Helm chart parameters
The following table describes the available settings for the VerticaDB operator and admission controller Helm chart.
Parameter | Description |
---|---|
affinity |
Applies rules that constrain the VerticaDB operator to specific nodes. It is more expressive than nodeSelector . If this parameter is not set, then the operator uses no affinity setting. |
image.name |
The name of the image that runs the operator. Default: vertica/verticadb-operator: |
imagePullSecrets |
A list of Secrets that store credentials to authenticate to the private container repository specified by image.repo and rbac_proxy_image . For details, see Specifying ImagePullSecrets in the Kubernetes documentation. |
image.repo |
The server that hosts the repository that contains Use this parameter with Default: docker.io |
logging.filePath |
The path to a log file in the VerticaDB operator filesystem. If this value is not specified, Vertica writes logs to standard output. Default: Empty string (' ') that indicates standard output. |
logging.level |
Minimum logging level. This parameter accepts the following values:
Default: info |
logging.maxFileSize |
When Default: 500 |
logging.maxFileAge |
When Default: 7 |
logging.maxFileRotation |
When Default: 3 |
nameOverride |
Sets the prefix for the name assigned to all objects that the Helm chart creates. If this parameter is not set, each object name begins with the name of the Helm chart, |
nodeSelector |
Provides control over which nodes are used to schedule the operator pod. If this is not set, the node selector is omitted from the operator pod when it is created. To set this parameter, provide a list of key/value pairs. The following example schedules the operator only on nodes that have the
|
priorityClassName |
The PriorityClass name assigned to the operator pod. This affects where the pod is scheduled. |
prometheus.createProxyRBAC |
When set to true, creates role-based access control (RBAC) rules that authorize access to the operator's Default: true |
prometheus.createServiceMonitor |
DeprecatedThis parameter is deprecated and will be removed in a future release. When set to true, creates the ServiceMonitor custom resource for the Prometheus operator. You must install the Prometheus operator before you set this to true and install the Helm chart. For details, see the Prometheus operator GitHub repository. Default: false |
prometheus.expose |
Configures the operator's
Default: EnableWithAuthProxy |
prometheus.tlsSecret |
Secret that contains the TLS certificates for the Prometheus The Secret requires the following values:
To ensure that the operator uses the certificates in this parameter, you must set If |
rbac_proxy_image.name |
The name of the Kubernetes RBAC proxy image that performs authorization. Use this parameter for deployments that require authorization by a proxy server, such as an air-gapped operator. Use this parameter with Default: kubebuilder/kube-rbac-proxy:v0.11.0 |
rbac_proxy_image.repo |
The server that hosts the repository that contains Use this parameter with Default: gcr.io |
resources.limits and resources.requests |
The resource requirements for the operator pod.
Defaults:
|
serviceAccountNameOverride |
Service account that identifies any pods in the cluster for apiserver access. A cluster administrator can create a service account that grants the privileges required to install the operator so that users without cluster administrator privileges can install the Helm chart. To correctly control access, the service account's Roles and RoleBindings must exist before you add the service account to the CR. If these are not set, the Vertica Helm chart creates and uses a service account. Vertica provides the required Roles and RoleBindings as GitHub release artifacts. Default: Empty string ("") |
skipRoleAndRoleBindingCreation |
Determines whether the Helm chart creates any Roles or RoleBindings to authorize service accounts with VerticaDB operator privileges. When set to true, the Helm chart does not create any Roles or RoleBindings. This allows a user that cannot create Roles and RoleBindings to install the Helm chart. Vertica provides the required Roles and RoleBindings as GitHub release artifacts. The service account that installs the Helm chart must exist, and you must set Default: false |
tolerations |
Any taints and tolerations that influence where the operator pod is scheduled. |
webhook.caBundle |
A PEM-encoded certificate authority (CA) bundle that validates the webhook's server certificate. If this is not set, the webhook uses the system trust roots on the apiserver. DeprecatedThis parameter is deprecated and will be removed in a future release. To add a CA bundle, see If |
webhook.certSource |
Determines how TLS certificates are provided for the admission controller webhook. This parameter accepts the following values:
DeprecatedThis TLS certificate management method is deprecated and will be removed in a future release.
Default: internal For details, see Installing the Vertica DB operator. |
webhook.enable |
Determines if the Helm chart installs the admission controller webhooks for the VerticaDB custom resource and VerticaAutoscaler. If you do not have the privileges required to install the admission controller, set this value to false to deploy the operator only. This parameter enables or disables both webhooks. You cannot enable one webhook and disable the other. CautionWebhooks prevent invalid state changes to the custom resource. Running Vertica on Kubernetes without webhook validations might result in invalid state transitions. Default: true |
webhook.tlsSecret |
Secret that contains a PEM-encoded certificate authority (CA) bundle and its keys. The CA bundle validates the webhook's server certificate. If this is not set, the webhook uses the system trust roots on the apiserver. This Secret includes the following keys for the CA bundle:
|