elasticsearch-kibana values.yaml
💣
domain💣
Type: string
"bigbang.dev"
Description: Domain used for BigBang created exposed services.
autoRollingUpgrade.enabled💣
Type: bool
false
Description: Enable BigBang specific autoRollingUpgrade support
imagePullPolicy💣
Type: string
"IfNotPresent"
Description: Pull Policy for all non-init containers in this package.
kibana.version💣
Type: string
"8.5.2"
Description: Kibana version
kibana.image.repository💣
Type: string
"registry1.dso.mil/ironbank/elastic/kibana/kibana"
Description: Kibana image repository
kibana.image.tag💣
Type: string
"8.5.2"
Description: Kibana image tag
kibana.host💣
Type: string
""
Description: Kibana Ingress Host Value. Only required if not using Istio for ingress.
kibana.count💣
Type: int
3
Description: Number of Kibana replicas
kibana.serviceAccountName💣
Type: string
"logging-kibana"
Description: Name for serviceAccount to use, will be autocreated.
kibana.updateStrategy💣
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Kibana updateStrategy
kibana.securityContext💣
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for Kibana pods
kibana.containersecurityContext.capabilities.drop[0]💣
Type: string
"ALL"
kibana.imagePullSecrets💣
Type: list
[]
Default value (formatted)
[]
Description: Kibana imagePullSecrets
kibana.resources💣
Type: object
{"limits":{"cpu":1,"memory":"2Gi"},"requests":{"cpu":1,"memory":"2Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "2Gi"
},
"requests": {
"cpu": 1,
"memory": "2Gi"
}
}
Description: Kibana resources
kibana.volumes💣
Type: list
[]
Default value (formatted)
[]
Description: Kibana volumes
kibana.volumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Kibana volumeMounts
kibana.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Kibana podAnnotations
kibana.affinity💣
Type: object
{}
Default value (formatted)
{}
Description: Kibana affinity
kibana.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Kibana tolerations
kibana.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Kibana nodeSelector
kibana.lifecycle💣
Type: object
{}
Default value (formatted)
{}
Description: Kibana lifecycle
elasticsearch.version💣
Type: string
"8.5.2"
Description: Elasticsearch version
elasticsearch.image.repository💣
Type: string
"registry1.dso.mil/ironbank/elastic/elasticsearch/elasticsearch"
Description: Elasticsearch image repository
elasticsearch.image.tag💣
Type: string
"8.5.2"
Description: Elasticsearch image tag
elasticsearch.imagePullSecrets💣
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch imagePullSecrets
elasticsearch.serviceAccountName💣
Type: string
"logging-elasticsearch"
Description: Name for serviceAccount to use, will be autocreated.
elasticsearch.master.initContainers💣
Type: list
[]
Default value (formatted)
[]
Description: Add init containers to master pods
elasticsearch.master.securityContext💣
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch master node sets
elasticsearch.master.containersecurityContext.capabilities.drop[0]💣
Type: string
"ALL"
elasticsearch.master.updateStrategy💣
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Elasticsearch master updateStrategy
elasticsearch.master.volumes💣
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch master volumes
elasticsearch.master.volumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch master volumeMounts
elasticsearch.master.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master podAnnotations
elasticsearch.master.affinity💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master affinity
elasticsearch.master.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch master tolerations
elasticsearch.master.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master nodeSelector
elasticsearch.master.lifecycle💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master lifecycle
elasticsearch.master.count💣
Type: int
3
Description: Elasticsearch master pod count
elasticsearch.master.persistence.storageClassName💣
Type: string
""
Description: Elasticsearch master persistence storageClassName
elasticsearch.master.persistence.size💣
Type: string
"5Gi"
Description: Elasticsearch master persistence size
elasticsearch.master.resources💣
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch master pod resources
elasticsearch.master.heap.min💣
Type: string
"2g"
Description: Elasticsearch master Java heap Xms setting
elasticsearch.master.heap.max💣
Type: string
"2g"
Description: Elasticsearch master Java heap Xmx setting
elasticsearch.data.initContainers💣
Type: list
[]
Default value (formatted)
[]
Description: Add init containers to data pods
elasticsearch.data.securityContext💣
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch data node sets
elasticsearch.data.containersecurityContext.capabilities.drop[0]💣
Type: string
"ALL"
elasticsearch.data.volumes💣
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch data volumes
elasticsearch.data.volumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch data volumeMounts
elasticsearch.data.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data podAnnotations
elasticsearch.data.affinity💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data affinity
elasticsearch.data.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch data tolerations
elasticsearch.data.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data nodeSelector
elasticsearch.data.lifecycle💣
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data lifecycle
elasticsearch.data.count💣
Type: int
4
Description: Elasticsearch data pod count
elasticsearch.data.persistence.storageClassName💣
Type: string
""
Description: Elasticsearch data persistence storageClassName
elasticsearch.data.persistence.size💣
Type: string
"100Gi"
Description: Elasticsearch data persistence size
elasticsearch.data.resources💣
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch data pod resources
elasticsearch.data.heap.min💣
Type: string
"2g"
Description: Elasticsearch data Java heap Xms setting
elasticsearch.data.heap.max💣
Type: string
"2g"
Description: Elasticsearch data Java heap Xmx setting
elasticsearch.ingest.enabled💣
Type: bool
false
Description: Enable ingest specific Elasticsearch pods
elasticsearch.ingest.initContainers💣
Type: list
[]
Default value (formatted)
[]
Description: initContainers
elasticsearch.ingest.securityContext💣
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch ingest node sets
elasticsearch.ingest.containersecurityContext.capabilities.drop[0]💣
Type: string
"ALL"
elasticsearch.ingest.volumes💣
Type: list
[]
Default value (formatted)
[]
Description: volumes
elasticsearch.ingest.volumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: volumeMounts
elasticsearch.ingest.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: podAnnotations
elasticsearch.ingest.affinity💣
Type: object
{}
Default value (formatted)
{}
Description: affinity
elasticsearch.ingest.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: tolerations
elasticsearch.ingest.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: nodeSelector
elasticsearch.ingest.lifecycle💣
Type: object
{}
Default value (formatted)
{}
Description: lifecycle
elasticsearch.ingest.count💣
Type: int
1
Description: count
elasticsearch.ingest.persistence.storageClassName💣
Type: string
""
Description: storageClassName
elasticsearch.ingest.persistence.size💣
Type: string
"100Gi"
Description: size
elasticsearch.ingest.resources💣
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch ingest pod resources
elasticsearch.ingest.heap.min💣
Type: string
"2g"
Description: Xms
elasticsearch.ingest.heap.max💣
Type: string
"2g"
Description: Xmx
elasticsearch.ml.enabled💣
Type: bool
false
Description: Enable Machine Learning specific Elasticsearch pods
elasticsearch.ml.initContainers💣
Type: list
[]
Default value (formatted)
[]
Description: initContainers
elasticsearch.ml.securityContext💣
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch ml node sets
elasticsearch.ml.containersecurityContext.capabilities.drop[0]💣
Type: string
"ALL"
elasticsearch.ml.updateStrategy💣
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Elasticsearch ml updateStrategy
elasticsearch.ml.volumes💣
Type: list
[]
Default value (formatted)
[]
Description: volumes
elasticsearch.ml.volumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: volumeMounts
elasticsearch.ml.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: podAnnotations
elasticsearch.ml.affinity💣
Type: object
{}
Default value (formatted)
{}
Description: affinity
elasticsearch.ml.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: tolerations
elasticsearch.ml.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: nodeSelector
elasticsearch.ml.lifecycle💣
Type: object
{}
Default value (formatted)
{}
Description: lifecycle
elasticsearch.ml.count💣
Type: int
1
Description: count
elasticsearch.ml.persistence.storageClassName💣
Type: string
""
Description: storageClassName
elasticsearch.ml.persistence.size💣
Type: string
"100Gi"
Description: size
elasticsearch.ml.resources💣
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch ml pod resources
elasticsearch.ml.heap.min💣
Type: string
"2g"
Description: Xms
elasticsearch.ml.heap.max💣
Type: string
"2g"
Description: Xmx
elasticsearch.coord.enabled💣
Type: bool
false
Description: Enable coordinating specific Elasticsearch pods
elasticsearch.coord.initContainers💣
Type: list
[]
Default value (formatted)
[]
Description: initContainers
elasticsearch.coord.securityContext💣
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch coordinating node sets
elasticsearch.coord.containersecurityContext.capabilities.drop[0]💣
Type: string
"ALL"
elasticsearch.coord.updateStrategy💣
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Elasticsearch coord updateStrategy
elasticsearch.coord.volumes💣
Type: list
[]
Default value (formatted)
[]
Description: volumes
elasticsearch.coord.volumeMounts💣
Type: list
[]
Default value (formatted)
[]
Description: volumeMounts
elasticsearch.coord.podAnnotations💣
Type: object
{}
Default value (formatted)
{}
Description: podAnnotations
elasticsearch.coord.affinity💣
Type: object
{}
Default value (formatted)
{}
Description: affinity
elasticsearch.coord.tolerations💣
Type: list
[]
Default value (formatted)
[]
Description: tolerations
elasticsearch.coord.nodeSelector💣
Type: object
{}
Default value (formatted)
{}
Description: nodeSelector
elasticsearch.coord.lifecycle💣
Type: object
{}
Default value (formatted)
{}
Description: lifecycle
elasticsearch.coord.count💣
Type: int
1
Description: count
elasticsearch.coord.persistence.storageClassName💣
Type: string
""
Description: storageClassName
elasticsearch.coord.persistence.size💣
Type: string
"100Gi"
Description: size
elasticsearch.coord.resources💣
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch coord pod resources
elasticsearch.coord.heap.min💣
Type: string
"2g"
Description: Xms
elasticsearch.coord.heap.max💣
Type: string
"2g"
Description: Xmx
istio.enabled💣
Type: bool
false
Description: Toggle istio interaction.
istio.mtls💣
Type: object
{"mode":"STRICT"}
Default value (formatted)
{
"mode": "STRICT"
}
Description: Default EK peer authentication
istio.mtls.mode💣
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic
istio.kibana.enabled💣
Type: bool
true
Description: Toggle virtualService creation
istio.kibana.annotations💣
Type: object
{}
Default value (formatted)
{}
Description: Annotations for controls the gateway used/attached to the virtualService
istio.kibana.labels💣
Type: object
{}
Default value (formatted)
{}
Description: Labels for virtualService
istio.kibana.gateways💣
Type: list
["istio-system/main"]
Default value (formatted)
[
"istio-system/main"
]
Description: Gateway(s) to apply virtualService routes to.
istio.kibana.hosts💣
Type: list
["kibana.{{ .Values.domain }}"]
Default value (formatted)
[
"kibana.{{ .Values.domain }}"
]
Description: hosts for the virtualService
sso.enabled💣
Type: bool
false
Description: Toggle SSO with Keycloak
sso.redirect_url💣
Type: string
""
Description: redirect_url defaults to .Values.istio.kibana.hosts[0] if not set.
sso.client_id💣
Type: string
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-kibana"
Description: client_id
sso.client_secret💣
Type: string
""
Description: OIDC client secret, can be empty for public client.
sso.oidc.host💣
Type: string
"login.dso.mil"
Description: host
sso.oidc.realm💣
Type: string
"baby-yoda"
Description: realm
sso.issuer💣
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}"
Description: issuer
sso.auth_url💣
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/auth"
Description: auth_url
sso.token_url💣
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/token"
Description: token_url
sso.userinfo_url💣
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/userinfo"
Description: userinfo_url
sso.jwkset_url💣
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/certs"
Description: jwks_url
sso.claims_principal💣
Type: string
"preferred_username"
Description: claims_principal
sso.requested_scopes💣
Type: list
["openid"]
Default value (formatted)
[
"openid"
]
Description: requested_scopes
sso.signature_algorithm💣
Type: string
"RS256"
Description: signature_algorithm
sso.endsession_url💣
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/logout"
Description: endsession_url
sso.claims_group💣
Type: string
"groups"
Description: claims_group
sso.claims_mail💣
Type: string
"email"
Description: claims_mail
sso.claims_principal_pattern💣
Type: string
""
Description: claims_principal_pattern
sso.cert_authorities💣
Type: list
[]
Default value (formatted)
[]
Description: cert_authorities
kibanaBasicAuth.enabled💣
Type: bool
true
Description: Toggle this to turn off Kibana’s built in auth and only allow SSO. Role mappings for SSO groups must be set up and SSO enabled before doing this.
networkPolicies.enabled💣
Type: bool
false
Description: Toggle BigBang NetworkPolicy templates
networkPolicies.ingressLabels💣
Type: object
{"app":"istio-ingressgateway","istio":"ingressgateway"}
Default value (formatted)
{
"app": "istio-ingressgateway",
"istio": "ingressgateway"
}
Description: Istio Ingressgateway labels. passed down to NetworkPolicy to whitelist external access to app
networkPolicies.controlPlaneCidr💣
Type: string
"0.0.0.0/0"
Description: See kubectl cluster-info
and then resolve to IP
upgradeJob.image.repository💣
Type: string
"registry1.dso.mil/ironbank/big-bang/base"
Description: image repository for upgradeJob
upgradeJob.image.tag💣
Type: string
"2.0.0"
Description: image tag for upgradeJob
monitoring.enabled💣
Type: bool
false
Description: Toggle BigBang monitoring integration, controls serviceMonitor template
metrics.enabled💣
Type: bool
false
Description: Toggle Prometheus ElasticSearch Exporter Installation
metrics.serviceMonitor.scheme💣
Type: string
""
metrics.serviceMonitor.tlsConfig💣
Type: object
{}
Default value (formatted)
{}
metrics.env💣
Type: object
{"ES_USERNAME":"elastic"}
Default value (formatted)
{
"ES_USERNAME": "elastic"
}
Description: Environment Variable Passthrough to set Auth for Exporter
metrics.extraEnvSecrets💣
Type: object
{"ES_PASSWORD":{"key":"elastic","secret":"logging-ek-es-elastic-user"}}
Default value (formatted)
{
"ES_PASSWORD": {
"key": "elastic",
"secret": "logging-ek-es-elastic-user"
}
}
Description: Environment Variable Secret Mount to set Auth for Exporter Replace with empty braces if you would like to use a an API_KEY
openshift💣
Type: bool
false
Description: Openshift Container Platform Feature Toggle
mattermost.enabled💣
Type: bool
false
Description: Mattermost integration toggle, controls mTLS exception and networkPolicies
bbtests.enabled💣
Type: bool
false
Description: Big Bang CI/Dev toggle for helm tests
bbtests.cypress.artifacts💣
Type: bool
true
Description: Toggle creation of cypress artifacts
bbtests.cypress.envs💣
Type: object
{"cypress_expect_logs":"false","cypress_kibana_url":"https://logging-ek-kb-http:5601/login"}
Default value (formatted)
{
"cypress_expect_logs": "false",
"cypress_kibana_url": "https://logging-ek-kb-http:5601/login"
}
Description: ENVs added to cypress test pods
bbtests.cypress.secretEnvs💣
Type: list
[{"name":"cypress_elastic_password","valueFrom":{"secretKeyRef":{"key":"elastic","name":"logging-ek-es-elastic-user"}}}]
Default value (formatted)
[
{
"name": "cypress_elastic_password",
"valueFrom": {
"secretKeyRef": {
"key": "elastic",
"name": "logging-ek-es-elastic-user"
}
}
}
]
Description: ENVs added to cypress test pods from existing secrets
bbtests.scripts.image💣
Type: string
"registry1.dso.mil/ironbank/stedolan/jq:1.6"
Description: image to use for script based tests
bbtests.scripts.envs💣
Type: object
{"desired_version":"{{ .Values.elasticsearch.version }}","elasticsearch_host":"https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200"}
Default value (formatted)
{
"desired_version": "{{ .Values.elasticsearch.version }}",
"elasticsearch_host": "https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200"
}
Description: ENVs added to script test pods
bbtests.scripts.secretEnvs💣
Type: list
[{"name":"ELASTIC_PASSWORD","valueFrom":{"secretKeyRef":{"key":"elastic","name":"logging-ek-es-elastic-user"}}}]
Default value (formatted)
[
{
"name": "ELASTIC_PASSWORD",
"valueFrom": {
"secretKeyRef": {
"key": "elastic",
"name": "logging-ek-es-elastic-user"
}
}
}
]
Description: ENVs added to script test pods from existing secrets