OpenShift Routes for cert-manager Helm values¶
replicas¶
| Property | replicas |
|---|---|
| Type | number |
| Default | |
logLevel¶
| Property | logLevel |
|---|---|
| Type | number |
| Default | |
namespace¶
| Property | namespace |
|---|---|
| Type | string |
| Default | |
This namespace allows you to define where the services are installed into. If not set then they use the namespace of the release. This is helpful when installing cert manager as a chart dependency (sub chart).
fullnameOverride¶
| Property | fullnameOverride |
|---|---|
| Type | string |
| Default |
Override the cert-manager.fullname value. This value is used as part of most of the names of the resources created by this Helm chart.
nameOverride¶
| Property | nameOverride |
|---|---|
| Type | string |
| Default |
Override the cert-manager.name value, which is used to annotate some of the resources that are created by this Chart (using app.kubernetes.io/name). NOTE: There are some inconsitencies in the Helm chart when it comes to these annotations (some resources use, for example, cainjector.name which resolves to the value cainjector).
image.registry¶
| Property | image.registry |
|---|---|
| Type | string |
| Default |
Target image registry. This value is prepended to the target image repository, if set.
For example:
registry: quay.io
repository: jetstack/cert-manager-openshift-routes
image.repository¶
| Property | image.repository |
|---|---|
| Type | string |
| Default | |
Target image repository.
image.tag¶
| Property | image.tag |
|---|---|
| Type | string |
| Default |
Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion is used.
image.digest¶
| Property | image.digest |
|---|---|
| Type | string |
| Default |
Target image digest. Override any tag, if set.
For example:
digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20
image.pullPolicy¶
| Property | image.pullPolicy |
|---|---|
| Type | string |
| Default | |
Kubernetes imagePullPolicy on Deployment.
imagePullSecrets¶
| Property | imagePullSecrets |
|---|---|
| Type | array |
| Default | |
Optional secrets used for pulling the openshift-routes container image.
serviceAccount.create¶
| Property | serviceAccount.create |
|---|---|
| Type | bool |
| Default | |
Specifies whether a service account should be created.
serviceAccount.name¶
| Property | serviceAccount.name |
|---|---|
| Type | string |
| Default |
The name of the service account to use.
If not set and create is true, a name is generated using the fullname template.
serviceAccount.annotations¶
| Property | serviceAccount.annotations |
|---|---|
| Type | object |
| Default |
Optional additional annotations to add to the controller's Service Account.
rbac.create¶
| Property | rbac.create |
|---|---|
| Type | bool |
| Default | |
Create (Cluster-) Roles and RoleBindings for the Service Account.
podAnnotations¶
| Property | podAnnotations |
|---|---|
| Type | object |
| Default | |
Annotations to add to the openshift-routes pod.
podSecurityContext¶
| Property | podSecurityContext |
|---|---|
| Type | object |
| Default | runAsNonRoot: true seccompProfile: type: RuntimeDefault |
Pod Security Context.
For more information, see Configure a Security Context for a Pod or Container.
securityContext¶
| Property | securityContext |
|---|---|
| Type | object |
| Default |
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
|
Container Security Context to be set on the controller component container. For more information, see Configure a Security Context for a Pod or Container.
resources¶
| Property | resources |
|---|---|
| Type | object |
| Default | |
Kubernetes pod resources. For more information, see Resource Management for Pods and Containers.
For example:
resources:
limits:
memory: 128Mi
requests:
cpu: 100m
memory: 128Mi
nodeSelector¶
| Property | nodeSelector |
|---|---|
| Type | object |
| Default | |
The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with matching labels. For more information, see Assigning Pods to Nodes.
This default ensures that Pods are only scheduled to Linux nodes. It prevents Pods being scheduled to Windows nodes in a mixed OS cluster.
tolerations¶
| Property | tolerations |
|---|---|
| Type | array |
| Default | |
A list of Kubernetes Tolerations, if required. For more information, see Toleration v1 core.
For example:
tolerations:
- key: foo.bar.com/role
operator: Equal
value: master
effect: NoSchedule
affinity¶
| Property | affinity |
|---|---|
| Type | object |
| Default | |
A Kubernetes Affinity, if required. For more information, see Affinity v1 core.
For example:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: foo.bar.com/role
operator: In
values:
- master
metrics.enabled¶
| Property | metrics.enabled |
|---|---|
| Type | bool |
| Default | |
When enabled, a service is created that exposes the metrics endpoint.
metrics.serviceMonitor.enabled¶
| Property | metrics.serviceMonitor.enabled |
|---|---|
| Type | bool |
| Default | |
Create a ServiceMonitor to add openshift-routes to Prometheus.
metrics.serviceMonitor.interval¶
| Property | metrics.serviceMonitor.interval |
|---|---|
| Type | string |
| Default | |
The interval to scrape metrics.
omitHelmLabels¶
| Property | omitHelmLabels |
|---|---|
| Type | bool |
| Default | |
Omit Helm-specific labels. This is useful when generating a static manifest with helm template.