forked from Deuxfleurs/garage
234 lines
6.7 KiB
YAML
234 lines
6.7 KiB
YAML
# Default values for garage.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# Garage configuration. These values go to garage.toml
|
|
garage:
|
|
# Can be changed for better performance on certain systems
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#db-engine-since-v0-8-0
|
|
dbEngine: "lmdb"
|
|
|
|
# Defaults is 1MB
|
|
# An increase can result in better performance in certain scenarios
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#block-size
|
|
blockSize: "1048576"
|
|
|
|
# Default to 3 replicas, see the replication_mode section at
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#replication-mode
|
|
replicationMode: "3"
|
|
|
|
# zstd compression level of stored blocks
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#compression-level
|
|
compressionLevel: "1"
|
|
|
|
rpcBindAddr: "[::]:3901"
|
|
# If not given, a random secret will be generated and stored in a Secret object
|
|
rpcSecret: ""
|
|
# This is not required if you use the integrated kubernetes discovery
|
|
bootstrapPeers: []
|
|
kubernetesSkipCrd: false
|
|
s3:
|
|
api:
|
|
region: "garage"
|
|
rootDomain: ".s3.garage.tld"
|
|
web:
|
|
rootDomain: ".web.garage.tld"
|
|
index: "index.html"
|
|
# Template for the garage configuration
|
|
# Values can be templated
|
|
# ref: https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/
|
|
garage.toml: |-
|
|
metadata_dir = "/mnt/meta"
|
|
data_dir = "/mnt/data"
|
|
|
|
db_engine = "{{ .Values.garage.dbEngine }}"
|
|
|
|
block_size = {{ .Values.garage.blockSize }}
|
|
|
|
replication_mode = "{{ .Values.garage.replicationMode }}"
|
|
|
|
compression_level = {{ .Values.garage.compressionLevel }}
|
|
|
|
rpc_bind_addr = "{{ .Values.garage.rpcBindAddr }}"
|
|
# rpc_secret will be populated by the init container from a k8s secret object
|
|
rpc_secret = "__RPC_SECRET_REPLACE__"
|
|
|
|
bootstrap_peers = {{ .Values.garage.bootstrapPeers }}
|
|
|
|
[kubernetes_discovery]
|
|
namespace = "{{ .Release.Namespace }}"
|
|
service_name = "{{ include "garage.fullname" . }}"
|
|
skip_crd = {{ .Values.garage.kubernetesSkipCrd }}
|
|
|
|
[s3_api]
|
|
s3_region = "{{ .Values.garage.s3.api.region }}"
|
|
api_bind_addr = "[::]:3900"
|
|
root_domain = "{{ .Values.garage.s3.api.rootDomain }}"
|
|
|
|
[s3_web]
|
|
bind_addr = "[::]:3902"
|
|
root_domain = "{{ .Values.garage.s3.web.rootDomain }}"
|
|
index = "{{ .Values.garage.s3.web.index }}"
|
|
|
|
[admin]
|
|
api_bind_addr = "[::]:3903"
|
|
{{- if .Values.monitoring.tracing.sink }}
|
|
trace_sink = "{{ .Values.monitoring.tracing.sink }}"
|
|
{{- end }}
|
|
|
|
# Data persistence
|
|
persistence:
|
|
enabled: true
|
|
meta:
|
|
# storageClass: "fast-storage-class"
|
|
size: 100Mi
|
|
# used only for daemon sets
|
|
hostPath: /var/lib/garage/meta
|
|
data:
|
|
# storageClass: "slow-storage-class"
|
|
size: 100Mi
|
|
# used only for daemon sets
|
|
hostPath: /var/lib/garage/data
|
|
|
|
# Deployment configuration
|
|
deployment:
|
|
# Switchable to DaemonSet
|
|
kind: StatefulSet
|
|
# Number of StatefulSet replicas/garage nodes to start
|
|
replicaCount: 3
|
|
|
|
image:
|
|
repository: dxflrs/amd64_garage
|
|
# please prefer using the chart version and not this tag
|
|
tag: ""
|
|
pullPolicy: IfNotPresent
|
|
|
|
initImage:
|
|
repository: busybox
|
|
tag: stable
|
|
pullPolicy: IfNotPresent
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
# Specifies whether a service account should be created
|
|
create: true
|
|
# Annotations to add to the service account
|
|
annotations: {}
|
|
# The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
podAnnotations: {}
|
|
|
|
podSecurityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
runAsNonRoot: true
|
|
|
|
securityContext:
|
|
# The default security context is heavily restricted
|
|
# feel free to tune it to your requirements
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
|
|
service:
|
|
# You can rely on any service to expose your cluster
|
|
# - ClusterIP (+ Ingress)
|
|
# - NodePort (+ Ingress)
|
|
# - LoadBalancer
|
|
type: ClusterIP
|
|
s3:
|
|
api:
|
|
port: 3900
|
|
web:
|
|
port: 3902
|
|
# NOTE: the admin API is excluded for now as it is not consistent across nodes
|
|
|
|
ingress:
|
|
s3:
|
|
api:
|
|
enabled: false
|
|
# Rely either on the className or the annotation below but not both
|
|
# replace "nginx" by an Ingress controller
|
|
# you can find examples here https://kubernetes.io/docs/concepts/services-networking/ingress-controllers
|
|
# className: "nginx"
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: "nginx"
|
|
# kubernetes.io/tls-acme: "true"
|
|
labels: {}
|
|
hosts:
|
|
- host: "s3.garage.tld" # garage S3 API endpoint
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
- host: "*.s3.garage.tld" # garage S3 API endpoint, DNS style bucket access
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls: []
|
|
# - secretName: my-garage-cluster-tls
|
|
# hosts:
|
|
# - kubernetes.docker.internal
|
|
web:
|
|
enabled: false
|
|
# Rely either on the className or the annotation below but not both
|
|
# replace "nginx" by an Ingress controller
|
|
# you can find examples here https://kubernetes.io/docs/concepts/services-networking/ingress-controllers
|
|
# className: "nginx"
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
labels: {}
|
|
hosts:
|
|
- host: "*.web.garage.tld" # wildcard website access with bucket name prefix
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
- host: "mywebpage.example.com" # specific bucket access with FQDN bucket
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls: []
|
|
# - secretName: my-garage-cluster-tls
|
|
# hosts:
|
|
# - kubernetes.docker.internal
|
|
|
|
resources: {}
|
|
# The following are indicative for a small-size deployement, for anything serious double them.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 1024Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 512Mi
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
monitoring:
|
|
metrics:
|
|
# If true, a service for monitoring is created with a prometheus.io/scrape annotation
|
|
enabled: false
|
|
serviceMonitor:
|
|
# If true, a ServiceMonitor CRD is created for a prometheus operator
|
|
# https://github.com/coreos/prometheus-operator
|
|
enabled: false
|
|
path: /metrics
|
|
# namespace: monitoring (defaults to use the namespace this chart is deployed to)
|
|
labels: {}
|
|
interval: 15s
|
|
scheme: http
|
|
tlsConfig: {}
|
|
scrapeTimeout: 10s
|
|
relabelings: []
|
|
tracing:
|
|
sink: ""
|