Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 612024966a263558854c3f4658c69968d99c6094 / . / charts / glance / values.yaml
blob: cea5248eab24e9d008ca6f802c673f8b2617eb1c [file] [log] [blame]
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License");
2# you may not use this file except in compliance with the License.
3# You may obtain a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS,
9# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10# See the License for the specific language governing permissions and
11# limitations under the License.
12
13# Default values for glance.
14# This is a YAML-formatted file.
15# Declare name/value pairs to be passed into your templates.
16# name: value
17
18# radosgw, rbd, swift or pvc
19---
20storage: swift
21
22labels:
23 api:
24 node_selector_key: openstack-control-plane
25 node_selector_value: enabled
26 job:
27 node_selector_key: openstack-control-plane
28 node_selector_value: enabled
29 test:
30 node_selector_key: openstack-control-plane
31 node_selector_value: enabled
32
33release_group: null
34
35images:
36 tags:
37 test: docker.io/xrally/xrally-openstack:2.0.0
38 glance_storage_init: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_xenial
39 glance_metadefs_load: docker.io/openstackhelm/glance:wallaby-ubuntu_focal
40 db_init: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
41 glance_db_sync: docker.io/openstackhelm/glance:wallaby-ubuntu_focal
42 db_drop: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
43 ks_user: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
44 ks_service: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
45 ks_endpoints: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
46 rabbit_init: docker.io/rabbitmq:3.7-management
47 glance_api: docker.io/openstackhelm/glance:wallaby-ubuntu_focal
48 # Bootstrap image requires curl
49 bootstrap: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
50 dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
51 image_repo_sync: docker.io/docker:17.07.0
52 pull_policy: "IfNotPresent"
53 local_registry:
54 active: false
55 exclude:
56 - dep_check
57 - image_repo_sync
58
59bootstrap:
60 enabled: true
61 ks_user: admin
62 script: null
63 structured:
64 images:
65 cirros:
66 id: null
67 name: "Cirros 0.3.5 64-bit"
68 source_url: "http://download.cirros-cloud.net/0.3.5/"
69 image_file: "cirros-0.3.5-x86_64-disk.img"
70 min_disk: 1
71 image_type: qcow2
72 container_format: bare
73 private: true
74 properties:
75 # NOTE: If you want to restrict hypervisor type for this image,
76 # uncomment this and write specific hypervisor type.
77 # hypervisor_type: "qemu"
78 os_distro: "cirros"
79
80ceph_client:
81 configmap: ceph-etc
82 user_secret_name: pvc-ceph-client-key
83
84network_policy:
85 glance:
86 ingress:
87 - {}
88 egress:
89 - {}
90
91conf:
92 software:
93 rbd:
94 rbd_store_pool_app_name: glance-image
95 rally_tests:
96 run_tempest: false
97 tests:
98 GlanceImages.create_and_delete_image:
99 - args:
100 container_format: bare
101 disk_format: qcow2
102 # NOTE(aostapenko) temporary location to work around https://bugs.launchpad.net/rally/+bug/1887705
103 image_location: https://artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/external/images/cirros/0.3.5/cirros-0.3.5-x86_64-disk.img
104 runner:
105 concurrency: 1
106 times: 1
107 type: constant
108 sla:
109 failure_rate:
110 max: 0
111 GlanceImages.create_and_list_image:
112 - args:
113 container_format: bare
114 disk_format: qcow2
115 # NOTE(aostapenko) temporary location to work around https://bugs.launchpad.net/rally/+bug/1887705
116 image_location: https://artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/external/images/cirros/0.3.5/cirros-0.3.5-x86_64-disk.img
117 runner:
118 concurrency: 1
119 times: 1
120 type: constant
121 sla:
122 failure_rate:
123 max: 0
124 ceph:
125 monitors: []
126 admin_keyring: null
127 override:
128 append:
129 ceph_client:
130 override:
131 append:
Oleksandr Kozachenkoc0022be2023-05-23 20:36:21 +0200[diff] [blame]132 paste: {}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]133 policy: {}
134 glance_sudoers: |
135 # This sudoers file supports rootwrap for both Kolla and LOCI Images.
136 Defaults !requiretty
137 Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/var/lib/openstack/bin:/var/lib/kolla/venv/bin"
138 glance ALL = (root) NOPASSWD: /var/lib/kolla/venv/bin/glance-rootwrap /etc/glance/rootwrap.conf *, /var/lib/openstack/bin/glance-rootwrap /etc/glance/rootwrap.conf *
139 rootwrap: |
140 # Configuration for glance-rootwrap
141 # This file should be owned by (and only-writable by) the root user
142
143 [DEFAULT]
144 # List of directories to load filter definitions from (separated by ',').
145 # These directories MUST all be only writeable by root !
146 filters_path=/etc/glance/rootwrap.d,/usr/share/glance/rootwrap
147
148 # List of directories to search executables in, in case filters do not
149 # explicitely specify a full path (separated by ',')
150 # If not specified, defaults to system PATH environment variable.
151 # These directories MUST all be only writeable by root !
152 exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin,/var/lib/openstack/bin,/var/lib/kolla/venv/bin
153
154 # Enable logging to syslog
155 # Default value is False
156 use_syslog=False
157
158 # Which syslog facility to use.
159 # Valid values include auth, authpriv, syslog, local0, local1...
160 # Default value is 'syslog'
161 syslog_log_facility=syslog
162
163 # Which messages to log.
164 # INFO means log all usage
165 # ERROR means only log unsuccessful attempts
166 syslog_log_level=ERROR
167 rootwrap_filters:
168 glance_cinder_store:
169 pods:
170 - api
171 content: |
172 # glance-rootwrap command filters for glance cinder store
173 # This file should be owned by (and only-writable by) the root user
174
175 [Filters]
176 # cinder store driver
177 disk_chown: RegExpFilter, chown, root, chown, \d+, /dev/(?!.*/\.\.).*
178
179 # os-brick library commands
180 # os_brick.privileged.run_as_root oslo.privsep context
181 # This line ties the superuser privs with the config files, context name,
182 # and (implicitly) the actual python code invoked.
183 privsep-rootwrap: RegExpFilter, privsep-helper, root, privsep-helper, --config-file, /etc/(?!\.\.).*, --privsep_context, os_brick.privileged.default, --privsep_sock_path, /tmp/.*
184
185 chown: CommandFilter, chown, root
186 mount: CommandFilter, mount, root
187 umount: CommandFilter, umount, root
188 glance:
189 DEFAULT:
190 log_config_append: /etc/glance/logging.conf
191 # NOTE(portdirect): the bind port should not be defined, and is manipulated
192 # via the endpoints section.
193 bind_port: null
194 workers: 1
195 enable_v1_api: False
196 oslo_middleware:
197 enable_proxy_headers_parsing: true
198 keystone_authtoken:
199 auth_type: password
200 auth_version: v3
201 memcache_security_strategy: ENCRYPT
Oleksandr Kozachenkoc0022be2023-05-23 20:36:21 +0200[diff] [blame]202 service_type: image
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]203 glance_store:
204 cinder_catalog_info: volumev3::internalURL
205 rbd_store_chunk_size: 8
206 rbd_store_replication: 3
207 rbd_store_crush_rule: replicated_rule
208 rbd_store_pool: glance.images
209 rbd_store_user: glance
210 rbd_store_ceph_conf: /etc/ceph/ceph.conf
211 filesystem_store_datadir: /var/lib/glance/images
212 default_swift_reference: ref1
213 swift_store_container: glance
214 swift_store_create_container_on_put: true
215 swift_store_config_file: /etc/glance/swift-store.conf
216 swift_store_endpoint_type: internalURL
217 paste_deploy:
218 flavor: keystone
219 database:
220 max_retries: -1
221 oslo_concurrency:
222 lock_path: "/var/lib/glance/tmp"
223 oslo_messaging_notifications:
224 driver: messagingv2
225 oslo_messaging_rabbit:
226 rabbit_ha_queues: true
227 oslo_policy:
228 policy_file: /etc/glance/policy.yaml
229 cors: {}
230 logging:
231 loggers:
232 keys:
233 - root
234 - glance
235 handlers:
236 keys:
237 - stdout
238 - stderr
239 - "null"
240 formatters:
241 keys:
242 - context
243 - default
244 logger_root:
245 level: WARNING
246 handlers: 'null'
247 logger_glance:
248 level: INFO
249 handlers:
250 - stdout
251 qualname: glance
252 logger_amqp:
253 level: WARNING
254 handlers: stderr
255 qualname: amqp
256 logger_amqplib:
257 level: WARNING
258 handlers: stderr
259 qualname: amqplib
260 logger_eventletwsgi:
261 level: WARNING
262 handlers: stderr
263 qualname: eventlet.wsgi.server
264 logger_sqlalchemy:
265 level: WARNING
266 handlers: stderr
267 qualname: sqlalchemy
268 logger_boto:
269 level: WARNING
270 handlers: stderr
271 qualname: boto
272 handler_null:
273 class: logging.NullHandler
274 formatter: default
275 args: ()
276 handler_stdout:
277 class: StreamHandler
278 args: (sys.stdout,)
279 formatter: context
280 handler_stderr:
281 class: StreamHandler
282 args: (sys.stderr,)
283 formatter: context
284 formatter_context:
285 class: oslo_log.formatters.ContextFormatter
286 datefmt: "%Y-%m-%d %H:%M:%S"
287 formatter_default:
288 format: "%(message)s"
289 datefmt: "%Y-%m-%d %H:%M:%S"
290 api_audit_map:
291 DEFAULT:
292 target_endpoint_type: None
293 path_keywords:
294 detail: None
295 file: None
296 images: image
297 members: member
298 tags: tag
299 service_endpoints:
300 image: 'service/storage/image'
301 swift_store: |
302 [{{ .Values.conf.glance.glance_store.default_swift_reference }}]
303 {{- if eq .Values.storage "radosgw" }}
304 auth_version = 1
305 auth_address = {{ tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
306 user = {{ .Values.endpoints.ceph_object_store.auth.glance.username }}:swift
307 key = {{ .Values.endpoints.ceph_object_store.auth.glance.password }}
308 {{- else }}
309 user = {{ .Values.endpoints.identity.auth.glance.project_name }}:{{ .Values.endpoints.identity.auth.glance.username }}
310 key = {{ .Values.endpoints.identity.auth.glance.password }}
311 auth_address = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
312 user_domain_name = {{ .Values.endpoints.identity.auth.glance.user_domain_name }}
313 project_domain_name = {{ .Values.endpoints.identity.auth.glance.project_domain_name }}
314 auth_version = 3
315 # NOTE(portdirect): https://bugs.launchpad.net/glance-store/+bug/1620999
316 project_domain_id =
317 user_domain_id =
318 {{- end -}}
319 rabbitmq:
320 # NOTE(rk760n): adding rmq policy to mirror messages from notification queues and set expiration time for the ones
321 policies:
322 - vhost: "glance"
323 name: "ha_ttl_glance"
324 definition:
325 # mirror messges to other nodes in rmq cluster
326 ha-mode: "all"
327 ha-sync-mode: "automatic"
328 # 70s
329 message-ttl: 70000
330 priority: 0
331 apply-to: all
332 pattern: '^(?!(amq\.|reply_)).*'
333
334network:
335 api:
336 ingress:
337 public: true
338 classes:
339 namespace: "nginx"
340 cluster: "nginx-cluster"
341 annotations:
342 nginx.ingress.kubernetes.io/rewrite-target: /
343 nginx.ingress.kubernetes.io/proxy-body-size: "0"
344 external_policy_local: false
345 node_port:
346 enabled: false
347 port: 30092
348
349volume:
350 class_name: general
351 size: 2Gi
352
353dependencies:
354 dynamic:
355 common:
356 local_image_registry:
357 jobs:
358 - glance-image-repo-sync
359 services:
360 - endpoint: node
361 service: local_image_registry
362 static:
363 api:
364 jobs:
365 - glance-storage-init
366 - glance-db-sync
367 - glance-rabbit-init
368 - glance-ks-user
369 - glance-ks-endpoints
370 services:
371 - endpoint: internal
372 service: oslo_db
373 - endpoint: internal
374 service: identity
375 - endpoint: internal
376 service: oslo_messaging
377 bootstrap:
378 jobs: null
379 services:
380 - endpoint: internal
381 service: identity
382 - endpoint: internal
383 service: image
384 clean:
385 jobs: null
386 db_drop:
387 services:
388 - endpoint: internal
389 service: oslo_db
390 db_init:
391 services:
392 - endpoint: internal
393 service: oslo_db
394 db_sync:
395 jobs:
396 - glance-db-init
397 services:
398 - endpoint: internal
399 service: oslo_db
400 ks_endpoints:
401 jobs:
402 - glance-ks-service
403 services:
404 - endpoint: internal
405 service: identity
406 ks_service:
407 services:
408 - endpoint: internal
409 service: identity
410 ks_user:
411 services:
412 - endpoint: internal
413 service: identity
414 rabbit_init:
415 services:
416 - endpoint: internal
417 service: oslo_messaging
418 storage_init:
419 jobs:
420 - glance-ks-user
421 services: null
422 metadefs_load:
423 jobs:
424 - glance-db-sync
425 services: null
426 tests:
427 services:
428 - endpoint: internal
429 service: oslo_db
430 - endpoint: internal
431 service: identity
432 - endpoint: internal
433 service: image
434 image_repo_sync:
435 services:
436 - endpoint: internal
437 service: local_image_registry
438
439# Names of secrets used by bootstrap and environmental checks
440secrets:
441 identity:
442 admin: glance-keystone-admin
443 glance: glance-keystone-user
444 test: glance-keystone-test
445 oslo_db:
446 admin: glance-db-admin
447 glance: glance-db-user
448 rbd: images-rbd-keyring
449 oslo_messaging:
450 admin: glance-rabbitmq-admin
451 glance: glance-rabbitmq-user
452 tls:
453 image:
454 api:
455 public: glance-tls-public
456 internal: glance-tls-api
457 oci_image_registry:
458 glance: glance-oci-image-registry
459
460# typically overridden by environmental
461# values, but should include all endpoints
462# required by this chart
463endpoints:
464 cluster_domain_suffix: cluster.local
465 local_image_registry:
466 name: docker-registry
467 namespace: docker-registry
468 hosts:
469 default: localhost
470 internal: docker-registry
471 node: localhost
472 host_fqdn_override:
473 default: null
474 port:
475 registry:
476 node: 5000
477 oci_image_registry:
478 name: oci-image-registry
479 namespace: oci-image-registry
480 auth:
481 enabled: false
482 glance:
483 username: glance
484 password: password
485 hosts:
486 default: localhost
487 host_fqdn_override:
488 default: null
489 port:
490 registry:
491 default: null
492 identity:
493 name: keystone
494 auth:
495 admin:
496 region_name: RegionOne
497 username: admin
498 password: password
499 project_name: admin
500 user_domain_name: default
501 project_domain_name: default
502 glance:
503 role: admin
504 region_name: RegionOne
505 username: glance
506 password: password
507 project_name: service
508 user_domain_name: service
509 project_domain_name: service
510 test:
511 role: admin
512 region_name: RegionOne
513 username: glance-test
514 password: password
515 project_name: test
516 user_domain_name: service
517 project_domain_name: service
518 hosts:
519 default: keystone
520 internal: keystone-api
521 host_fqdn_override:
522 default: null
523 path:
524 default: /v3
525 scheme:
526 default: http
527 port:
528 api:
529 default: 80
530 internal: 5000
531 image:
532 name: glance
533 hosts:
534 default: glance-api
535 public: glance
536 host_fqdn_override:
537 default: null
538 # NOTE(portdirect): this chart supports TLS for fqdn over-ridden public
539 # endpoints using the following format:
540 # public:
541 # host: null
542 # tls:
543 # crt: null
544 # key: null
545 path:
546 default: null
547 scheme:
548 default: http
549 service: http
550 port:
551 api:
552 default: 9292
553 public: 80
554 oslo_db:
555 auth:
556 admin:
557 username: root
558 password: password
559 secret:
560 tls:
561 internal: mariadb-tls-direct
562 glance:
563 username: glance
564 password: password
565 hosts:
566 default: mariadb
567 host_fqdn_override:
568 default: null
569 path: /glance
570 scheme: mysql+pymysql
571 port:
572 mysql:
573 default: 3306
574 oslo_cache:
575 auth:
576 # NOTE(portdirect): this is used to define the value for keystone
577 # authtoken cache encryption key, if not set it will be populated
578 # automatically with a random value, but to take advantage of
579 # this feature all services should be set to use the same key,
580 # and memcache service.
581 memcache_secret_key: null
582 hosts:
583 default: memcached
584 host_fqdn_override:
585 default: null
586 port:
587 memcache:
588 default: 11211
589 oslo_messaging:
590 auth:
591 admin:
592 username: rabbitmq
593 password: password
594 secret:
595 tls:
596 internal: rabbitmq-tls-direct
597 glance:
598 username: glance
599 password: password
600 statefulset:
601 replicas: 2
602 name: rabbitmq-rabbitmq
603 hosts:
604 default: rabbitmq
605 host_fqdn_override:
606 default: null
607 path: /glance
608 scheme: rabbit
609 port:
610 amqp:
611 default: 5672
612 http:
613 default: 15672
614 object_store:
615 name: swift
616 namespace: ceph
617 auth:
618 glance:
619 tmpurlkey: supersecret
620 hosts:
621 default: ceph-rgw
622 public: radosgw
623 host_fqdn_override:
624 default: null
625 path:
626 default: /swift/v1/KEY_$(tenant_id)s
627 scheme:
628 default: http
629 port:
630 api:
631 default: 8088
632 public: 80
633 ceph_object_store:
634 name: radosgw
635 namespace: ceph
636 auth:
637 glance:
638 username: glance
639 password: password
640 tmpurlkey: supersecret
641 hosts:
642 default: ceph-rgw
643 public: radosgw
644 host_fqdn_override:
645 default: null
646 path:
647 default: /auth/v1.0
648 scheme:
649 default: http
650 port:
651 api:
652 default: 8088
653 public: 80
654 fluentd:
655 namespace: null
656 name: fluentd
657 hosts:
658 default: fluentd-logging
659 host_fqdn_override:
660 default: null
661 path:
662 default: null
663 scheme: 'http'
664 port:
665 service:
666 default: 24224
667 metrics:
668 default: 24220
669 dashboard:
670 name: horizon
671 hosts:
672 default: horizon-int
673 public: horizon
674 host_fqdn_override:
675 default: null
676 # NOTE(portdirect): this chart supports TLS for fqdn over-ridden public
677 # endpoints using the following format:
678 # public:
679 # host: null
680 # tls:
681 # crt: null
682 # key: null
683 path:
684 default: null
685 scheme:
686 default: http
687 public: https
688 port:
689 web:
690 default: 80
691 public: 443
692 # NOTE(tp6510): these endpoints allow for things like DNS lookups and ingress
693 # They are using to enable the Egress K8s network policy.
694 kube_dns:
695 namespace: kube-system
696 name: kubernetes-dns
697 hosts:
698 default: kube-dns
699 host_fqdn_override:
700 default: null
701 path:
702 default: null
703 scheme: http
704 port:
705 dns:
706 default: 53
707 protocol: UDP
708 ingress:
709 namespace: null
710 name: ingress
711 hosts:
712 default: ingress
713 port:
714 ingress:
715 default: 80
716
717pod:
718 security_context:
719 glance:
720 pod:
721 runAsUser: 42424
722 container:
723 glance_perms:
724 readOnlyRootFilesystem: true
725 runAsUser: 0
726 ceph_keyring_placement:
727 readOnlyRootFilesystem: true
728 runAsUser: 0
729 glance_api:
730 readOnlyRootFilesystem: true
731 allowPrivilegeEscalation: false
732 nginx:
733 readOnlyRootFilesystem: false
734 runAsUser: 0
735 clean:
736 pod:
737 runAsUser: 42424
738 container:
739 glance_secret_clean:
740 readOnlyRootFilesystem: true
741 allowPrivilegeEscalation: false
742 metadefs_load:
743 pod:
744 runAsUser: 42424
745 container:
746 glance_metadefs_load:
747 readOnlyRootFilesystem: true
748 allowPrivilegeEscalation: false
749 storage_init:
750 pod:
751 runAsUser: 42424
752 container:
753 ceph_keyring_placement:
754 readOnlyRootFilesystem: true
755 allowPrivilegeEscalation: false
756 glance_storage_init:
757 readOnlyRootFilesystem: true
758 allowPrivilegeEscalation: false
759 test:
760 pod:
761 runAsUser: 42424
762 container:
763 glance_test_ks_user:
764 readOnlyRootFilesystem: true
765 allowPrivilegeEscalation: false
766 glance_test:
767 runAsUser: 65500
768 readOnlyRootFilesystem: true
769 allowPrivilegeEscalation: false
770 affinity:
771 anti:
772 type:
773 default: preferredDuringSchedulingIgnoredDuringExecution
774 topologyKey:
775 default: kubernetes.io/hostname
776 weight:
777 default: 10
778 tolerations:
779 glance:
780 enabled: false
781 tolerations:
782 - key: node-role.kubernetes.io/master
783 operator: Exists
784 effect: NoSchedule
Oleksandr Kozachenkoc0022be2023-05-23 20:36:21 +0200[diff] [blame]785 - key: node-role.kubernetes.io/control-plane
786 operator: Exists
787 effect: NoSchedule
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]788 useHostNetwork:
789 api: false
790 mounts:
791 glance_api:
792 init_container: null
793 glance_api:
794 volumeMounts:
795 volumes:
796 glance_tests:
797 init_container: null
798 glance_tests:
799 volumeMounts:
800 volumes:
801 glance_db_sync:
802 glance_db_sync:
803 volumeMounts:
804 volumes:
805 replicas:
806 api: 1
807 lifecycle:
808 upgrades:
809 deployments:
810 revision_history: 3
811 pod_replacement_strategy: RollingUpdate
812 rolling_update:
813 max_unavailable: 1
814 max_surge: 3
815 disruption_budget:
816 api:
817 min_available: 0
818 termination_grace_period:
819 api:
820 timeout: 30
821 resources:
822 enabled: false
823 api:
824 requests:
825 memory: "128Mi"
826 cpu: "100m"
827 limits:
828 memory: "1024Mi"
829 cpu: "2000m"
830 jobs:
831 storage_init:
832 requests:
833 memory: "128Mi"
834 cpu: "100m"
835 limits:
836 memory: "1024Mi"
837 cpu: "2000m"
838 metadefs_load:
839 requests:
840 memory: "128Mi"
841 cpu: "100m"
842 limits:
843 memory: "1024Mi"
844 cpu: "2000m"
845 db_sync:
846 requests:
847 memory: "128Mi"
848 cpu: "100m"
849 limits:
850 memory: "1024Mi"
851 cpu: "2000m"
852 db_init:
853 requests:
854 memory: "128Mi"
855 cpu: "100m"
856 limits:
857 memory: "1024Mi"
858 cpu: "2000m"
859 db_drop:
860 requests:
861 memory: "128Mi"
862 cpu: "100m"
863 limits:
864 memory: "1024Mi"
865 cpu: "2000m"
866 ks_user:
867 requests:
868 memory: "128Mi"
869 cpu: "100m"
870 limits:
871 memory: "1024Mi"
872 cpu: "2000m"
873 ks_service:
874 requests:
875 memory: "128Mi"
876 cpu: "100m"
877 limits:
878 memory: "1024Mi"
879 cpu: "2000m"
880 ks_endpoints:
881 requests:
882 memory: "128Mi"
883 cpu: "100m"
884 limits:
885 memory: "1024Mi"
886 cpu: "2000m"
887 rabbit_init:
888 requests:
889 memory: "128Mi"
890 cpu: "100m"
891 limits:
892 memory: "1024Mi"
893 cpu: "2000m"
894 bootstrap:
895 requests:
896 memory: "128Mi"
897 cpu: "100m"
898 limits:
899 memory: "1024Mi"
900 cpu: "2000m"
901 tests:
902 requests:
903 memory: "128Mi"
904 cpu: "100m"
905 limits:
906 memory: "1024Mi"
907 cpu: "2000m"
908 image_repo_sync:
909 requests:
910 memory: "128Mi"
911 cpu: "100m"
912 limits:
913 memory: "1024Mi"
914 cpu: "2000m"
915
916# NOTE(helm_hook): helm_hook might break for helm2 binary.
917# set helm3_hook: false when using the helm2 binary.
918helm3_hook: true
919
920tls:
921 identity: false
922 oslo_messaging: false
923 oslo_db: false
924
925manifests:
926 certificates: false
927 configmap_bin: true
928 configmap_etc: true
929 deployment_api: true
930 ingress_api: true
931 job_bootstrap: true
932 job_clean: true
933 job_db_init: true
934 job_db_sync: true
935 job_db_drop: false
936 job_image_repo_sync: true
937 job_ks_endpoints: true
938 job_ks_service: true
939 job_ks_user: true
940 job_storage_init: true
941 job_metadefs_load: true
942 job_rabbit_init: true
943 pdb_api: true
944 pod_rally_test: true
945 pvc_images: true
946 network_policy: false
947 secret_db: true
948 secret_ingress_tls: true
949 secret_keystone: true
950 secret_rabbitmq: true
951 secret_registry: true
952 service_ingress_api: true
953 service_api: true
954...