github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/rancher/values.yaml (about) 1 # Additional Trusted CAs. 2 # Enable this flag and add your CA certs as a secret named tls-ca-additional in the namespace. 3 # See README.md for details. 4 additionalTrustedCAs: false 5 6 7 # affinity optionally replaces the entire affinity section of the pod spec. If affinity is specified then the values of nodeAffinity, podAffinity, podAntiAffinity, and antiAffinity are ignored. 8 affinity: {} 9 # nodeAffinity optionally replaces the nodeAffinity section under affinity in the pod spec. 10 nodeAffinity: {} 11 # podAffinity optionally replaces the podAffinity section under affinity in the pod spec. 12 podAffinity: {} 13 # podAntiAffinity optionally replaces the podAntiAffinity section under affinity in the pod spec. If podAntiAffinity is specified then the value of antiAffinity is ignored. 14 podAntiAffinity: {} 15 16 antiAffinity: preferred 17 topologyKey: kubernetes.io/hostname 18 19 # Optional topology spread constraints 20 topologySpreadConstraints: [] 21 22 # Optional node selector 23 nodeSelector: {} 24 25 # Audit Logs https://rancher.com/docs/rancher/v2.x/en/installation/api-auditing/ 26 # The audit log is piped to the console of the rancher-audit-log container in the rancher pod. 27 # https://rancher.com/docs/rancher/v2.x/en/installation/api-auditing/ 28 # destination stream to sidecar container console or hostPath volume 29 # level: Verbosity of logs, 0 to 3. 0 is off 3 is a lot. 30 auditLog: 31 destination: sidecar 32 hostPath: /var/log/rancher/audit/ 33 level: 0 34 maxAge: 1 35 maxBackup: 1 36 maxSize: 100 37 38 # Image for collecting rancher audit logs. 39 # Important: update pkg/image/export/resolve.go when this default image is changed, so that it's reflected accordingly in rancher-images.txt generated for air-gapped setups. 40 image: 41 repository: "rancher/mirrored-bci-micro" 42 tag: 15.4.14.3 43 # Override imagePullPolicy image 44 # options: Always, Never, IfNotPresent 45 pullPolicy: "IfNotPresent" 46 47 # As of Rancher v2.5.0 this flag is deprecated and must be set to 'true' in order for Rancher to start 48 addLocal: "true" 49 50 # Add debug flag to Rancher server 51 debug: false 52 53 # When starting Rancher for the first time, bootstrap the admin as restricted-admin 54 restrictedAdmin: false 55 56 # Extra environment variables passed to the rancher pods. 57 # extraEnv: 58 # - name: CATTLE_TLS_MIN_VERSION 59 # value: "1.0" 60 61 # Fully qualified name to reach your Rancher server 62 # hostname: rancher.my.org 63 64 ## Optional array of imagePullSecrets containing private registry credentials 65 ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ 66 imagePullSecrets: [] 67 # - name: secretName 68 69 ### ingress ### 70 # Readme for details and instruction on adding tls secrets. 71 ingress: 72 # If set to false, ingress will not be created 73 # Defaults to true 74 # options: true, false 75 enabled: true 76 includeDefaultExtraAnnotations: true 77 extraAnnotations: {} 78 ingressClassName: nginx 79 # backend port number 80 servicePort: 443 81 82 # configurationSnippet - Add additional Nginx configuration. This example statically sets a header on the ingress. 83 # configurationSnippet: | 84 # more_set_input_headers "X-Forwarded-Host: {{ .Values.hostname }}"; 85 86 tls: 87 # options: rancher, letsEncrypt, secret 88 source: rancher 89 secretName: tls-rancher-ingress 90 91 ### service ### 92 # Override to use NodePort or LoadBalancer service type - default is ClusterIP 93 service: 94 type: "" 95 annotations: {} 96 97 ### LetsEncrypt config ### 98 # ProTip: The production environment only allows you to register a name 5 times a week. 99 # Use staging until you have your config right. 100 letsEncrypt: 101 # email: none@example.com 102 environment: production 103 ingress: 104 # options: traefik, nginx 105 class: "" 106 # If you are using certs signed by a private CA set to 'true' and set the 'tls-ca' 107 # in the 'rancher-system' namespace. See the README.md for details 108 privateCA: false 109 110 # http[s] proxy server passed into rancher server. 111 # proxy: http://<username>@<password>:<url>:<port> 112 113 # comma separated list of domains or ip addresses that will not use the proxy 114 noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local 115 116 # Override rancher image location for Air Gap installs 117 rancherImage: rancher/rancher 118 # rancher/rancher image tag. https://hub.docker.com/r/rancher/rancher/tags/ 119 # Defaults to .Chart.appVersion 120 # rancherImageTag: v2.0.7 121 122 # Override imagePullPolicy for rancher server images 123 # options: Always, Never, IfNotPresent 124 # Defaults to IfNotPresent 125 # rancherImagePullPolicy: <pullPolicy> 126 127 # Number of Rancher server replicas. Setting to negative number will dynamically between 0 and the abs(replicas) based on available nodes. 128 # of available nodes in the cluster 129 replicas: 3 130 131 # Set priorityClassName to avoid eviction 132 priorityClassName: rancher-critical 133 134 # Set pod resource requests/limits for Rancher. 135 resources: {} 136 137 # 138 # tls 139 # Where to offload the TLS/SSL encryption 140 # - ingress (default) 141 # - external 142 tls: ingress 143 144 systemDefaultRegistry: "" 145 146 # Set to use the packaged system charts 147 useBundledSystemChart: false 148 149 # Certmanager version compatibility 150 certmanager: 151 version: "" 152 153 # Rancher custom logos persistence 154 customLogos: 155 enabled: false 156 volumeSubpaths: 157 emberUi: "ember" 158 vueUi: "vue" 159 ## Volume kind to use for persistence: persistentVolumeClaim, configMap 160 volumeKind: persistentVolumeClaim 161 ## Use an existing volume. Custom logos should be copied to the volume by the user 162 # volumeName: custom-logos 163 ## Just for volumeKind: persistentVolumeClaim 164 ## To disables dynamic provisioning, set storageClass: "" or storageClass: "-" 165 # storageClass: "-" 166 accessMode: ReadWriteOnce 167 size: 1Gi 168 169 # Rancher post-delete hook 170 postDelete: 171 enabled: false 172 image: 173 repository: rancher-shell 174 tag: v0.1.20 175 namespaceList: 176 - cattle-fleet-system 177 - cattle-system 178 - rancher-operator-system 179 # Number of seconds to wait for an app to be uninstalled 180 timeout: 120 181 # by default, the job will fail if it fail to uninstall any of the apps 182 ignoreTimeoutError: false 183 184 # Set a bootstrap password. If leave empty, a random password will be generated. 185 bootstrapPassword: "" 186 187 livenessProbe: 188 initialDelaySeconds: 60 189 periodSeconds: 30 190 readinessProbe: 191 initialDelaySeconds: 5 192 periodSeconds: 30 193 194 global: 195 cattle: 196 psp: 197 # will default to true on 1.24 and below, and false for 1.25 and above 198 # can be changed manually to true or false to bypass version checks and force that option 199 enabled: ""