Generic Helm Chart

August 12, 2023 · View on GitHub

This chart is a template for common Kubernetes resource manifests, which should cover most use cases. Please read through the list of possible configuration parameters. If you miss a specific feature, you can easily add it via a pull request. If you don't think you can do that, just create a JIRA issue in the Container Platform Team JIRA project (Key: COP)

Change Log

In CHANGELOG.md are all changes since version 1.0.0 tracked with the corresponding migration guides.

Examples

You can find an example setup using the generic-chart in the examples directory. If you search of a more specific use-case, have a look at the test values.yaml in the tests/ directory.

Configuration

Parameter	Description	Default
replicaCount	Amount of `Pod` replicas	`1`
topologyKey	topologyKey	``
revisionHistoryLimit	Amount of old `ReplicaSets` for this `Deployment` should be retained	`1`
image.repository	URL to the container registry with organisation and repository	`nil`
image.tag	Image tag of the provided container repository	`nil`
image.pullPolicy	The pull policy when a image should be pulled (`IfNotPresent`, `Always`)	`IfNotPresent`
imagePullSecrets	Reference a `Secret` which should be use to authenticate against a container registry	`nil`
nameOverride	Override the fullname with this name	""
namespaceOverride	Overrides the namespace in every resource	`nil`
serviceAccount.create	If a `ServiceAccount` should be created. If `false` a `ServiceAccount` must be provided and configured correctly with its name under `serviceAccount.name`.	`true`
serviceAccount.name	Name of the `ServiceAccount`. If not set and create is true, a name is generated using the name template	`nil`
serviceAccount.automountServiceAccountToken	If `true` the `Secret` with the `Token` and `Certificates` of the `ServiceAccount` is mounted. Only required when access to the master API is necessary	`false`
serviceAccount.annotations	Sets `annotations` for the `ServiceAccount`	`{}`
network	Map of ports which should be exposed for services type ClusterIP. Adds `ports` section to the Pod template, adds `ports` section to Service and can create `Ingress` or `Route` and `ServiceMonitor` for the ports.	`network.http.servicePort: 8080`
network.{}.servicePort	Port number of the `Service` (e.g. 8080, 8443). If `nil` no port on the `Service` is exposed	`nil`
network.{}.containerPort	The port which is exposed on the `Pod`. If `nil` corresponds to the `network.{}.servicePort`	`nil`
network.{}.ingress	If not `nil` creates an `Ingress` or `Route` for the `Service` and its `servicePort`. If set to `{}` see `ingress.zone`	`nil`
network.{}.ingress.host	Sets the hostname for the `Ingress` or `Route`. If `nil` see `ingress.zone`	`nil`
network.{}.ingress.annotations	Sets `annotations` for the `Ingress` or `Route` instance	`{}`
network.{}.ingress.path	Sets the path for the `Ingress` or `Route` instance	`/`
network.{}.ingress.termination	TLS termination for the `Ingress` or `Route` instance. Possible values are `edge`, `passthrough` or `reencrypt`	`edge`
network.{}.ingress.enableIstioIngressGateway	Publish this service outside service mesh	`false`
network.{}.ingress.addAsEnv	If true, adds `network.{}.ingress.host` as environment variable. Default name is "INGRESS_HOST_"	`false`
network.{}.ingress.envNameOverride	Overrides the generated environment variable name which is set by `network.{}.ingress.addAsEnv`	`nil`
network.{}.ingress.enableIstioIngressGateway	Publish this service outside service mesh	`false`
network.{}.serviceMonitor	If set to `{}` creates a `ServiceMonitor` for the `Service` and its `servicePort` with default values for `interval`,`path` and `scheme`	`nil`
network.{}.serviceMonitor.interval	Interval at which metrics should be scraped	`30s`
network.{}.serviceMonitor.path	HTTP path to scrape for metrics.	`/metrics`
network.{}.serviceMonitor.scheme	HTTP scheme to scrape metrics	`http`
network.{}.serviceMonitor.extraConfig	Any additional configuration available under `endpoints` of the `ServiceMonitor`	`nil`
serviceLoadBalancer	Map of ports which should be exposed for services type LoadBalancer. Adds `ports` section to the Pod template, adds `ports` section to Service and can create `ServiceMonitor` for the ports.	`nil`
serviceLoadBalancer.{}.servicePort	Port number of the `Service` (e.g. 8080, 8443). If `nil` no port on the `Service` is exposed	`nil`
serviceLoadBalancer.{}.containerPort	The port which is exposed on the `Pod`. If `nil` corresponds to the `network.{}.servicePort`	`nil`
serviceLoadBalancer.{}.serviceMonitor	If set to `{}` creates a `ServiceMonitor` for the `Service` and its `servicePort` with default values for `interval`,`path` and `scheme`	`nil`
serviceLoadBalancer.{}.serviceMonitor.interval	Interval at which metrics should be scraped	`30s`
serviceLoadBalancer.{}.serviceMonitor.path	HTTP path to scrape for metrics.	`/metrics`
serviceLoadBalancer.{}.serviceMonitor.scheme	HTTP scheme to scrape metrics	`http`
serviceLoadBalancer.{}.serviceMonitor.extraConfig	Any additional configuration available under `endpoints` of the `ServiceMonitor`	`nil`
serviceLoadBalancerIP	LoadBalancer IP on which service will be exposed	`nil`
serviceLoadBalancerAnnotations	Sets `annotations` for the LoadBalancer type `Service`	`nil`
service.type	`Service` type (`ClusterIP`, `NodePort`, `ExternalName`)	`ClusterIP`
service.annotations	Sets `annotations` for the `Service`
ingress.controller	Sets the type of the ingress controller (e.g. Route, Ingress)	`Route`
ingress.zone	Deprecated: If set to `ch` or `sh` and `network.{}.ingress.host` is `nil`, the hostname is generated (~ $CHART_NAME-$ RELEASE_NAME. $ZONE$ ENV.os1.balgroupit.com)	`nil`
externalSecret.secretStoreRef	.spec.secretStoreRef of ExternalSecret	`{}`
externalSecret.target	.spec.target of ExternalSecret	`externalSecret.target`
externalSecret.addAsEnv	Mounts all referenced secret keys as environment variables	`true`
externalSecret.mountPath	If set, mounts all referenced Secret keys as file. Path should NOT end with a `/`.	`nil`
externalSecret.overrideName	Overrides default name of `ExternalSecret` or its resulting `Secret`	`.Release.Name`
externalSecret.refs	References to secrets in HashiCorp Vault	`[]`
externalSecret.refs.vaultPath	Path to secret in HashiCorp Vault (e.g. secrets/apps/exampleApplication/T/exampleSecret)	`[]`
externalSecret.refs.vaultKey	Key of the secret in HashiCorp Vault (e.g. password)	`nil`
externalSecret.refs.secretKey	Key for secret in the Kubernetes Secret (e.g. USERNAME). If not defined, `externalSecret.refs.vaultKey` is used.	`externalSecret.refs.vaultKey`
externalSecret.refs.addAsEnv	If true, secretKey is mounted as environment variable. Overrides externalSecret.addAsEnv	`externalSecret.addAsEnv`
externalSecret.refs.mountPath	If set, secretKey is mounted as file on given mountPath. Can only overrides externalSecret.mountPath but disable it	`externalSecret.mountPath`
externalSecret.refsFrom	References to secrets in HashiCorp Vault using all KV-pairs from a specified path	`[]`
externalSecret.refsFrom.vaultPath	Path to secret in HashiCorp Vault (e.g. secrets/apps/exampleApplication/T/exampleSecret), all contained KV-pairs will be added	`[]`
env	List of environment variables for the `Deployment`	`nil`
envFrom	Set environment variables from a `ConfigMap` or `Secret`. See `envFrom`	`nil`
deployment.stateful.enabled	If true uses `StatefulSet` instead of `Deployment`	`false`
deployment.stateful.podManagementPolicy	Defines `podManagementPolicy` for the `StatefulSet`	`OrderedReady`
deployment.stateful.servicePerPod	If `deployment.stateful` is true, a Service per stateful Pod is created. Required for e.g. Remote EJBs	`true`
deployment.stateful.routePerService	If `deployment.stateful` is true, a Route per stateful Service is created. Required for e.g. Remote EJBs	`true`
deployment.strategy	Specifies the `strategy` used to replace old Pods by new ones	`type: RollingUpdate`
persistence.enabled	If `true` a `PVC` is created	`false`
persistence.name	The name of the PVC	`generic-chart.name`
persistence.accessModes	`accessModes` of the PVC (ReadWriteOnce, ReadWriteMany)	`ReadWriteOnce`
persistence.storageClass	[`storageClass`] of the PVC (trident-nfs-snapshot, trident-nfs)	`nil`
persistence.size	Size of the PVC (e.g. 512Mi, 10Gi, 1Ti)	`nil`
persistence.volumeMountPath	Path where to volume should be mounted (e.g. `/var/data/`). If set, `volumes` and `volumeMounts` are configured	`nil`
persistence.annotations	Sets `annotations` for the `PersistentVolumeClaim`	`{}`
volumes	Set `Volumes` available to the `Pod`	`[]`
volumeMounts	Mounts a `Volume` defined in `volumes` in the container.	`[]`
readinessProbe	Defines the `readinessProbe`	`{}`
livenessProbe	Defines the `livenessProbe`	`{}`
startupProbe	Defines the `startupProbe`	`{}`
resources	CPU/Memory resource `requests/limits`	`{}`
podSecurityContext	`securityContext` of the `Pod`	`{}`
securityContext	`securityContext` for the container	`{}`
nodeSelector	`nodeSelector` schedules Pods only on matching nodes	`{}`
tolerations	`tolerations` allows to schedule `Pods` on nodes with `taints`	`{}`
affinity	Set `affinity` to control how pods are scheduled	`{}`
defaultAffinityRules.enabled	If `true` prevents that the `Pod` defined in `replicaCount` are not scheduled on the same node	`true`
annotations	Sets `annotations` for the `Pod`	`{}`
command	Sets `command` for the `Pod`.	`[]`
args	Sets `args` for the `Pod`.	`[]`
initContainers	Sets `initContainers` for the `Pod`.	`[]`
additionalContainers	Define additional containers for the `Pod`.	`[]`
enableServiceMesh	Enable or disable deployment of pods in a service mesh	`false`
enableReloader	Enable or disable automatic restarts of pods if a referenced ConfigMap or Secret has changed. More Info	`false`

Contributions

If you contribute new featuers or fix a bug, please update the .version in the Chart.yaml according to SemVer and update the documentation.

Testing

To run tests

make test

To update the snapshot files

make test-update

If you want to add your own test case, simply copy tests/simple in a new directory and adjust the test.yaml and values.yaml accordingly.