# Default values for deepflow-server. # This is a YAML-formatted file. # Declare variables to be passed into your templates. global: image: ## ghcr Image repository address: ghcr.io/deepflowys/deepflow-ce ## Dockerhub Image repository address: deepflowce ## AliyunYun Image repository address: registry.cn-beijing.aliyuncs.com/deepflow-ce repository: registry.cn-hongkong.aliyuncs.com/deepflow-ce pullPolicy: Always imagePullSecrets: [] hostNetwork: false dnsPolicy: ClusterFirst password: mysql: deepflow #grafana: deepflow clickhouse: podManagementPolicy: "OrderedReady" replicas: 1 ## replicas for deepflow-server and clickhouse podAntiAffinityLabelSelector: [] podAntiAffinityTermLabelSelector: [] podAffinityLabelSelector: [] podAffinityTermLabelSelector: [] nodeAffinityLabelSelector: [] nodeAffinityTermLabelSelector: [] timezone: "Asia/Shanghai" nodePort: clickhouseTcpPort: clickhouseHttpPort: 32509 deepflowServerIngester: 30033 deepflowServerGrpc: 30035 # deepflowServerSslGrpc: 30135 deepflowServerhealthCheck: 30417 ntpServer: ntp.aliyun.com ## Whether to enable allInone local storage, if enabled, the local /opt directory is used to store data by default, ignoring the node affinity check, and is not responsible for any data persistence allInOneLocalStorage: false storageClass: "openebs-hostpath" externalClickHouse: enabled: false ## Enable external ClickHouse type: ep ## External ClickHouse clusterName,The default value is 'default', query method: 'select cluster,host_address,port from system.clusters;' clusterName: default ## External ClickHouse storage policy name,The default value is 'default', query method: 'select policy_name from system.storage_policies;' storagePolicy: default username: default ## External ClickHouse username password: password ## External ClickHouse Password ## External ClickHouse IP address and port list, DeepFlow writes IP and port information to an svc endpoint, deepflow-server obtains ClickHouse's IP:Port through get&wath&list endpoint. ## deepflow-server needs to access the real IP address of ClickHouse, the port is connected using tcp-port, usually 9000, and query IP:Port through 'select host_address,port from system.clusters;'. hosts: [] # - ip: 10.1.2.3 # port: 9000 # - ip: 10.1.2.4 # port: 9000 # - ip: 10.1.2.5 # port: 9000 externalMySQL: enabled: false ## Enable external MySQL ip: 10.1.2.3 ## External Mysql IP address, Need to allow deepflow-server and clickhouse access port: 3306 ## External Mysql port username: ## External Mysql username password: ## External Mysql password image: server: repository: "{{ .Values.global.image.repository }}/deepflow-server" tag: v6.4 pullPolicy: "{{ .Values.global.image.pullPolicy }}" app: repository: reg.cestong.com.cn/cecf/deepflow-app #repository: registry.cn-hongkong.aliyuncs.com/deepflow-ce/deepflow-app tag: v6.4.11 pullPolicy: Always imagePullSecrets: [] nameOverride: "" fullnameOverride: "" timezone: "{{ .Values.global.timezone }}" podAnnotations: {} podSecurityContext: {} # fsGroup: 2000 securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 server: ## Pod Labels podLabels: {} replicas: "{{ .Values.global.replicas }}" hostNetwork: "{{ .Values.global.hostNetwork }}" dnsPolicy: "{{ .Values.global.dnsPolicy }}" nameservers: [] podManagementPolicy: "{{ .Values.global.podManagementPolicy }}" featureFlag: [] readinessProbe: httpGet: path: /v1/health/ port: server failureThreshold: 10 initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 livenessProbe: failureThreshold: 6 initialDelaySeconds: 15 periodSeconds: 20 successThreshold: 1 httpGet: path: /v1/health/ port: server timeoutSeconds: 1 service: ## Configuration for deepflow-server service ## annotations: {} labels: {} clusterIP: "" ## Port for deepflow-server Service to listen on ## ports: - name: querier port: 20416 targetPort: 20416 nodePort: protocol: TCP - name: profile port: 20419 targetPort: 20419 nodePort: protocol: TCP - name: health-check port: 20417 targetPort: 20417 nodePort: 32514 protocol: TCP - name: grpc port: 20035 targetPort: 20035 nodePort: protocol: TCP - name: grpc-30035 port: 30035 targetPort: 20035 nodePort: "{{ .Values.global.nodePort.deepflowServerGrpc }}" protocol: TCP - name: ssl-grpc port: 20135 targetPort: 20135 nodePort: # "{{ .Values.global.nodePort.deepflowServerSslGrpc }}" protocol: TCP - name: ingester port: 20033 targetPort: 20033 nodePort: protocol: TCP - name: ingester-30033 port: 30033 targetPort: 20033 nodePort: "{{ .Values.global.nodePort.deepflowServerIngester }}" protocol: TCP ## Additional ports to open for server service additionalPorts: [] externalIPs: [] loadBalancerIP: "" loadBalancerSourceRanges: [] ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints externalTrafficPolicy: Cluster ## Service type ## type: NodePort resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi nodeSelector: {} podAntiAffinityLabelSelector: - labelSelector: - key: app operator: In values: deepflow - key: component operator: In values: deepflow-server topologyKey: "kubernetes.io/hostname" podAntiAffinityTermLabelSelector: [] podAffinityLabelSelector: [] podAffinityTermLabelSelector: [] nodeAffinityLabelSelector: [] nodeAffinityTermLabelSelector: [] extraVolumeMounts: [] # - name: extra-volume-0 # mountPath: /mnt/volume0 # readOnly: true # existingClaim: volume-claim # - name: extra-volume-1 # mountPath: /mnt/volume1 # readOnly: true # hostPath: /usr/shared/ app: replicas: "1" ## Pod Labels podLabels: {} hostNetwork: "{{ .Values.global.hostNetwork }}" dnsPolicy: "{{ .Values.global.dnsPolicy }}" readinessProbe: tcpSocket: port: app failureThreshold: 3 initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 livenessProbe: failureThreshold: 3 initialDelaySeconds: 15 periodSeconds: 20 successThreshold: 1 tcpSocket: port: app timeoutSeconds: 1 service: ## Configuration for deepflow querier service ## annotations: {} labels: {} clusterIP: "" ## Port for deepflow querier service to listen on ## ports: - name: app port: 20418 targetPort: 20418 ## Port to expose on each node ## Only used if service.type is 'NodePort' ## nodePort: protocol: TCP ## Additional ports to open for deepflow querier service additionalPorts: [] externalIPs: [] loadBalancerIP: "" loadBalancerSourceRanges: [] ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints ## externalTrafficPolicy: Cluster ## Service type ## type: ClusterIP resources: {} nodeSelector: {} podAntiAffinityLabelSelector: [] podAntiAffinityTermLabelSelector: [] podAffinityLabelSelector: [] podAffinityTermLabelSelector: [] nodeAffinityLabelSelector: [] nodeAffinityTermLabelSelector: [] tolerations: [] # - key: "key1" # operator: "Equal" # value: "value1" # effect: "NoSchedule" config: tridentTypeForUnkonwVtap: 3 configmap: server.yaml: # logfile path log-file: /var/log/deepflow/server.log # loglevel: "debug/info/warn/error" log-level: info controller: # controller http listenport listen-port: 20417 # grpc server port grpc-port: 20035 # grpc max message lenth default 100M grpc-max-message-length: 104857600 # kubeconfig kubeconfig: # election election-namespace: "{{ $.Release.Namespace }}" election-name: "{{ $.Release.Name }}-server" mysql: database: deepflow user-name: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.username}}{{ else }}root{{end}}" user-password: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.password}}{{ else }}{{ .Values.global.password.mysql }}{{end}}" #Please ignore this host: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.ip}}{{ else }}{{ $.Release.Name }}-mysql{{end}}" port: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.port}}{{ else }}30130{{end}}" timeout: 30 clickhouse: database: flow_tag user-name: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.username }}{{ else }}default{{end}}" port: 9000 host: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Release.Name }}-external-clickhouse{{ else }}{{ $.Release.Name }}-clickhouse{{end}}" user-password: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.password }}{{ else }}{{ .Values.global.password.clickhouse }}{{end}}" trisolaris: chrony: host: "{{ tpl .Values.global.ntpServer . }}" port: 123 timeout: 1 trident-type-for-unkonw-vtap: "{{ .Values.config.tridentTypeForUnkonwVtap }}" querier: # querier http listenport listen-port: 20416 clickhouse: database: flow_tag user-name: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.username }}{{ else }}default{{end}}" port: 9000 host: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Release.Name }}-external-clickhouse{{ else }}{{ $.Release.Name }}-clickhouse{{end}}" user-password: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.password }}{{ else }}{{ .Values.global.password.clickhouse }}{{end}}" timeout: 60 deepflow-app: host: "{{ $.Release.Name }}-app" port: 20418 ingester: ckdb: # use internal or external ckdb external: "{{ $.Values.global.externalClickHouse.enabled }}" host: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Release.Name }}-external-clickhouse{{ else }}{{ $.Release.Name }}-clickhouse{{end}}" port: 9000 # if `external` is 'true', default value is 'default', else 'df_cluster' cluster-name: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.clusterName}}{{end}}" # if `external` is 'true', default value 'default', else 'df_storage' storage-policy: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.storagePolicy}}{{end}}" ckdb-auth: username: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.username }}{{ else }}default{{end}}" # '#','@' special characters are not supported in passwords password: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.password }}{{ else }}{{ .Values.global.password.clickhouse }}{{end}}" es-syslog: false app.yaml: app: # logfile path log-file: /var/log/deepflow/app.log # loglevel: "debug/info/warn/error" log-level: info # app http listenport listen-port: 20418 # http request/response timeout http_request_timeout: 600 http_response_timeout: 600 querier: host: '{{ include "deepflow.fullname" . }}-server' port: 20416 timeout: 60 controller: host: '{{ include "deepflow.fullname" . }}-server' port: 20417 timeout: 60 spec: l7_tracing_limit: 100 clickhouse: enabled: true # Default values for clickhouse. # This is a YAML-formatted file. # Declare variables to be passed into your templates. replicas: "{{ .Values.global.replicas }}" hostNetwork: "{{ .Values.global.hostNetwork }}" dnsPolicy: "{{ .Values.global.dnsPolicy }}" podManagementPolicy: "{{ .Values.global.podManagementPolicy }}" image: ## ClickHouse Dockerhub Image repository: clickhouse/clickhouse-server repository: "{{ .Values.global.image.repository }}/clickhouse-server" pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: 23.8.7.24 timezone: "{{ .Values.global.timezone }}" imagePullSecrets: [] nameOverride: "" fullnameOverride: "" podAnnotations: {} podSecurityContext: {} # fsGroup: 2000 securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 storageConfig: ## persistentVolumeClaim/hostPath ## If you use hostPath, you must configure nodeAffinityLabelSelector, otherwise your data will be lost when Pod drifts, ignored allInOneLocalStorage=true ## 如果使用hostPath存储clickhouse数据,则必须配置nodeAffinityLabelSelector,避免pod漂移导致数据丢失,allInOneLocalStorage=true 时忽略 type: persistentVolumeClaim generateType: "{{ if $.Values.global.allInOneLocalStorage }}hostPath{{ else }}{{$.Values.storageConfig.type}}{{end}}" #Please ignore this hostPath: /opt/deepflow-clickhouse persistence: - name: clickhouse-path accessModes: - ReadWriteOnce size: 100Gi annotations: storageClass: "{{ .Values.global.storageClass }}" # selector: # matchLabels: # app.kubernetes.io/name: clickhouse - name: clickhouse-storage-path accessModes: - ReadWriteOnce size: 200Gi annotations: storageClass: "{{ .Values.global.storageClass }}" # selector: # matchLabels: # app.kubernetes.io/name: clickhouse s3StorageEnabled: false clickhouse: interserverHttpPort: 9009 maxConcurrentQueries: 2000 ## 单次查询最大内存 (bytes) maxMemoryUsage: 10000000000 maxQuerySize: 10737418240 maxAstElements: 2000000 maxExpandedAstElements: 2000000 connectTimeout: 500 backgroudPoolSize: 32 service: ## Configuration for ClickHouse service ## annotations: {} labels: {} clusterIP: "" ## Port for ClickHouse Service to listen on ## ports: - name: http-port port: 8123 targetPort: 8123 nodePort: "{{ .Values.global.nodePort.clickhouseHttpPort }}" protocol: TCP - name: tcp-port port: 9000 targetPort: 9000 nodePort: "{{ .Values.global.nodePort.clickhouseTcpPort }}" protocol: TCP - name: interserver-http-port port: 9009 targetPort: 9009 nodePort: protocol: TCP ## Additional ports to open for server service additionalPorts: [] externalIPs: [] loadBalancerIP: "" loadBalancerSourceRanges: [] ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints externalTrafficPolicy: Cluster ## Service type ## type: NodePort resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi nodeSelector: {} tolerations: [] podAntiAffinityLabelSelector: - labelSelector: - key: app operator: In values: deepflow - key: component operator: In values: clickhouse topologyKey: "kubernetes.io/hostname" podAntiAffinityTermLabelSelector: [] podAffinityLabelSelector: [] podAffinityTermLabelSelector: - topologyKey: kubernetes.io/hostname weight: 10 labelSelector: - key: app operator: In values: deepflow - key: component operator: In values: deepflow-server nodeAffinityLabelSelector: [] ## If you use hostPath, you must configure nodeAffinityLabelSelector, otherwise your data will be lost when Pod drifts ## 如果使用hostPath存储mysql数据,则必须配置nodeAffinityLabelSelector,避免pod漂移导致数据丢失 # - matchExpressions: # - key: kubernetes.io/hostname # operator: In # values: controller nodeAffinityTermLabelSelector: [] mysql: enabled: true hostNetwork: "false" dnsPolicy: ClusterFirst imagePullSecrets: [] nameOverride: "" fullnameOverride: "" password: "{{ .Values.global.password.mysql }}" timezone: "{{ .Values.global.timezone }}" podAnnotations: {} image: ## MySQL Dockerhub Image repository: mysql repository: "{{ .Values.global.image.repository }}/mysql" pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: 8.0.31 podSecurityContext: {} # fsGroup: 2000 securityContext: ## If your mysql cannot start with hostPath, please open Privileged ## 如果你的mysql使用hostPath无法启动,请打开privileged # privileged: true # capabilities: # drop: # - ALL # readOnlyRootFilesystem: false # runAsNonRoot: false # runAsUser: 0 storageConfig: ## persistentVolumeClaim/hostPath ## If you use hostPath, you must configure nodeAffinityLabelSelector, otherwise your data will be lost when Pod drifts ## 如果使用hostPath存储mysql数据,则必须配置nodeAffinityLabelSelector,避免pod漂移导致数据丢失 type: persistentVolumeClaim generateType: "{{ if $.Values.global.allInOneLocalStorage }}hostPath{{ else }}{{$.Values.storageConfig.type}}{{end}}" #Please ignore this hostPath: /opt/deepflow-mysql hostPathChownContainerEnabled: true persistence: storageClass: "{{ .Values.global.storageClass }}" annotations: "helm.sh/resource-policy": keep # existingClaim: your-claim-pvc-name accessMode: ReadWriteOnce size: 50Gi service: ## Configuration for ClickHouse service ## annotations: {} labels: {} clusterIP: "" ## Port for ClickHouse Service to listen on ## ports: - name: tcp port: 30130 targetPort: 30130 nodePort: protocol: TCP ## Additional ports to open for server service additionalPorts: [] externalIPs: [] loadBalancerIP: "" loadBalancerSourceRanges: [] ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints externalTrafficPolicy: Cluster ## Service type ## type: ClusterIP resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi nodeSelector: {} tolerations: [] podAntiAffinityLabelSelector: [] podAntiAffinityTermLabelSelector: [] podAffinityLabelSelector: [] podAffinityTermLabelSelector: [] nodeAffinityLabelSelector: [] ## If you use hostPath, you must configure nodeAffinityLabelSelector, otherwise your data will be lost when Pod drifts ## 如果使用hostPath存储mysql数据,则必须配置nodeAffinityLabelSelector,避免pod漂移导致数据丢失 # - matchExpressions: # - key: kubernetes.io/hostname # operator: In # values: controller nodeAffinityTermLabelSelector: [] deepflow-agent: enabled: true image: repository: "{{ .Values.global.image.repository }}/deepflow-agent" pullPolicy: "{{ .Values.global.image.pullPolicy }}" # Overrides the image tag whose default is the chart appVersion. tag: v6.4 imagePullSecrets: [] nameOverride: "" agentFullnameOverride: "deepflow-agent" timezone: "{{ .Values.global.timezone }}" deployComponent: - "daemonset" # - "watcher" # tke_sidecar: false podAnnotations: {} nodeIPInjection: true podSecurityContext: {} # fsGroup: 2000 hostNetwork: "false" ## Mount the netns hostPath directory read-only netns: mount: false extraVolumeMounts: [] securityContext: # privileged: true capabilities: add: - SYS_ADMIN ## Permission required for collecting K8s information and eBPF data - SYS_RESOURCE ## Permissions required to collect eBPF data - SYS_PTRACE ## Permission required for collecting K8s information - NET_ADMIN ## Indicates the permission for collecting AF_PACKET traffic - NET_RAW ## Indicates the permission for collecting AF_PACKET traffic - IPC_LOCK ## optional MAP_LOCKED MAP_NORESERVE: Indicates the permission for collecting AF_PACKET traffic, It can significantly degrade performance when not available - SYSLOG #- BPF ## Optionally, eBPF does not require SYS_ADMIN in kernel Linux 5.8+ and uses a combination of BPF and PERFMON instead #- PERFMON ## Optionally, eBPF does not require SYS_ADMIN in kernel Linux 5.8+ and uses a combination of BPF and PERFMON instead # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 ## File read and write permissions required for collecting eBPF data (Optional. If you do not have the permission and the content does not meet expectations, the performance will be significantly reduced. You can set the content in advance.) ## sysctl -w net.core.bpf_jit_enable=1 sysctlInitContainer: enabled: true service: ## Configuration for ClickHouse service ## annotations: {} labels: {} clusterIP: "" ## Port for ClickHouse Service to listen on ## ports: - name: receive port: 80 targetPort: receive nodePort: protocol: TCP ## Additional ports to open for server service additionalPorts: [] externalIPs: [] loadBalancerIP: "" loadBalancerSourceRanges: [] ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints externalTrafficPolicy: Cluster ## Service type ## type: ClusterIP deepflowServerNodeIPS: - '{{ include "deepflow.fullname" . }}-server' kubernetesClusterId: agentGroupID: ## This command takes effect when agent-group-config external_agent_http_proxy_enabled=1 is configured using deepflow-ctl ## Set the port to the agent-group-config port externalAgentHttpProxyPort: 38086 resources: limits: cpu: 1000m memory: 768Mi requests: cpu: 100m memory: 128Mi nodeSelector: {} tolerations: [] podAntiAffinityLabelSelector: [] podAntiAffinityTermLabelSelector: [] podAffinityLabelSelector: [] podAffinityTermLabelSelector: [] nodeAffinityLabelSelector: [] nodeAffinityTermLabelSelector: [] grafana: enabled: true namespaceOverride: "" ## ForceDeployDatasources Create datasource configmap even if grafana deployment has been disabled ## forceDeployDatasources: false ## ForceDeployDashboard Create dashboard configmap even if grafana deployment has been disabled ## forceDeployDashboards: false ## Deploy default dashboards ## defaultDashboardsEnabled: true ## Timezone for the default dashboards ## Other options are: browser or a specific timezone, i.e. Europe/Luxembourg ## defaultDashboardsTimezone: utc adminPassword: deepflow containerSecurityContext: [] image: registry: registry.cn-beijing.aliyuncs.com/deepflow-ce ## Grafana aliyun Image repository: registry.cn-beijing.aliyuncs.com/deepflow-ce/grafana repository: grafana # Overrides the Grafana image tag whose default is the chart appVersion tag: "" sha: "" pullPolicy: Always service: enabled: true type: NodePort rbac: create: true ## Use an existing ClusterRole/Role (depending on rbac.namespaced false/true) # useExistingRole: name-of-some-(cluster)role pspEnabled: false namespaced: true grafana.ini: paths: plugins: /var/lib/grafana/plugins analytics: check_for_updates: true log: mode: console database: type: mysql host: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.ip}}{{ else }}{{ $.Release.Name }}-mysql{{end}}:{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.port}}{{ else }}30130{{end}}" name: grafana user: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.username}}{{ else }}root{{end}}" password: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.password}}{{ else }}{{ .Values.global.password.mysql }}{{end}}" plugins: allow_loading_unsigned_plugins: deepflow-querier-datasource,deepflow-apptracing-panel,deepflow-topo-panel,deepflowio-tracing-panel,deepflowio-deepflow-datasource,deepflowio-topo-panel extraInitContainers: - name: init-custom-plugins image: "{{ .Values.global.image.repository }}/deepflowio-init-grafana:v6.4" imagePullPolicy: "{{ tpl .Values.global.image.pullPolicy . }}" volumeMounts: - name: custom-plugins mountPath: /var/lib/grafana/plugins - name: init-grafana-ds-dh image: "{{ .Values.global.image.repository }}/deepflowio-init-grafana-ds-dh:latest" imagePullPolicy: "{{ tpl .Values.global.image.pullPolicy . }}" volumeMounts: - name: deepflow-dashboards mountPath: /tmp/dashboards - name: grafana-dashboards-config mountPath: /etc/grafana/provisioning/dashboards - name: grafana-datasources-config mountPath: /etc/grafana/provisioning/datasources extraEmptyDirMounts: - name: custom-plugins mountPath: /var/lib/grafana/plugins - name: deepflow-dashboards mountPath: /tmp/dashboards - name: grafana-dashboards-config mountPath: /etc/grafana/provisioning/dashboards - name: grafana-datasources-config mountPath: /etc/grafana/provisioning/datasources env: TZ: "Asia/Shanghai" DEEPFLOW_REQUEST_URL: 'http://{{ include "deepflow.fullname" . }}-server:20416' DEEPFLOW_TRACEURL: 'http://{{ include "deepflow.fullname" . }}-app:20418' MYSQL_URL: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.ip}}{{ else }}{{ $.Release.Name }}-mysql{{end}}:{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.port}}{{ else }}30130{{end}}" MYSQL_USER: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.username}}{{ else }}root{{end}}" MYSQL_PASSWORD: "{{ if $.Values.global.externalMySQL.enabled }}{{$.Values.global.externalMySQL.password}}{{ else }}{{ .Values.global.password.mysql }}{{end}}" CLICKHOUSE_SERVER: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Release.Name }}-external-clickhouse{{ else }}{{ $.Release.Name }}-clickhouse{{end}}" CLICKHOUSE_USER: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.username }}{{ else }}default{{end}}" CLICKHOUSE_PASSWORD: "{{ if $.Values.global.externalClickHouse.enabled }}{{ $.Values.global.externalClickHouse.password }}{{ else }}{{ .Values.global.password.clickhouse }}{{end}}" ingress: enabled: true # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress ingressClassName: nginx # Values can be templated annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" labels: {} path: / # pathType is only for k8s >= 1.1= pathType: Prefix hosts: - deepflow.cestong.com.cn ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. extraPaths: [] # - path: /* # backend: # serviceName: ssl-redirect # servicePort: use-annotation ## Or for k8s > 1.19 # - path: /* # pathType: Prefix # backend: # service: # name: ssl-redirect # port: # name: use-annotation tls: [] # - secretName: chart-example-tls # hosts: # - chart-example.local assertNoLeakedSecrets: false