: false
- Description: Whether or not you want to provide secrets for the helm chart yourself. This is useful when working on a prod environment and you want a secure secret solution (for example Bitnami' Sealed secrets)
- Please note that when you enable this you are yourself responsible to provide a secret db-secret in the namespace that you will install this chart in.
- Secret data expected:
DB_USERNAME
DB_PASSWORD
POSTGRES_USER
POSTGRES_PASSWORD
- Required: true
- Default: None
- Description: The host that points to the alfresco cluster for all services besides the syncService service
- Required: when
syncService.enabled
istrue
- Default: None
- Description: The host that points to the alfresco cluster for the syncService service
- Required: false
- Default:
nginx
- Description: Reference name for the ingressClass to be used.
Replacement for
kubernetes.io/ingress.class
annotation since it's deprecation in k8s 1.18. Set tonull
to allow usage ofkubernetes.io/ingress.class
in theingress.ingressAnnotations
dict.
- Required: false
- Default:
kubernetes.io/ingress.class: "nginx" cert-manager.io/cluster-issuer: "letsencrypt-production"
- Description: Annotations for ingress.
- Remarks:
- The default value of
kubernetes.io/ingress.class: "nginx"
will be filtered out if theingress.ingressClass
is set (This includes the default value). Thekubernetes.io/ingress.class
is deprecated since k8s v1.18, but some setups still rely on it. Hence it can still be set and used ifingress.ingressClass
is set tonull
.
- The default value of
- Required: false
- Default: None
- Remark: Do not use this to set the root
/
path, that should be set by the defaultBackend - Example:
- path: /service-path
pathType: Prefix
backend:
service:
name: service-name
port:
number: service-port
- Description: used to add more path to ingress under the same host name for new services
-
Required: true
-
Default: nginx-default-service
-
Description: the default service name that ingress will point to
Note: root redirect on nginx: Nginx can be configured to redirect from root to a specific app through annotations.
ingress:
host: alf1.xenit.eu
protocol: https
ingressAnnotations:
nginx.ingress.kubernetes.io/app-root: /share
- Required: true
- Default: 30000
- Description: the default service port that ingress will point to
- Required: false
- Default: None
- Description: Setting this value will activate defaultBackend ingress setting. This will create a default, hostname independent, catch-all rule. This might be required if, for example on AWS, when an Internal loadbalancer is used that does not adhere to the hostname specific rules.
- Required: false
- Default: None
- Description: Setting this value will activate defaultBackend ingress setting. This will create a default, hostname independent, catch-all rule. This might be required if, for example on AWS, when an Internal loadbalancer is used that does not adhere to the hostname specific rules.
- Required: false
- Default:
true
- Description: Enable 403 handler for alfresco api solr endpoints
- Required: false
- Default:
- /alfresco/s/api/solr
- /alfresco/service/api/solr
- /alfresco/service/api/solr
- /alfresco/wcservice/api/solr
- Description: List of paths that are blocked
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
docker.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
xenit/alfresco-repository-community
- Description: The repository of the docker image that will be used
- Required: false
- Default:
7.2.0
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
httpGet:
path: /alfresco/api/-default-/public/alfresco/versions/1/probes/-live-
port: 8080
scheme: HTTP
failureThreshold: 1
initialDelaySeconds: 130
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 10
- Description: Specify the livenessProbe configuration for acs
- Required: false
- Default: None
- Description: Specify a custom livenessProbe configuration for acs (for example to replace httpGet with exec).
- When this is defined, acs.livenessProbe is ignored.
- Required: false
- Default:
httpGet:
path: /alfresco/api/-default-/public/alfresco/versions/1/probes/-ready-
port: 8080
scheme: HTTP
failureThreshold: 6
initialDelaySeconds: 60
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 10
- Description: Specify the readinessProbe configuration for acs
- Required: false
- Default: None
- Description: Specify a custom readinessProbe configuration for acs (for example to replace httpGet with exec).
- When this is defined, acs.readinessProbe is ignored.
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default:
jdbc:postgresql://postgresql:5432/alfresco
- Description: Must be overwritten to point to your DB if you are not using the provided postgresql
- Required: false
- Default:
org.postgresql.Driver
- Description: If you use another kind of DB then postgres you must specify the driver that needs to be used here
- Required: false
- Default:
443
- Description: Set to overwrite the share port
- Required: false
- Default:
https
- Description: Set to overwrite the share protocol
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the acs-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the acs deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the acs service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "2Gi" cpu: "2"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default: None
- Description: A list of configMaps that need to be mounted as volumes to the alfresco pods. Make sure the configMap specified exists. Layout should be as follows:
- mountPath: >-
/usr/local/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/oup-ad1
name: ldap1-ad-auth-volume
readOnly: true
- mountPath: >-
/usr/local/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/oup-ad2
name: ldap2-ad-auth-volume
readOnly: true
- mountPath: >-
/usr/local/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/oup-ad3
name: ldap3-ad-auth-volume
readOnly: true
- Required: false
- Default: None
- Description: A list of configMaps that need to be mounted as volumes to the alfresco pods. Make sure the configMap specified exists. Layout should be as follows:
- configMap:
defaultMode: 420
items:
- key: ldap-ad-authentication.properties
path: ldap-ad-authentication.properties
name: ldap1-ad-auth-config
name: ldap1-ad-auth-volume
- configMap:
defaultMode: 420
items:
- key: ldap-ad-authentication.properties
path: ldap-ad-authentication.properties
name: ldap2-ad-auth-config
name: ldap2-ad-auth-volume
- configMap:
defaultMode: 420
items:
- key: ldap-ad-authentication.properties
path: ldap-ad-authentication.properties
name: ldap3-ad-auth-config
name: ldap3-ad-auth-volume
- Required: false
- Default:
true
- Description: this will enable/disable the ingress for the acs-service. By default this rule will forward calls to /alfresco to acs-service:30000
- Required: false
- Default: empty
- Example
initContainers: - name: init-fs image: "busybox:1.35.0" imagePullPolicy: IfNotPresent resources: requests: memory: "50Mi" limits: memory: "100Mi" command: [ "sh", "-c", "chown -R 33031:1000 /opt/data" ]
- Description: add field of init containers to acs deployment
- Required: false
- Default:
true
- Description: Enable or disable the digital workspace
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
quay.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco/alfresco-digital-workspace
- Description: The repository of the docker image that will be used
- Required: false
- Default:
2.4.2-adw
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default:
/workspace
- Description: Specify the basepath where the digital workspace can be reached
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the digitalWorkspace-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Digital Workspace deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Digital Workspace service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "256Mi" cpu: "150m"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
true
- Description: this will enable/disable the ingress for the digitalWorkspaceService. By default this rule will forward calls to .Values.digitalWorkspace.basePath to digital-workspace-service:30200
- Required: false
- Default:
true
- Description: Enable or disable the share
- Required: false
- Default: false
- Description: If set to
true
the Share container will be installed inside the ACS pod.
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
docker.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco-share-community
- Description: The repository of the docker image that will be used
- Required: false
- Default:
7.2.0
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default: 1
- Description: Specify the livenessProbe failure thresh hold fp how many consecutive failure before it stops probing
- Required: false
- Default: 130
- Description: Specify the livenessProbe initial delay before it starts probing
- Required: false
- Default: 20
- Description: Specify the livenessProbe period between probes
- Required: false
- Default: 1
- Description: Specify the livenessProbe success thresh hold for how many consecutive successes for the probe to be considered successful after having failed
- Required: false
- Default: 10
- Description: Specify the livenessProbe timeout for probes to be considered as failure
- Required: false
- Default: 6
- Description: Specify the readinessProbe failure thresh hold fp how many consecutive failure before it stops probing
- Required: false
- Default: 60
- Description: Specify the readinessProbe initial delay before it starts probing
- Required: false
- Default: 20
- Description: Specify the readinessProbe period between probes
- Required: false
- Default: 1
- Description: Specify the readinessProbe success thresh hold for how many consecutive successes for the probe to be considered successful after having failed
- Required: false
- Default: 10
- Description: Specify the readinessProbe timeout for probes to be considered as failure
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the share-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Share deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Share service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "256Mi" cpu: "0.5"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
true
- Description: this will enable/disable the ingress for alfresco share. By default this rule will forward calls to /share to share-service:30100
- Required: false
- Default: None
- Description: Sets the username of the admin user of the MQ
- Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random login will be used.
- Required: false
- Default: None
- Description: Sets the password of the admin user of the MQ
- Note: If not specified the helm chart will try to reuse the value used in previous deployments. If these are not there a random password will be used.
- Required: false
- Default:
true
- Description: Enable or disable the Active MQ
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
docker.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco/alfresco-activemq
- Description: The repository of the docker image that will be used
- Required: false
- Default:
5.16.1
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
Recreate
- Description: Can be set to
RollingUpdate
if you want to create pod before killing existing pod
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the mq-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Active MQ deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Active MQ service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "512Mi" cpu: "0.5"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default: None
- Description: A list of additional volumes for the mq pods. Example:
- name: activemq-data-1
persistentVolumeClaim:
claimName: alfresco-pvc-1
- Required: false
- Default: None
- Description: A list of additional volume mounts for the mq pods. Example:
- name: activemq-data-1
mountPath: /mountpath
subPath: subpath
- Required: false
- Default:
true
- Description: Enable or disable the PostgresQl
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
docker.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
xenit/postgres
- Description: The repository of the docker image that will be used
- Required: false
- Default:
latest
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
Recreate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the postgresql-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the PostgresQl deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the PostgresQl service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "1Gi" cpu: "1"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
true
- Description: Enable or disable the Solr
-
Required: false
-
Default:
2
-
Description: The number of pods that will be running
-
Required: false
-
Default:
Parallel
-
Description: The way to manage multiple pod launching or termination possible values are
Parallel
orOrderedReady
find more information in Docs
- Required: false
- Default:
docker.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
xenit/alfresco-solr6-xenit
- Description: The repository of the docker image that will be used
- Required: false
- Default:
2.0.6
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
OnDelete
if you want your statefulSet controller to no automatically update the pods
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Solr deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Solr service
- Required: false
- Default: false
- Description: If true, this option enforces a pod anti-affinity on the Solr pods based on the zones.
I.e. if true, each Solr pod will require a unique zone. Starting more pods than zones will put the
remainder pods in a
Pending
state.
Please note that switching off the anti-affinity does not alter the anti-affinity of the already running pods!
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "4Gi" cpu: "1"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default: false
- Description:
- Enable or disable the Solr auto backup job , it will create a cron job that calls solr to start a backup snapshot.
- backup repository environment variables needs to be set if enabled:
- JAVA_OPTS_S3_ENDPOINT=-DS3_ENDPOINT=<endpoint_s3_protocol> - JAVA_OPTS_S3_REGION=-DS3_REGION=<bucket_s3_region> - JAVA_OPTS_S3_BUCKET_NAME=-DS3_BUCKET_NAME=<bucket_name> - JAVA_OPTS_AWS_ACCESS_KEY_ID=-Daws.accessKeyId=<access_key> - JAVA_OPTS_AWS_SECRET_ACCESS_KEY=-Daws.secretKey=<secret_key>
- Required: false
- Default: 0 * * * *
- Description: if
solr.autoBackup.enabled
is true then a cron job will be created with this value as its cron
- Required: false
- Description: if
solr.autoBackup.enabled
is true then a cron job will be created that will curl this url
- Required: false
- Default: true
- Description: Enable or disable the job readiness probe
- Required: false
- Default: 3
- Description: Specify the readinessProbe failure thresh hold fp how many consecutive failure before it stops probing
- Required: false
- Default: 30
- Description: Specify the readinessProbe initial delay before it starts probing
- Required: false
- Default: 10
- Description: Specify the readinessProbe period between probes
- Required: false
- Default: 1
- Description: Specify the readinessProbe success thresh hold for how many consecutive successes for the probe to be considered successful after having failed
- Required: false
- Default: 10
- Description: Specify the readinessProbe timeout for probes to be considered as failure
- Required: false
- Default:
true
- Description: Enable or disable the Transform Services
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here. they will be referenced in all transform services Deployments.
- Required: false
- Default:
true
- Description: Enable or disable the Shared File Store
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
docker.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco/alfresco-shared-file-store
- Description: The repository of the docker image that will be used
- Required: false
- Default:
0.16.1
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default: None
- Example:
scheduler.cleanup.interval: "10800000" scheduler.content.age.millis: "43200000"
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the sharedFileStore-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Transform Services deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Transform Services service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "512Mi" cpu: "200mi"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
true
- Description: Enable or disable the setting of /tmp/Alfresco owner to sfs user
- Required: false
- Default:
true
- Description: Enable or disable the Transform Core All In One
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
docker.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco/alfresco-transform-core-aio
- Description: The repository of the docker image that will be used
- Required: false
- Default:
latest
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default: None
- Example:
livenessPercent: "150" livenessTransformPeriodSeconds: "600" maxTransforms: "100000"
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the transformCoreAio-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: true
- Description: will enable liveness and readiness probes
additional settings can be added through additionalEnvironmentVariables.
livenessPercent: "150"
livenessTransformPeriodSeconds: "600"
maxTransforms: "100000"
- Required: false
- Default: None
- Example:
prometheus.io/path: actuator/prometheus prometheus.io/scrape: 'true'
- Description: With this list of parameters you can add 1 or multiple annotations to the Transform Core All In One
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Transform Core All In One service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "256Mi" cpu: "150m"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
true
- Description: Enable or disable the Transform Router
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
quay.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco/alfresco-transform-router
- Description: The repository of the docker image that will be used
- Required: false
- Default:
1.5.2
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the transformRouter-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Transform Router deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Transform Router service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "128Mi" cpu: "100m"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
true
- Description: Enable or disable the Sync Service
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
quay.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco/service-sync
- Description: The repository of the docker image that will be used
- Required: false
- Default:
3.4.0
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the syncService-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Sync Service deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Sync Service service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "512Mi" cpu: "0.5"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node### Sync Service
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
false
- Description: Enable or disable the Office Online Integration
- Required: false
- Default:
1
- Description: The number of pods that will be running
- Required: false
- Default:
quay.io
- Description: The registry where the docker container can be found in
- Required: false
- Default:
alfresco/alfresco-ooi-service
- Description: The repository of the docker image that will be used
- Required: false
- Default:
1.1.2
- Description: The tag of the docker image that will be used
- Required: false
- Default:
IfNotPresent
- Description: Specify when the pods should pull the image from the repositories
- Required: false
- Default:
RollingUpdate
- Description: Can be set to
Recreate
if you want all your pods to be killed before new ones are created
- Required: false
- Default: None
- Example:
environmentVariable1Key: environmentVariable1Value environmentVariable2Key: environmentVariable2Value
- Description: With this list of parameters you can add 1 or multiple environment variables that will be passed to the docker container. These will be stored in a config and are hence not safe for sensitive information
- Required: false
- Default: None
- Description: This allows you to add to the ooi-container envFrom section. This was added to allow to integrate secrets that are not added by this helm chart.
- Example:
- secretRef:
name: s3-secret
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Office Online Integration deployment
- Required: false
- Default: None
- Example:
annotation1Key: annotation1Value annotation2Key: annotation2Value
- Description: With this list of parameters you can add 1 or multiple annotations to the Office Online Integration service
- Required: false
- Default: None
- Description: If your pods need to run with a service account you can specify that here. Please note that you are yourself responsible to create the serviceAccount referenced in the namespace of this helm chart
- Required: false
- Default:
requests: memory: "128Mi" cpu: "100m"
- Description: The resources a node should keep reserved for your pod
- Required: false
- Default: None
- Description: The maximum resources a pod may consume from a node
- Required: false
- Default: None
- Example:
- name: privateDockerRepo1Secret - name: privateDockerRepo2Secret
- Description: If you use an image that is not public. then you can create dockerconfigjson secrets on your cluster and reference them here.
- Required: false
- Default:
true
- Description: this will enable/disable the ingress for the ooi-service. By default this rule will forward calls to /ooi-service to ooi-service:30500
- Required: false
- Default:
true
- Description: Enable or disable the creation of a PV and PVC for the ACS pods
- Required: false
- Default:
scw-bssd
- Description: Provide what storageClass should be used. For values other then
scw-bssd
standard
orefs-storage-class
you will need to make sure that that storage class is created
- Required: false
- Default:
3
- Description: The size in GB of the volume that should be reserved
- Required: when
persistentStorage.alfresco.storageClassName
isscw-bssd
- Default: None
- Description: The volume handle pointing to the AWS EFS location
- Required: false
- Default: None
- Description: A list of additional volume claims that can be added to the alfresco pods. Layout should be as follows:
- name: name1
mountPath: /apps/example
subPath: subPath/example
storageClassName: "standard"
storage: 2
efs:
volumeHandle: "efs-identifier"
- Required: false
- Default:
true
- Description: Enable or disable the creation of a PV and PVC for the PostgresQL pods
- Required: false
- Default:
scw-bssd
- Description: Provide what storageClass should be used. For values other then
scw-bssd
standard
orefs-storage-class
you will need to make sure that that storage class is created
- Required: false
- Default:
2
- Description: The size in GB of the volume that should be reserved
- Required: when
persistentStorage.postgres.storageClassName
isscw-bssd
- Default: None
- Description: The volume handle pointing to the AWS EFS location
- Required: false
- Default:
true
- Description: Enable or disable the creation of a PV and PVC for the SOLR pods
- Required: false
- Default:
scw-bssd
- Description: Provide what storageClass should be used. For values other then
scw-bssd
standard
orefs-storage-class
you will need to make sure that that storage class is created
- Required: false
- Default:
3
- Description: The size in GB of the volume that should be reserved
- Required: when
persistentStorage.solr.storageClassName
isscw-bssd
- Default: None
- Description: The volume handle pointing to the AWS EFS location
- Required: false
- Default:
true
- Description: Enable or disable the creation of a PV and PVC for the SOLR BACKUP for SOLR pods
- Required: false
- Default:
scw-bssd
- Description: Provide what storageClass should be used. For values other then
scw-bssd
standard
orefs-storage-class
you will need to make sure that that storage class is created
- Required: false
- Default:
3
- Description: The size in GB of the volume that should be reserved
- Required: when
persistentStorage.solrBackup.storageClassName
isscw-bssd
- Default: None
- Description: The volume handle pointing to the AWS EFS location
- Required: false
- Default:
true
- Description: Enable or disable the creation of a PV and PVC for the Shared File Store pods
- Required: false
- Default:
scw-bssd
- Description: Provide what storageClass should be used. For values other then
scw-bssd
standard
orefs-storage-class
you will need to make sure that that storage class is created
- Required: false
- Default:
3
- Description: The size in GB of the volume that should be reserved
- Required: when
persistentStorage.sharedFileStore.storageClassName
isscw-bssd
- Default: None
- Description: The volume handle pointing to the AWS EFS location
- Required: false
- Default:
true
- Description: Enable or disable the creation of a PV and PVC for the Active MQ pods
- Required: false
- Default:
true
- Description: Enable or disable the setting of mq data owner to amq user
- Required: false
- Default:
scw-bssd
- Description: Provide what storageClass should be used. For values other then
scw-bssd
standard
orefs-storage-class
you will need to make sure that that storage class is created
- Required: false
- Default:
3
- Description: The size in GB of the volume that should be reserved
- Required: when
persistentStorage.mq.storageClassName
isscw-bssd
- Default: None
- Description: The volume handle pointing to the AWS EFS location
- Required: false
- Default: None
- Description: A list of additional volume claims that can be added to the mq pods. Layout should be as follows:
- name: name1
mountPath: /apps/example
subPath: subPath/example
storageClassName: "standard"
storage: 2
efs:
volumeHandle: "efs-identifier"