This chart deploys the GlueOps Platform
Key | Type | Default | Description |
---|---|---|---|
captain_domain | string | "placeholder_cluster_environment.placeholder_tenant_key.placeholder_glueops_root_domain" |
The Route53 subdomain for the services on your cluster. It will be used as the suffix url for argocd, grafana, vault, and any other services that come out of the box in the glueops platform. Note: you need to create this before using this repo as this repo does not provision DNS Zones for you. This is the domain you created through: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
captain_repo.private_b64enc_deploy_key | string | "placeholder_captain_repo_b64enc_private_deploy_key" |
This is a read only deploy key that will be used to read the captain repo. Part of output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
captain_repo.ssh_clone_url | string | "placeholder_captain_repo_ssh_clone_url" |
This is the github url of the captain repo https://github.com/glueops/development-captains/tenant . Part of output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
certManager.aws_accessKey | string | "placeholder_certmanager_aws_access_key" |
Part of certmanager_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
certManager.aws_region | string | "placeholder_aws_region" |
Should be the same primary_region you used in: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
certManager.aws_secretKey | string | "placeholder_certmanager_aws_secret_key" |
Part of certmanager_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
container_images.app_backup_and_exports.backup_tools.image.registry | string | "ghcr.io" |
|
container_images.app_backup_and_exports.backup_tools.image.repository | string | "glueops/backup-tools" |
|
container_images.app_backup_and_exports.backup_tools.image.tag | string | "v0.17.2@sha256:7f92a4cedbf3a60f368bade6a7c41c5c6ead60805255568e2abb1c5c3cf51672" |
|
container_images.app_backup_and_exports.certs_backup_restore.image.registry | string | "ghcr.io" |
|
container_images.app_backup_and_exports.certs_backup_restore.image.repository | string | "glueops/certs-backup-restore" |
|
container_images.app_backup_and_exports.certs_backup_restore.image.tag | string | "v0.10.1@sha256:71c22ce97be9daddbfab90a26a59a900c00c18daec361c806918e52903513238" |
|
container_images.app_backup_and_exports.vault_backup_validator.image.registry | string | "ghcr.io" |
|
container_images.app_backup_and_exports.vault_backup_validator.image.repository | string | "glueops/vault-backup-validator" |
|
container_images.app_backup_and_exports.vault_backup_validator.image.tag | string | "v0.3.4@sha256:87f4dd53cb4eff711e46193c1756abf278be4eae1cef1431b266b1254558947f" |
|
container_images.app_cluster_info_page.cluster_information_help_page_html.image.registry | string | "ghcr.io" |
|
container_images.app_cluster_info_page.cluster_information_help_page_html.image.repository | string | "glueops/cluster-information-help-page-html" |
|
container_images.app_cluster_info_page.cluster_information_help_page_html.image.tag | string | "v0.4.5@sha256:5f1843dfa2f76eea0a5e9a792867305d50b6f2d27e010d003a9ce79eb4188d16" |
|
container_images.app_dex.dex.image.registry | string | "ghcr.io" |
|
container_images.app_dex.dex.image.repository | string | "dexidp/dex" |
|
container_images.app_dex.dex.image.tag | string | "v2.41.1@sha256:bc7cfce7c17f52864e2bb2a4dc1d2f86a41e3019f6d42e81d92a301fad0c8a1d" |
|
container_images.app_fluent_operator.image.registry | string | "docker.io" |
|
container_images.app_fluent_operator.image.repository | string | "kubesphere/fluent-operator" |
|
container_images.app_fluent_operator.image.tag | string | "v2.7.0@sha256:b0668c0d878bde4ab04802a7e92d0dd3bef4c1fed1b5e63cf83d49bb3c5d3947" |
|
container_images.app_glueops_alerts.cluster_monitoring.image.registry | string | "ghcr.io" |
|
container_images.app_glueops_alerts.cluster_monitoring.image.repository | string | "glueops/cluster-monitoring" |
|
container_images.app_glueops_alerts.cluster_monitoring.image.tag | string | "v0.8.1@sha256:aa12c39244682d61a48fc374f97f318943c42c36347bf333105c5f4802721419" |
|
container_images.app_ingress_nginx.controller.image.registry | string | "registry.k8s.io" |
|
container_images.app_ingress_nginx.controller.image.repository | string | "ingress-nginx/controller" |
|
container_images.app_ingress_nginx.controller.image.tag | string | "v1.11.4@sha256:981a97d78bee3109c0b149946c07989f8f1478a9265031d2d23dea839ba05b52" |
|
container_images.app_kube_prometheus_stack.grafana.image.registry | string | "docker.io" |
|
container_images.app_kube_prometheus_stack.grafana.image.repository | string | "grafana/grafana" |
|
container_images.app_kube_prometheus_stack.grafana.image.tag | string | "10.4.13@sha256:c8644d0d41757dd444bd1aabc23740be71f0a34549128454a2b37f57a0c496b0" |
|
container_images.app_loki.loki.image.registry | string | "docker.io" |
|
container_images.app_loki.loki.image.repository | string | "grafana/loki" |
|
container_images.app_loki.loki.image.tag | string | "2.9.10@sha256:35b02acc67654ddc38273e519b4f26f3967a907b9db5489af300c21f37ee1ae7" |
|
container_images.app_loki_alert_group_controller.loki_alert_group_controller.image.registry | string | "ghcr.io" |
|
container_images.app_loki_alert_group_controller.loki_alert_group_controller.image.repository | string | "glueops/metacontroller-operator-loki-rule-group" |
|
container_images.app_loki_alert_group_controller.loki_alert_group_controller.image.tag | string | "v0.4.6@sha256:61aa2e48fd5c2277551daca68f287e77530a357d280a8199a5db5724b255401c" |
|
container_images.app_metacontroller.metacontroller.image.registry | string | "ghcr.io" |
|
container_images.app_metacontroller.metacontroller.image.repository | string | "metacontroller/metacontroller" |
|
container_images.app_metacontroller.metacontroller.image.tag | string | "v4.11.22@sha256:eaa81a295876608f9098f08bd722e86ce4598a455b44f1d318a89866606dac85" |
|
container_images.app_network_exporter.network_exporter.image.registry | string | "docker.io" |
|
container_images.app_network_exporter.network_exporter.image.repository | string | "syepes/network_exporter" |
|
container_images.app_network_exporter.network_exporter.image.tag | string | "1.7.9@sha256:36cd647c80c30e3f5b78f9d2ca60f38e1d024fb3b9588a845cac2dc3f4fb75e1" |
|
container_images.app_promtail.promtail.image.registry | string | "docker.io" |
|
container_images.app_promtail.promtail.image.repository | string | "grafana/promtail" |
|
container_images.app_promtail.promtail.image.tag | string | "2.9.10@sha256:63a2e57a5b1401109f77d36a49a637889d431280ed38f5f885eedcd3949e52cf" |
|
container_images.app_pull_request_bot.pull_request_bot.image.registry | string | "ghcr.io" |
|
container_images.app_pull_request_bot.pull_request_bot.image.repository | string | "glueops/pull-request-bot" |
|
container_images.app_pull_request_bot.pull_request_bot.image.tag | string | "v0.22.1@sha256:cab3ba01ed7dd833d539afd0c0bb07e035415f7d22485d94a6b2ad41e658b69b" |
|
container_images.app_qr_code_generator.qr_code_generator.image.registry | string | "ghcr.io" |
|
container_images.app_qr_code_generator.qr_code_generator.image.repository | string | "glueops/qr-code-generator" |
|
container_images.app_qr_code_generator.qr_code_generator.image.tag | string | "v0.7.1@sha256:884d67d4e17f3c4567dcb79eb3491099c448b58dc0c81ae848b50cd8cf314d22" |
|
container_images.app_vault.vault.image.registry | string | "docker.io" |
|
container_images.app_vault.vault.image.repository | string | "hashicorp/vault" |
|
container_images.app_vault.vault.image.tag | string | "1.14.10@sha256:14be0a8eb323181a56d10facab3b424809d9921e85d2f2678126ce232766a8e1" |
|
container_images.app_vault_init_controller.vault_init_controller.image.registry | string | "ghcr.io" |
|
container_images.app_vault_init_controller.vault_init_controller.image.repository | string | "glueops/vault-init-controller" |
|
container_images.app_vault_init_controller.vault_init_controller.image.tag | string | "v0.8.1@sha256:9390672242268a812022cc736f0cc7e3506ddb94856c56eab0eb7f59a2b12b6e" |
|
daemonset_tolerations[0].effect | string | "NoSchedule" |
|
daemonset_tolerations[0].operator | string | "Exists" |
|
daemonset_tolerations[1].effect | string | "NoExecute" |
|
daemonset_tolerations[1].key | string | "node.kubernetes.io/not-ready" |
|
daemonset_tolerations[1].operator | string | "Exists" |
|
daemonset_tolerations[2].effect | string | "NoExecute" |
|
daemonset_tolerations[2].key | string | "node.kubernetes.io/unreachable" |
|
daemonset_tolerations[2].operator | string | "Exists" |
|
daemonset_tolerations[3].effect | string | "NoSchedule" |
|
daemonset_tolerations[3].key | string | "node.kubernetes.io/disk-pressure" |
|
daemonset_tolerations[3].operator | string | "Exists" |
|
daemonset_tolerations[4].effect | string | "NoSchedule" |
|
daemonset_tolerations[4].key | string | "node.kubernetes.io/memory-pressure" |
|
daemonset_tolerations[4].operator | string | "Exists" |
|
daemonset_tolerations[5].effect | string | "NoSchedule" |
|
daemonset_tolerations[5].key | string | "node.kubernetes.io/pid-pressure" |
|
daemonset_tolerations[5].operator | string | "Exists" |
|
daemonset_tolerations[6].effect | string | "NoSchedule" |
|
daemonset_tolerations[6].key | string | "node.kubernetes.io/unschedulable" |
|
daemonset_tolerations[6].operator | string | "Exists" |
|
daemonset_tolerations[7].effect | string | "NoSchedule" |
|
daemonset_tolerations[7].key | string | "node.kubernetes.io/network-unavailable" |
|
daemonset_tolerations[7].operator | string | "Exists" |
|
dex.argocd.client_secret | string | "placeholder_dex_argocd_client_secret" |
Specify a unique password here. This will be used to connect argocd via OIDC to the Dex IDP. You can create one with in bash openssl rand -base64 32 |
dex.github.client_id | string | "placeholder_dex_github_client_id" |
To create a clientID please reference: https://github.com/GlueOps/github-oauth-apps/tree/v0.0.1 |
dex.github.client_secret | string | "placeholder_dex_github_client_secret" |
To create a clientSecret please reference: https://github.com/GlueOps/github-oauth-apps/tree/v0.0.1 |
dex.github.orgs | list | ["placeholder_admin_github_org_name","placeholder_tenant_github_org_name"] |
Specify the github orgs you want to allow access to. This is a list of strings. Note: users still need to be in the proper groups to have access. |
dex.grafana.client_secret | string | "placeholder_dex_grafana_client_secret" |
Specify a unique password here. This will be used to connect grafana via OAuth to the Dex IDP. You can create one with in bash openssl rand -base64 32 |
dex.pomerium.client_secret | string | "placeholder_dex_pomerium_client_secret" |
Specify a unique password here. This will be used to connect argocd via OIDC to the Dex IDP. You can create one with in bash openssl rand -base64 32 |
dex.vault.client_secret | string | "placeholder_dex_vault_client_secret" |
|
externalDns.aws_accessKey | string | "placeholder_externaldns_aws_access_key" |
Part of externaldns_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
externalDns.aws_region | string | "placeholder_aws_region" |
Should be the same primary_region you used in: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
externalDns.aws_secretKey | string | "placeholder_externaldns_aws_secret_key" |
Part of externaldns_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
gitHub.github_app_b64enc_private_key | string | "placeholder_github_tenant_app_b64enc_private_key" |
|
gitHub.github_app_id | string | "placeholder_github_tenant_app_id" |
Create an Application in the tenant's github organization that has repo scope access and can comment against PRs. https://docs.github.com/en/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app. Format the key using format using `cat |
gitHub.github_app_installation_id | string | "placeholder_github_tenant_app_installation_id" |
|
gitHub.tenant_github_org | string | "placeholder_tenant_github_org_name" |
|
gitHub.tenant_github_org_and_team | string | "placeholder_tenant_github_org_name:developers" |
The format is: : (The team should include the developers) |
glueops_alerts.opsgenie_apikey | string | "placeholder_opsgenie_api_key" |
Found at opsgenie_credentials in the json output that is part of opsgenie_prometheus_api_keys output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
glueops_backups.s3_bucket_name | string | "glueops-tenant-placeholder_tenant_key-primary" |
|
glueops_backups.tls_cert_backup.aws_accessKey | string | "placeholder_tls_cert_backup_aws_access_key" |
Part of loki_log_exporter output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
glueops_backups.tls_cert_backup.aws_region | string | "placeholder_aws_region" |
Should be the same primary_region you used in: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
glueops_backups.tls_cert_backup.aws_secretKey | string | "placeholder_tls_cert_backup_aws_secret_key" |
Part of loki_log_exporter output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
glueops_backups.tls_cert_backup.backup_prefix | string | "placeholder_tls_cert_backup_s3_key_prefix" |
|
glueops_backups.tls_cert_backup.company_key | string | "placeholder_tenant_key" |
|
glueops_backups.vault.aws_accessKey | string | "placeholder_vault_aws_access_key" |
Part of vault_s3_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
glueops_backups.vault.aws_region | string | "placeholder_aws_region" |
Should be the same primary_region you used in: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
glueops_backups.vault.aws_secretKey | string | "placeholder_vault_aws_secret_key" |
Part of vault_s3_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
glueops_backups.vault.company_key | string | "placeholder_tenant_key" |
|
glueops_node_and_tolerations.nodeSelector."glueops.dev/role" | string | "glueops-platform" |
|
glueops_node_and_tolerations.tolerations[0].effect | string | "NoSchedule" |
|
glueops_node_and_tolerations.tolerations[0].key | string | "glueops.dev/role" |
|
glueops_node_and_tolerations.tolerations[0].operator | string | "Equal" |
|
glueops_node_and_tolerations.tolerations[0].value | string | "glueops-platform" |
|
grafana.admin_password | string | "placeholder_grafana_admin_password" |
Default admin password. CHANGE THIS!!!! |
grafana.github_other_org_names | string | "placeholder_tenant_github_org_name" |
|
host_network.cert_manager.webhook_secure_port | int | 45020 |
|
host_network.enabled | string | "placeholder_enable_host_network" |
|
host_network.external_secrets.webhook_port | int | 45010 |
|
host_network.keda.prometheus.metricServer.port | int | 45056 |
|
host_network.keda.prometheus.operator.port | int | 45055 |
|
host_network.keda.prometheus.webhooks.port | int | 45054 |
|
host_network.keda.service.portHttps | int | 45052 |
|
host_network.keda.service.portHttpsTarget | int | 45053 |
|
host_network.keda.webhooks.healthProbePort | int | 45051 |
|
host_network.keda.webhooks.port | int | 45050 |
|
host_network.kube_pometheus_stack.prometheusOperator.admissionWebhooks.deployment.tls.internal_port | int | 45041 |
|
host_network.kube_pometheus_stack.prometheusOperator.tls.internal_port | int | 45040 |
|
host_network.nginx_public.controller.host_port.ports.http | int | 45030 |
|
host_network.nginx_public.controller.host_port.ports.https | int | 45031 |
|
loki.aws_accessKey | string | "placeholder_loki_aws_access_key" |
Part of loki_s3_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
loki.aws_region | string | "placeholder_aws_region" |
Should be the same primary_region you used in: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
loki.aws_secretKey | string | "placeholder_loki_aws_secret_key" |
Part of loki_s3_iam_credentials output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
loki.bucket | string | "glueops-tenant-placeholder_tenant_key-placeholder_cluster_environment-loki-primary" |
Format: glueops-tenant-placeholder_tenant_key-placeholder_cluster_environment-loki-primary, Credentials found at loki_credentials of json output of terraform-module-cloud-multy-prerequisites |
nginx.controller_replica_count | int | 2 |
number of replicas for ingress controller |
prometheus.volume_claim_storage_request | string | "50" |
Volume of storage requested for each Prometheus PVC, in Gi |
pull_request_bot.watch_for_apps_delay_seconds | string | "10" |
number of seconds to wait before checking ArgoCD for new applications |
tls_cert_restore.aws_accessKey | string | "placeholder_tls_cert_restore_aws_access_key" |
Part of loki_log_exporter output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
tls_cert_restore.aws_region | string | "placeholder_aws_region" |
Should be the same primary_region you used in: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
tls_cert_restore.aws_secretKey | string | "placeholder_tls_cert_restore_aws_secret_key" |
Part of loki_log_exporter output from terraform-module-cloud-multy-prerequisites: https://github.com/GlueOps/terraform-module-cloud-multy-prerequisites |
tls_cert_restore.backup_prefix | string | "placeholder_tls_cert_backup_s3_key_prefix" |
|
tls_cert_restore.exclude_namespaces | string | "placeholder_tls_cert_restore_exclude_namespaces" |
|
vault.data_storage | int | 10 |
Volume of storage requested for each Vault Data PVC, in Gi |
vault_init_controller.aws_accessKey | string | "placeholder_vault_init_controller_aws_access_key" |
S3 Credentials to access the vault_access.json |
vault_init_controller.aws_region | string | "placeholder_aws_region" |
S3 region to access the vault_access.json |
vault_init_controller.aws_secretKey | string | "placeholder_vault_init_controller_aws_access_secret" |
S3 Credentials to access the vault_access.json |
vault_init_controller.enable_restore | bool | true |
Enable/Disable restore of an existing backup upon a fresh deployment of vault during cluster bootstrap |
vault_init_controller.pause_reconcile | bool | false |
Enable/Disable reconcile |
vault_init_controller.reconcile_period | int | 30 |
How often the controller should run |
vault_init_controller.s3_bucket_name | string | "glueops-tenant-placeholder_tenant_key-primary" |
S3 bucket that will store the vault unseal key(s) and root token |
vault_init_controller.s3_key_path | string | "placeholder_vault_init_controller_s3_key" |
S3 key/path to the unseal key(s) and root token |