Skip to main content

Common Chart Documentation

Global and Defaults

This options should not need to be changed per chart.

KeyTypeRequiredHelm TemplateDefaultDescription
.Values.global.labelsdict✅ (On value only){}Additional Labels that apply to all objects
.Values.global.annotationsdict✅ (On value only){}Additional Annotations that apply to all objects
.Values.global.namespacestring""Namespace to apply to all objects, also applies to chart deps
.Values.global.minNodePortint9000Minimum Node Port Allowed
.Values.global.createTCNamespacebooleantrueWhether to create tc-system namespace
.Values.fallbackDefaults.probeTypestringhttpDefault probe type when not defined in the container level
.Values.fallbackDefaults.serviceProtocolstringtcpDefault service protocol when not defined in the service
.Values.fallbackDefaults.serviceTypestringClusterIPDefault service type when not defined in the service
.Values.fallbackDefaults.persistenceTypestringemptyDirDefault persistence type when not defined in the persistence
.Values.fallbackDefaults.probeTimeoutsdictSee belowDefault probe timeouts if not defined in the container
.Values.fallbackDefaults.probeTimeouts.[probe]dictSee belowDefault probe timeouts if not defined in the container
.Values.fallbackDefaults.probeTimeouts.[probe].initialDelaySecondsintSee belowDefault initialDelaySeconds if not defined in the container
.Values.fallbackDefaults.probeTimeouts.[probe].periodSecondsintSee belowDefault periodSeconds if not defined in the container
.Values.fallbackDefaults.probeTimeouts.[probe].timeoutSecondsintSee belowDefault timeoutSeconds if not defined in the container
.Values.fallbackDefaults.probeTimeouts.[probe].failureThresholdintSee belowDefault failureThreshold if not defined in the container
.Values.fallbackDefaults.probeTimeouts.[probe].successThresholdintSee belowDefault successThreshold if not defined in the container
.Values.operatordictSee belowContains specific settings for helm charts containing or using operators
.Values.operator.registerbooleanfalseAdds a configmap in tc-system namespace to register the chart as an operator
.Values.operator.verifydictSee belowContains specific settings for verifying operators
.Values.operator.verify.enabledbooleantrueEnables or disables the verification of operators
.Values.operator.verify.additionalOperatorslist[]Additional operators to verify
.Values.operator.verify.additionalOperators.[operator]string""Operator to verify
.Values.extraTpllist[]Define kubernetes resources, 1 per list item, tpl will be resolved

Default probe timeouts:

probeTimeouts:
liveness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
readiness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 2
startup:
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 2
failureThreshold: 60
successThreshold: 1

Examples:

global:
labels:
key: value
keytpl: "{{ .Values.some.value }}"
annotations:
key: value
keytpl: "{{ .Values.some.value }}"
namespace: ""
minNodePort: 9000
createTCNamespace: true

faillbackDefaults:
probeType: http
serviceProtocol: tcp
serviceType: ClusterIP
persistenceType: emptyDir
probeTimeouts:
liveness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
readiness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 2
startup:
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 2
failureThreshold: 60
successThreshold: 1

operator:
register: false
verify:
enabled: true
additionalOperators:
- operator1
- operator2
extraTpl:
- |
apiVersion: v1
kind: Deployment
...

Global Values that apply on pods/containers

All of the below values are applied on all pods/containers, but can be overridden on the pod/container level. This is so, you can have a single point to define the values from the scale UI, but still have the ability to override them on the pod/container level, in case you need to.

KeyTypeRequiredHelm TemplateDefaultDescription
.Values.TZstringSee belowTimezone that is used everywhere applicable
.Values.namespacestring""Namespace to apply to all objects, does not apply to chart deps
.Values.containerOptionsdictSee belowContainer options that apply to all containers
.Values.containerOptions.NVIDIA_CAPSlistSee belowNVIDIA_CAPS (Only applied when scaleGPU is passed)
.Values.resourcesdictSee belowResources
.Values.resources.limitsdictSee belowResources
.Values.resources.limits.cpustringSee belowResources
.Values.resources.limits.memorystringSee belowResources
.Values.resources.requestsdictSee belowResources
.Values.resources.requests.cpustringSee belowResources
.Values.resources.requests.memorystringSee belowResources
.Values.podOptionsdictSee belowOptions that apply to all pods
.Values.podOptions.enableServiceLinksbooleanSee belowenableServiceLinks
.Values.podOptions.hostNetworkbooleanSee belowhostNetwork
.Values.podOptions.hostPIDbooleanSee belowhostPID
.Values.podOptions.shareProcessNamespacebooleanSee belowshareProcessNamespace
.Values.podOptions.restartPolicystringSee belowrestartPolicy
.Values.podOptions.dnsPolicystringSee belowdnsPolicy
.Values.podOptions.dnsConfiglistSee belowdnsConfig
.Values.podOptions.hostAliaseslistSee belowhostAliases
.Values.podOptions.tolerationslistSee belowtolerations
.Values.podOptions.runtimeClassNamestringSee belowruntimeClassName (value in ixChartContext will always take precedence)
.Values.podOptions.automountServiceAccountTokenbooleanSee belowautomountServiceAccountToken
.Values.podOptions.terminationGracePeriodSecondsintSee belowterminationGracePeriodSeconds

Defaults:

TZ: UTC
namespace: ""
containerOptions:
NVIDIA_CAPS:
- all
resources:
limits:
cpu: 4000m
memory: 8Gi
requests:
cpu: 10m
memory: 50Mi
podOptions:
enableServiceLinks: false
hostNetwork: false
hostPID: false
shareProcessNamespace: false
restartPolicy: Always
dnsPolicy: ClusterFirst
dnsConfig:
options:
- name: ndots
value: "1"
hostAliases: []
tolerations: []
runtimeClassName: ""
automountServiceAccountToken: false
terminationGracePeriodSeconds: 120

Global Security Context

All of the below values are applied on all pods/containers, but can be overridden on the pod/container level. This is so, you can have a single point to define the values from the scale UI, but still have the ability to override them on the pod/container level, in case you need to.

KeyTypeRequiredHelm TemplateDefaultDescription
.Values.securityContextdictSee belowSecurity Context
.Values.securityContext.containerdictSee belowSecurity Context for containers
.Values.securityContext.container.PUIDintSee belowPUID (Only applied when running as root)
.Values.securityContext.container.UMASKstringSee belowUMASK
.Values.securityContext.container.runAsNonRootbooleanSee below
.Values.securityContext.container.runAsUserintSee below
.Values.securityContext.container.runAsGroupintSee below
.Values.securityContext.container.readOnlyRootFilesystembooleanSee below
.Values.securityContext.container.allowPrivilegeEscalationbooleanSee below
.Values.securityContext.container.privilegedbooleanSee below
.Values.securityContext.container.seccompProfiledictSee below
.Values.securityContext.container.seccompProfile.typestringSee below
.Values.securityContext.container.seccompProfile.profilestringSee below
.Values.securityContext.container.capabilitiesdictSee below
.Values.securityContext.container.capabilities.addlistSee below
.Values.securityContext.container.capabilities.droplistSee below
.Values.securityContext.poddictSee belowSecurity Context for pods
.Values.securityContext.pod.fsGroupintSee below
.Values.securityContext.pod.fsGroupChangePolicystringSee below
.Values.securityContext.pod.supplementalGrouplistSee below
.Values.securityContext.pod.sysctlslistSee below

Defaults:

securityContext:
# -- Container security context for all containers
# Can be overruled per container
container:
PUID: 568
UMASK: "002"
runAsNonRoot: true
runAsUser: 568
runAsGroup: 568
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
privileged: false
seccompProfile:
type: RuntimeDefault
capabilities:
add: []
drop:
- ALL
# -- Pod security context for all pods
# Can be overruled per pod
pod:
fsGroup: 568
fsGroupChangePolicy: OnRootMismatch
supplementalGroups: []
sysctls: []

Images

KeyTypeRequiredHelm TemplateDefaultDescription
.Values.imagedictSee belowImage
.Values.image.repositorystringSee belowImage Repository
.Values.image.tagstringSee belowImage Tag
.Values.image.pullPolicystringSee belowImage Pull Policy

Defaults:

image:
repository: ""
tag: ""
pullPolicy: IfNotPresent

You can define additional images using the following convention:

workerImage:
repository: ""
tag: ""
pullPolicy: IfNotPresent

There isn't anything special in the above format (nameImage), it's just a convention. It's also a format that some external tools can use for automatic image updates. For example, Renovate


Additional Documentation:


Notes:

This applies across all the documentation:

  • Helm Template:
    • means that the value is not templated
    • means that the value is templated, for example instead of a hardcoded value, you can set it to {{ .Values.some.value }}. and it will be replaced by the value contained in .Values.some.value at the installation/upgrade time.