appscode/stash-enterprise

Chart version: v0.11.2
Api version: v1
App version: v0.11.2
Stash Enterprise by AppsCode - Enterprise features for Stash
application
Chart Type
Active
Status
Unknown
License
100
Downloads
https://charts.appscode.com/stable
Set me up:
helm repo add center https://repo.chartcenter.io
Install Chart:
helm install stash-enterprise center/appscode/stash-enterprise
Versions (0)

Stash Enterprise

Stash Enterprise by AppsCode - Enterprise features for Stash by AppsCode

TL;DR;

$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm install stash-enterprise appscode/stash-enterprise -n kube-system

Introduction

This chart deploys a Stash Enterprise operator on a Kubernetes cluster using the Helm package manager.

Prerequisites

  • Kubernetes 1.11+

Installing the Chart

To install the chart with the release name stash-enterprise:

$ helm install stash-enterprise appscode/stash-enterprise -n kube-system

The command deploys a Stash Enterprise operator on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation.

Tip: List all releases using helm list

Uninstalling the Chart

To uninstall/delete the stash-enterprise:

$ helm delete stash-enterprise -n kube-system

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The following table lists the configurable parameters of the stash-enterprise chart and their default values.

Parameter Description Default
nameOverride Overrides name template ""
fullnameOverride Overrides fullname template ""
replicaCount Number of stash operator replicas to create (only 1 is supported) 1
license License for the product. Get a license by following the steps from here.
Example:
helm install appscode/stash-enterprise \
--set-file license=/path/to/license/file
or
helm install appscode/stash-enterprise \
--set license=<license file content>
""
licenseApiService Name of the ApiService to use by the addon to identify the respective service and certificate for license verification request v1beta1.admission.stash.appscode.com
operator.registry Docker registry used to pull operator image stashed
operator.repository Name of operator container image stash-enterprise
operator.tag Operator container image tag v0.11.2
operator.resources Compute Resources required by the operator container {"requests":{"cpu":"100m"}}
operator.securityContext Security options the operator container should run with {}
pushgateway.registry Docker registry used to pull Prometheus pushgateway image prom
pushgateway.repository Prometheus pushgateway container image pushgateway
pushgateway.tag Prometheus pushgateway container image tag v1.2.0
pushgateway.resources Compute Resources required by the Prometheus pushgateway container {}
pushgateway.securityContext Security options the Prometheus pushgateway container should run with {}
cleaner.registry Docker registry used to pull Webhook cleaner image appscode
cleaner.repository Webhook cleaner container image kubectl
cleaner.tag Webhook cleaner container image tag v1.16
imagePullSecrets Specify an array of imagePullSecrets. Secrets must be manually created in the namespace.
Example:
helm template charts/stash \
--set imagePullSecrets[0].name=sec0 \
--set imagePullSecrets[1].name=sec1
[]
imagePullPolicy Container image pull policy IfNotPresent
criticalAddon If true, installs Stash operator as critical addon false
logLevel Log level for operator 3
annotations Annotations applied to operator deployment {}
podAnnotations Annotations passed to operator pod(s). {}
nodeSelector Node labels for pod assignment {"beta.kubernetes.io/arch":"amd64","beta.kubernetes.io/os":"linux"}
tolerations Tolerations for pod assignment []
affinity Affinity rules for pod assignment {}
podSecurityContext Security options the operator pod should run with. {"fsGroup":65535}
serviceAccount.create Specifies whether a service account should be created true
serviceAccount.annotations Annotations to add to the service account {}
serviceAccount.name The name of the service account to use. If not set and create is true, a name is generated using the fullname template
apiserver.groupPriorityMinimum The minimum priority the webhook api group should have at least. Please see https://github.com/kubernetes/kube-aggregator/blob/release-1.9/pkg/apis/apiregistration/v1beta1/types.go#L58-L64 for more information on proper values of this field. 10000
apiserver.versionPriority The ordering of the webhook api inside of the group. Please see https://github.com/kubernetes/kube-aggregator/blob/release-1.9/pkg/apis/apiregistration/v1beta1/types.go#L66-L70 for more information on proper values of this field 15
apiserver.enableMutatingWebhook If true, mutating webhook is configured for Kubernetes workloads true
apiserver.enableValidatingWebhook If true, validating webhook is configured for Stash CRDss true
apiserver.ca CA certificate used by the Kubernetes api server. This field is automatically assigned by the operator. not-ca-cert
apiserver.bypassValidatingWebhookXray If true, bypasses checks that validating webhook is actually enabled in the Kubernetes cluster. false
apiserver.useKubeapiserverFqdnForAks If true, uses kube-apiserver FQDN for AKS cluster to workaround https://github.com/Azure/AKS/issues/522 (default true) true
apiserver.healthcheck.enabled If true, enables the readiness and liveliness probes for the operator pod. false
apiserver.servingCerts.generate If true, generates on install/upgrade the certs that allow the kube-apiserver (and potentially ServiceMonitor) to authenticate operators pods. Otherwise specify certs in apiserver.servingCerts.{caCrt, serverCrt, serverKey}. true
apiserver.servingCerts.caCrt CA certficate used by serving certificate of webhook server. ""
apiserver.servingCerts.serverCrt Serving certficate used by webhook server. ""
apiserver.servingCerts.serverKey Private key for the serving certificate used by webhook server. ""
enableAnalytics If true, sends usage analytics true
monitoring.agent Name of monitoring agent (either “prometheus.io/operator” or “prometheus.io/builtin”) "none"
monitoring.backup Specify whether to monitor Stash backup and recovery false
monitoring.operator Specify whether to monitor Stash operator false
monitoring.prometheus.namespace Specify the namespace where Prometheus server is running or will be deployed. ""
monitoring.serviceMonitor.labels Specify the labels for ServiceMonitor. Prometheus crd will select ServiceMonitor using these labels. Only usable when monitoring agent is prometheus.io/operator. {}
security.apparmor.enabled Optional: Allows the default AppArmor profile, requires setting the default. false
security.seccomp.enabled Optional: Allows the default seccomp profile, requires setting the default. false
security.podSecurityPolicies PSP names passed to operator
Example:
helm install appscode/stash \
--set podSecurityPolicies[0]=abc \
--set podSecurityPolicies[1]=xyz
["baseline"]
platform.openshift Set true, if installed in OpenShift false
netVolAccessor.cpu CPU resource for each network volume accessor deployment 100m
netVolAccessor.memory Memory for each network volume accessor deployment 128Mi
netVolAccessor.runAsUser Run the network volume accessor with this UID. 2000
netVolAccessor.privileged Run the network volume accessor deployments in privileged mode false

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example:

$ helm install stash-enterprise appscode/stash-enterprise -n kube-system --set replicaCount=1

Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example:

$ helm install stash-enterprise appscode/stash-enterprise -n kube-system --values values.yaml