mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2025-01-12 07:42:16 +08:00
918 lines
27 KiB
YAML
918 lines
27 KiB
YAML
# Available parameters and their default values for the SeaweedFS chart.
|
|
|
|
global:
|
|
createClusterRole: true
|
|
registry: ""
|
|
repository: ""
|
|
imageName: chrislusf/seaweedfs
|
|
imagePullPolicy: IfNotPresent
|
|
imagePullSecrets: ""
|
|
restartPolicy: Always
|
|
loggingLevel: 1
|
|
enableSecurity: false
|
|
masterServer: null
|
|
securityConfig:
|
|
jwtSigning:
|
|
volumeWrite: true
|
|
volumeRead: false
|
|
filerWrite: false
|
|
filerRead: false
|
|
# we will use this serviceAccountName for all ClusterRoles/ClusterRoleBindings
|
|
serviceAccountName: "seaweedfs"
|
|
automountServiceAccountToken: true
|
|
certificates:
|
|
alphacrds: false
|
|
monitoring:
|
|
enabled: false
|
|
gatewayHost: null
|
|
gatewayPort: null
|
|
additionalLabels: {}
|
|
# if enabled will use global.replicationPlacment and override master & filer defaultReplicaPlacement config
|
|
enableReplication: false
|
|
# replication type is XYZ:
|
|
# X number of replica in other data centers
|
|
# Y number of replica in other racks in the same data center
|
|
# Z number of replica in other servers in the same rack
|
|
replicationPlacment: "001"
|
|
extraEnvironmentVars:
|
|
WEED_CLUSTER_DEFAULT: "sw"
|
|
WEED_CLUSTER_SW_MASTER: "seaweedfs-master.seaweedfs:9333"
|
|
WEED_CLUSTER_SW_FILER: "seaweedfs-filer-client.seaweedfs:8888"
|
|
# WEED_JWT_SIGNING_KEY:
|
|
# secretKeyRef:
|
|
# name: seaweedfs-signing-key
|
|
# key: signingKey
|
|
|
|
image:
|
|
registry: ""
|
|
repository: ""
|
|
|
|
master:
|
|
enabled: true
|
|
imageOverride: null
|
|
restartPolicy: null
|
|
replicas: 1
|
|
port: 9333
|
|
grpcPort: 19333
|
|
metricsPort: 9327
|
|
ipBind: "0.0.0.0"
|
|
volumePreallocate: false
|
|
volumeSizeLimitMB: 1000
|
|
loggingOverrideLevel: null
|
|
# number of seconds between heartbeats, default 5
|
|
pulseSeconds: null
|
|
# threshold to vacuum and reclaim spaces, default 0.3 (30%)
|
|
garbageThreshold: null
|
|
# Prometheus push interval in seconds, default 15
|
|
metricsIntervalSec: 15
|
|
# replication type is XYZ:
|
|
# X number of replica in other data centers
|
|
# Y number of replica in other racks in the same data center
|
|
# Z number of replica in other servers in the same rack
|
|
defaultReplication: "000"
|
|
|
|
# Disable http request, only gRpc operations are allowed
|
|
disableHttp: false
|
|
|
|
config: |-
|
|
# Enter any extra configuration for master.toml here.
|
|
# It may be a multi-line string.
|
|
|
|
# You may use ANY storage-class, example with local-path-provisioner
|
|
# Annotations are optional.
|
|
# data:
|
|
# type: "persistentVolumeClaim"
|
|
# size: "24Ti"
|
|
# storageClass: "local-path-provisioner"
|
|
# annotations:
|
|
# "key": "value"
|
|
#
|
|
# You may also spacify an existing claim:
|
|
# data:
|
|
# type: "existingClaim"
|
|
# claimName: "my-pvc"
|
|
#
|
|
# You can also use emptyDir storage:
|
|
# data:
|
|
# type: "emptyDir"
|
|
data:
|
|
type: "hostPath"
|
|
storageClass: ""
|
|
hostPathPrefix: /ssd
|
|
|
|
# You can also use emptyDir storage:
|
|
# logs:
|
|
# type: "emptyDir"
|
|
logs:
|
|
type: "hostPath"
|
|
size: ""
|
|
storageClass: ""
|
|
hostPathPrefix: /storage
|
|
|
|
## @param master.sidecars Add additional sidecar containers to the master pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
initContainers: ""
|
|
|
|
extraVolumes: ""
|
|
extraVolumeMounts: ""
|
|
|
|
# Labels to be added to the master pods
|
|
podLabels: {}
|
|
|
|
# Annotations to be added to the master pods
|
|
podAnnotations: {}
|
|
|
|
## Set podManagementPolicy
|
|
podManagementPolicy: Parallel
|
|
|
|
# Resource requests, limits, etc. for the master cluster placement. This
|
|
# should map directly to the value of the resources field for a PodSpec,
|
|
# formatted as a multi-line string. By default no direct resource request
|
|
# is made.
|
|
resources: {}
|
|
|
|
# updatePartition is used to control a careful rolling update of SeaweedFS
|
|
# masters.
|
|
updatePartition: 0
|
|
|
|
# Affinity Settings
|
|
# Commenting out or setting as empty the affinity variable, will allow
|
|
# deployment to single node services such as Minikube
|
|
affinity: |
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app.kubernetes.io/component: master
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# Toleration Settings for master pods
|
|
# This should be a multi-line string matching the Toleration array
|
|
# in a PodSpec.
|
|
tolerations: ""
|
|
|
|
# nodeSelector labels for master pod assignment, formatted as a muli-line string.
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
# Example:
|
|
nodeSelector: |
|
|
kubernetes.io/arch: amd64
|
|
# nodeSelector: |
|
|
# sw-backend: "true"
|
|
|
|
# used to assign priority to master pods
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
priorityClassName: ""
|
|
|
|
# used to assign a service account.
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
serviceAccountName: ""
|
|
|
|
# Configure security context for Pod
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# podSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 1000
|
|
# runAsGroup: 3000
|
|
# fsGroup: 2000
|
|
podSecurityContext: {}
|
|
|
|
# Configure security context for Container
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# containerSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 2000
|
|
# allowPrivilegeEscalation: false
|
|
containerSecurityContext: {}
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: "nginx"
|
|
# host: false for "*" hostname
|
|
host: "master.seaweedfs.local"
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/auth-type: "basic"
|
|
nginx.ingress.kubernetes.io/auth-secret: "default/ingress-basic-auth-secret"
|
|
nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - SW-Master'
|
|
nginx.ingress.kubernetes.io/service-upstream: "true"
|
|
nginx.ingress.kubernetes.io/rewrite-target: /$1
|
|
nginx.ingress.kubernetes.io/use-regex: "true"
|
|
nginx.ingress.kubernetes.io/enable-rewrite-log: "true"
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "false"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
|
|
nginx.ingress.kubernetes.io/configuration-snippet: |
|
|
sub_filter '<head>' '<head> <base href="/sw-master/">'; #add base url
|
|
sub_filter '="/' '="./'; #make absolute paths to relative
|
|
sub_filter '=/' '=./';
|
|
sub_filter '/seaweedfsstatic' './seaweedfsstatic';
|
|
sub_filter_once off;
|
|
tls: []
|
|
|
|
extraEnvironmentVars:
|
|
WEED_MASTER_VOLUME_GROWTH_COPY_1: '7'
|
|
WEED_MASTER_VOLUME_GROWTH_COPY_2: '6'
|
|
WEED_MASTER_VOLUME_GROWTH_COPY_3: '3'
|
|
WEED_MASTER_VOLUME_GROWTH_COPY_OTHER: '1'
|
|
|
|
# used to configure livenessProbe on master-server containers
|
|
#
|
|
livenessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /cluster/status
|
|
scheme: HTTP
|
|
initialDelaySeconds: 20
|
|
periodSeconds: 30
|
|
successThreshold: 1
|
|
failureThreshold: 4
|
|
timeoutSeconds: 10
|
|
|
|
# used to configure readinessProbe on master-server containers
|
|
#
|
|
readinessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /cluster/status
|
|
scheme: HTTP
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 45
|
|
successThreshold: 2
|
|
failureThreshold: 100
|
|
timeoutSeconds: 10
|
|
|
|
volume:
|
|
enabled: true
|
|
imageOverride: null
|
|
restartPolicy: null
|
|
port: 8080
|
|
grpcPort: 18080
|
|
metricsPort: 9327
|
|
ipBind: "0.0.0.0"
|
|
replicas: 1
|
|
loggingOverrideLevel: null
|
|
# number of seconds between heartbeats, must be smaller than or equal to the master's setting
|
|
pulseSeconds: null
|
|
# Choose [memory|leveldb|leveldbMedium|leveldbLarge] mode for memory~performance balance., default memory
|
|
index: null
|
|
# limit file size to avoid out of memory, default 256mb
|
|
fileSizeLimitMB: null
|
|
# minimum free disk space(in percents). If free disk space lower this value - all volumes marks as ReadOnly
|
|
minFreeSpacePercent: 7
|
|
|
|
# For each data disk you may use ANY storage-class, example with local-path-provisioner
|
|
# Annotations are optional.
|
|
# dataDirs:
|
|
# - name: data:
|
|
# type: "persistentVolumeClaim"
|
|
# size: "24Ti"
|
|
# storageClass: "local-path-provisioner"
|
|
# annotations:
|
|
# "key": "value"
|
|
# maxVolumes: 0 # If set to zero on non-windows OS, the limit will be auto configured. (default "7")
|
|
#
|
|
# You may also spacify an existing claim:
|
|
# - name: data
|
|
# type: "existingClaim"
|
|
# claimName: "my-pvc"
|
|
# maxVolumes: 0 # If set to zero on non-windows OS, the limit will be auto configured. (default "7")
|
|
#
|
|
# You can also use emptyDir storage:
|
|
# - name: data
|
|
# type: "emptyDir"
|
|
# maxVolumes: 0 # If set to zero on non-windows OS, the limit will be auto configured. (default "7")
|
|
|
|
dataDirs:
|
|
- name: data1
|
|
type: "hostPath"
|
|
hostPathPrefix: /ssd
|
|
maxVolumes: 0
|
|
|
|
# - name: data2
|
|
# type: "persistentVolumeClaim"
|
|
# storageClass: "yourClassNameOfChoice"
|
|
# size: "800Gi"
|
|
# maxVolumes: 0
|
|
|
|
# This will automatically create a job for patching Kubernetes resources if the dataDirs type is 'persistentVolumeClaim' and the size has changed.
|
|
resizeHook:
|
|
enabled: true
|
|
image: bitnami/kubectl
|
|
|
|
# idx can be defined by:
|
|
#
|
|
# idx:
|
|
# type: "hostPath"
|
|
# hostPathPrefix: /ssd
|
|
#
|
|
# or
|
|
#
|
|
# idx:
|
|
# type: "persistentVolumeClaim"
|
|
# size: "20Gi"
|
|
# storageClass: "local-path-provisioner"
|
|
#
|
|
# or
|
|
#
|
|
# idx:
|
|
# type: "existingClaim"
|
|
# claimName: "myClaim"
|
|
#
|
|
# or
|
|
#
|
|
# idx:
|
|
# type: "emptyDir"
|
|
|
|
# same applies to "logs"
|
|
|
|
idx: {}
|
|
|
|
logs: {}
|
|
|
|
# limit background compaction or copying speed in mega bytes per second
|
|
compactionMBps: "50"
|
|
|
|
|
|
# Volume server's rack name
|
|
rack: null
|
|
|
|
# Volume server's data center name
|
|
dataCenter: null
|
|
|
|
# Redirect moved or non-local volumes. (default proxy)
|
|
readMode: proxy
|
|
|
|
# Comma separated Ip addresses having write permission. No limit if empty.
|
|
whiteList: null
|
|
|
|
# Adjust jpg orientation when uploading.
|
|
imagesFixOrientation: false
|
|
|
|
## @param volume.sidecars Add additional sidecar containers to the volume pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
initContainers: ""
|
|
|
|
extraVolumes: ""
|
|
extraVolumeMounts: ""
|
|
|
|
# Labels to be added to the volume pods
|
|
podLabels: {}
|
|
|
|
# Annotations to be added to the volume pods
|
|
podAnnotations: {}
|
|
|
|
## Set podManagementPolicy
|
|
podManagementPolicy: Parallel
|
|
|
|
# Affinity Settings
|
|
# Commenting out or setting as empty the affinity variable, will allow
|
|
# deployment to single node services such as Minikube
|
|
affinity: |
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app.kubernetes.io/component: volume
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# Resource requests, limits, etc. for the server cluster placement. This
|
|
# should map directly to the value of the resources field for a PodSpec,
|
|
# formatted as a multi-line string. By default no direct resource request
|
|
# is made.
|
|
resources: {}
|
|
|
|
# Toleration Settings for server pods
|
|
# This should be a multi-line string matching the Toleration array
|
|
# in a PodSpec.
|
|
tolerations: ""
|
|
|
|
# nodeSelector labels for server pod assignment, formatted as a muli-line string.
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
# Example:
|
|
nodeSelector: |
|
|
kubernetes.io/arch: amd64
|
|
# nodeSelector: |
|
|
# sw-volume: "true"
|
|
|
|
# used to assign priority to server pods
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
priorityClassName: ""
|
|
|
|
# used to assign a service account.
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
serviceAccountName: ""
|
|
|
|
extraEnvironmentVars:
|
|
|
|
# Configure security context for Pod
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# podSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 1000
|
|
# runAsGroup: 3000
|
|
# fsGroup: 2000
|
|
podSecurityContext: {}
|
|
|
|
# Configure security context for Container
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# containerSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 2000
|
|
# allowPrivilegeEscalation: false
|
|
containerSecurityContext: {}
|
|
|
|
# used to configure livenessProbe on volume-server containers
|
|
#
|
|
livenessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /status
|
|
scheme: HTTP
|
|
initialDelaySeconds: 20
|
|
periodSeconds: 90
|
|
successThreshold: 1
|
|
failureThreshold: 4
|
|
timeoutSeconds: 30
|
|
|
|
# used to configure readinessProbe on volume-server containers
|
|
#
|
|
readinessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /status
|
|
scheme: HTTP
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
failureThreshold: 100
|
|
timeoutSeconds: 30
|
|
|
|
filer:
|
|
enabled: true
|
|
imageOverride: null
|
|
restartPolicy: null
|
|
replicas: 1
|
|
port: 8888
|
|
grpcPort: 18888
|
|
metricsPort: 9327
|
|
loggingOverrideLevel: null
|
|
filerGroup: ""
|
|
# replication type is XYZ:
|
|
# X number of replica in other data centers
|
|
# Y number of replica in other racks in the same data center
|
|
# Z number of replica in other servers in the same rack
|
|
defaultReplicaPlacement: "000"
|
|
# turn off directory listing
|
|
disableDirListing: false
|
|
# split files larger than the limit, default 32
|
|
maxMB: null
|
|
# encrypt data on volume servers
|
|
encryptVolumeData: false
|
|
|
|
# Whether proxy or redirect to volume server during file GET request
|
|
redirectOnRead: false
|
|
|
|
# Limit sub dir listing size (default 100000)
|
|
dirListLimit: 100000
|
|
|
|
# Disable http request, only gRpc operations are allowed
|
|
disableHttp: false
|
|
|
|
# DEPRECATE: enablePVC, storage, storageClass
|
|
# Consider replacing with filer.data section below instead.
|
|
|
|
# Settings for configuring stateful storage of filer pods.
|
|
# enablePVC will create a pvc for filer for data persistence.
|
|
enablePVC: false
|
|
# storage should be set to the disk size of the attached volume.
|
|
storage: 25Gi
|
|
# storageClass is the class of storage which defaults to null (the Kube cluster will pick the default).
|
|
storageClass: null
|
|
# You may use ANY storage-class, example with local-path-provisioner
|
|
# Annotations are optional.
|
|
# data:
|
|
# type: "persistentVolumeClaim"
|
|
# size: "24Ti"
|
|
# storageClass: "local-path-provisioner"
|
|
# annotations:
|
|
# "key": "value"
|
|
#
|
|
# You may also specify an existing claim:
|
|
# data:
|
|
# type: "existingClaim"
|
|
# claimName: "my-pvc"
|
|
#
|
|
# You can also use emptyDir storage:
|
|
# data:
|
|
# type: "emptyDir"
|
|
data:
|
|
type: "hostPath"
|
|
size: ""
|
|
storageClass: ""
|
|
hostPathPrefix: /storage
|
|
|
|
# You can also use emptyDir storage:
|
|
# logs:
|
|
# type: "emptyDir"
|
|
logs:
|
|
type: "hostPath"
|
|
size: ""
|
|
storageClass: ""
|
|
hostPathPrefix: /storage
|
|
|
|
## @param filer.sidecars Add additional sidecar containers to the filer pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
initContainers: ""
|
|
|
|
extraVolumes: ""
|
|
extraVolumeMounts: ""
|
|
|
|
# Labels to be added to the filer pods
|
|
podLabels: {}
|
|
|
|
# Annotations to be added to the filer pods
|
|
podAnnotations: {}
|
|
|
|
## Set podManagementPolicy
|
|
podManagementPolicy: Parallel
|
|
|
|
# Affinity Settings
|
|
# Commenting out or setting as empty the affinity variable, will allow
|
|
# deployment to single node services such as Minikube
|
|
affinity: |
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app.kubernetes.io/component: filer
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# updatePartition is used to control a careful rolling update of SeaweedFS
|
|
# masters.
|
|
updatePartition: 0
|
|
|
|
# Resource requests, limits, etc. for the server cluster placement. This
|
|
# should map directly to the value of the resources field for a PodSpec,
|
|
# formatted as a multi-line string. By default no direct resource request
|
|
# is made.
|
|
resources: {}
|
|
|
|
# Toleration Settings for server pods
|
|
# This should be a multi-line string matching the Toleration array
|
|
# in a PodSpec.
|
|
tolerations: ""
|
|
|
|
# nodeSelector labels for server pod assignment, formatted as a muli-line string.
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
# Example:
|
|
nodeSelector: |
|
|
kubernetes.io/arch: amd64
|
|
# nodeSelector: |
|
|
# sw-backend: "true"
|
|
|
|
# used to assign priority to server pods
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
priorityClassName: ""
|
|
|
|
# used to assign a service account.
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
serviceAccountName: ""
|
|
|
|
# Configure security context for Pod
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# podSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 1000
|
|
# runAsGroup: 3000
|
|
# fsGroup: 2000
|
|
podSecurityContext: {}
|
|
|
|
# Configure security context for Container
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# containerSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 2000
|
|
# allowPrivilegeEscalation: false
|
|
containerSecurityContext: {}
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: "nginx"
|
|
# host: false for "*" hostname
|
|
host: "seaweedfs.cluster.local"
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/backend-protocol: GRPC
|
|
nginx.ingress.kubernetes.io/auth-type: "basic"
|
|
nginx.ingress.kubernetes.io/auth-secret: "default/ingress-basic-auth-secret"
|
|
nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - SW-Filer'
|
|
nginx.ingress.kubernetes.io/service-upstream: "true"
|
|
nginx.ingress.kubernetes.io/rewrite-target: /$1
|
|
nginx.ingress.kubernetes.io/use-regex: "true"
|
|
nginx.ingress.kubernetes.io/enable-rewrite-log: "true"
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "false"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
|
|
nginx.ingress.kubernetes.io/configuration-snippet: |
|
|
sub_filter '<head>' '<head> <base href="/sw-filer/">'; #add base url
|
|
sub_filter '="/' '="./'; #make absolute paths to relative
|
|
sub_filter '=/' '=./';
|
|
sub_filter '/seaweedfsstatic' './seaweedfsstatic';
|
|
sub_filter_once off;
|
|
|
|
# extraEnvVars is a list of extra enviroment variables to set with the stateful set.
|
|
extraEnvironmentVars:
|
|
WEED_MYSQL_ENABLED: "false"
|
|
WEED_MYSQL_HOSTNAME: "mysql-db-host"
|
|
WEED_MYSQL_PORT: "3306"
|
|
WEED_MYSQL_DATABASE: "sw_database"
|
|
WEED_MYSQL_CONNECTION_MAX_IDLE: "5"
|
|
WEED_MYSQL_CONNECTION_MAX_OPEN: "75"
|
|
# "refresh" connection every 10 minutes, eliminating mysql closing "old" connections
|
|
WEED_MYSQL_CONNECTION_MAX_LIFETIME_SECONDS: "600"
|
|
# enable usage of memsql as filer backend
|
|
WEED_MYSQL_INTERPOLATEPARAMS: "true"
|
|
# if you want to use leveldb2, then should enable "enablePVC". or you may lose your data.
|
|
WEED_LEVELDB2_ENABLED: "true"
|
|
# with http DELETE, by default the filer would check whether a folder is empty.
|
|
# recursive_delete will delete all sub folders and files, similar to "rm -Rf"
|
|
WEED_FILER_OPTIONS_RECURSIVE_DELETE: "false"
|
|
# directories under this folder will be automatically creating a separate bucket
|
|
WEED_FILER_BUCKETS_FOLDER: "/buckets"
|
|
|
|
# used to configure livenessProbe on filer containers
|
|
#
|
|
livenessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /
|
|
scheme: HTTP
|
|
initialDelaySeconds: 20
|
|
periodSeconds: 30
|
|
successThreshold: 1
|
|
failureThreshold: 5
|
|
timeoutSeconds: 10
|
|
|
|
# used to configure readinessProbe on filer containers
|
|
#
|
|
readinessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /
|
|
scheme: HTTP
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
failureThreshold: 100
|
|
timeoutSeconds: 10
|
|
|
|
# secret env variables
|
|
secretExtraEnvironmentVars: {}
|
|
# WEED_POSTGRES_USERNAME:
|
|
# secretKeyRef:
|
|
# name: postgres-credentials
|
|
# key: username
|
|
# WEED_POSTGRES_PASSWORD:
|
|
# secretKeyRef:
|
|
# name: postgres-credentials
|
|
# key: password
|
|
|
|
s3:
|
|
enabled: false
|
|
port: 8333
|
|
# add additional https port
|
|
httpsPort: 0
|
|
# allow empty folders
|
|
allowEmptyFolder: false
|
|
# Suffix of the host name, {bucket}.{domainName}
|
|
domainName: ""
|
|
# enable user & permission to s3 (need to inject to all services)
|
|
enableAuth: false
|
|
# set to the name of an existing kubernetes Secret with the s3 json config file
|
|
# should have a secret key called seaweedfs_s3_config with an inline json configure
|
|
existingConfigSecret: null
|
|
auditLogConfig: {}
|
|
# You may specify buckets to be created during the install process.
|
|
# Buckets may be exposed publicly by setting `anonymousRead` to `true`
|
|
# createBuckets:
|
|
# - name: bucket-a
|
|
# anonymousRead: true
|
|
# - name: bucket-b
|
|
# anonymousRead: false
|
|
|
|
s3:
|
|
enabled: false
|
|
imageOverride: null
|
|
restartPolicy: null
|
|
replicas: 1
|
|
bindAddress: 0.0.0.0
|
|
port: 8333
|
|
# add additional https port
|
|
httpsPort: 0
|
|
metricsPort: 9327
|
|
loggingOverrideLevel: null
|
|
# allow empty folders
|
|
allowEmptyFolder: true
|
|
# enable user & permission to s3 (need to inject to all services)
|
|
enableAuth: false
|
|
# set to the name of an existing kubernetes Secret with the s3 json config file
|
|
# should have a secret key called seaweedfs_s3_config with an inline json config
|
|
existingConfigSecret: null
|
|
auditLogConfig: {}
|
|
|
|
# Suffix of the host name, {bucket}.{domainName}
|
|
domainName: ""
|
|
|
|
## @param s3.sidecars Add additional sidecar containers to the s3 pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
initContainers: ""
|
|
|
|
extraVolumes: ""
|
|
extraVolumeMounts: ""
|
|
|
|
# Labels to be added to the s3 pods
|
|
podLabels: {}
|
|
|
|
# Annotations to be added to the s3 pods
|
|
podAnnotations: {}
|
|
|
|
# Resource requests, limits, etc. for the server cluster placement. This
|
|
# should map directly to the value of the resources field for a PodSpec,
|
|
# formatted as a multi-line string. By default no direct resource request
|
|
# is made.
|
|
resources: {}
|
|
|
|
# Toleration Settings for server pods
|
|
# This should be a multi-line string matching the Toleration array
|
|
# in a PodSpec.
|
|
tolerations: ""
|
|
|
|
# nodeSelector labels for server pod assignment, formatted as a muli-line string.
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
# Example:
|
|
nodeSelector: |
|
|
kubernetes.io/arch: amd64
|
|
# nodeSelector: |
|
|
# sw-backend: "true"
|
|
|
|
# used to assign priority to server pods
|
|
# ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
priorityClassName: ""
|
|
|
|
# used to assign a service account.
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
serviceAccountName: ""
|
|
|
|
# Configure security context for Pod
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# podSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 1000
|
|
# runAsGroup: 3000
|
|
# fsGroup: 2000
|
|
podSecurityContext: {}
|
|
|
|
# Configure security context for Container
|
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
# Example:
|
|
# containerSecurityContext:
|
|
# enabled: true
|
|
# runAsUser: 2000
|
|
# allowPrivilegeEscalation: false
|
|
containerSecurityContext: {}
|
|
|
|
# You can also use emptyDir storage:
|
|
# logs:
|
|
# type: "emptyDir"
|
|
logs:
|
|
type: "hostPath"
|
|
size: ""
|
|
storageClass: ""
|
|
hostPathPrefix: /storage
|
|
|
|
extraEnvironmentVars:
|
|
|
|
# used to configure livenessProbe on s3 containers
|
|
#
|
|
livenessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /status
|
|
scheme: HTTP
|
|
initialDelaySeconds: 20
|
|
periodSeconds: 60
|
|
successThreshold: 1
|
|
failureThreshold: 20
|
|
timeoutSeconds: 10
|
|
|
|
# used to configure readinessProbe on s3 containers
|
|
#
|
|
readinessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /status
|
|
scheme: HTTP
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
failureThreshold: 100
|
|
timeoutSeconds: 10
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: "nginx"
|
|
# host: false for "*" hostname
|
|
host: "seaweedfs.cluster.local"
|
|
# additional ingress annotations for the s3 endpoint
|
|
annotations: {}
|
|
tls: []
|
|
|
|
# Deploy Kubernetes COSI Driver for SeaweedFS
|
|
# Requires COSI CRDs and controller to be installed in the cluster
|
|
# For more information, visit: https://container-object-storage-interface.github.io/docs/deployment-guide
|
|
cosi:
|
|
enabled: false
|
|
image: "ghcr.io/seaweedfs/seaweedfs-cosi-driver:v0.1.1"
|
|
driverName: "seaweedfs.objectstorage.k8s.io"
|
|
bucketClassName: "seaweedfs"
|
|
endpoint: ""
|
|
region: ""
|
|
|
|
sidecar:
|
|
image: gcr.io/k8s-staging-sig-storage/objectstorage-sidecar/objectstorage-sidecar:v20230130-v0.1.0-24-gc0cf995
|
|
|
|
# enable user & permission to s3 (need to inject to all services)
|
|
enableAuth: false
|
|
# set to the name of an existing kubernetes Secret with the s3 json config file
|
|
# should have a secret key called seaweedfs_s3_config with an inline json configure
|
|
existingConfigSecret: null
|
|
|
|
podSecurityContext: {}
|
|
containerSecurityContext: {}
|
|
|
|
extraVolumes: ""
|
|
extraVolumeMounts: ""
|
|
|
|
certificates:
|
|
commonName: "SeaweedFS CA"
|
|
ipAddresses: []
|
|
keyAlgorithm: RSA
|
|
keySize: 2048
|
|
duration: 2160h # 90d
|
|
renewBefore: 360h # 15d
|
|
externalCertificates:
|
|
# This will avoid the need to use cert-manager and will rely on providing your own external certificates and CA
|
|
# you will need to store your provided certificates in the secret read by the different services:
|
|
# seaweedfs-master-cert, seaweedfs-filer-cert, etc. Can see any statefulset definition to see secret names
|
|
enabled: false
|
|
|
|
# Labels to be added to all the created pods
|
|
podLabels: {}
|
|
# Annotations to be added to all the created pods
|
|
podAnnotations: {}
|