elasticsearch-kibana values.yaml📜
domain📜
Type: string
"bigbang.dev"
Description: Domain used for BigBang created exposed services.
autoRollingUpgrade.enabled📜
Type: bool
false
Description: Enable BigBang specific autoRollingUpgrade support
imagePullPolicy📜
Type: string
"IfNotPresent"
Description: Pull Policy for all non-init containers in this package.
fluentbit📜
Type: object
{"enabled":false}
Default value (formatted)
{
"enabled": false
}
Description: Toggle for networkpolicies to allow fluentbit ingress
kibana.version📜
Type: string
"8.10.4"
Description: Kibana version
kibana.image.repository📜
Type: string
"registry1.dso.mil/ironbank/elastic/kibana/kibana"
Description: Kibana image repository
kibana.image.tag📜
Type: string
"8.10.4"
Description: Kibana image tag
kibana.host📜
Type: string
""
Description: Kibana Ingress Host Value. Only required if not using Istio for ingress.
kibana.count📜
Type: int
3
Description: Number of Kibana replicas
kibana.serviceAccountName📜
Type: string
"logging-kibana"
Description: Name for serviceAccount to use, will be autocreated.
kibana.updateStrategy📜
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Kibana updateStrategy
kibana.securityContext📜
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for Kibana pods
kibana.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
kibana.imagePullSecrets📜
Type: list
[]
Default value (formatted)
[]
Description: Kibana imagePullSecrets
kibana.resources📜
Type: object
{"limits":{"cpu":1,"memory":"2Gi"},"requests":{"cpu":1,"memory":"2Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "2Gi"
},
"requests": {
"cpu": 1,
"memory": "2Gi"
}
}
Description: Kibana resources
kibana.volumes📜
Type: list
[]
Default value (formatted)
[]
Description: Kibana volumes
kibana.volumeMounts📜
Type: list
[]
Default value (formatted)
[]
Description: Kibana volumeMounts
kibana.podAnnotations📜
Type: object
{}
Default value (formatted)
{}
Description: Kibana podAnnotations
kibana.affinity📜
Type: object
{}
Default value (formatted)
{}
Description: Kibana affinity
kibana.tolerations📜
Type: list
[]
Default value (formatted)
[]
Description: Kibana tolerations
kibana.nodeSelector📜
Type: object
{}
Default value (formatted)
{}
Description: Kibana nodeSelector
kibana.lifecycle📜
Type: object
{}
Default value (formatted)
{}
Description: Kibana lifecycle
kibana.agents📜
Type: object
{}
Default value (formatted)
{}
Description: Kibana Elastic Agent / Fleet Server configuration https://www.elastic.co/guide/en/cloud-on-k8s/2.7/k8s-elastic-agent-fleet-quickstart.html
elasticsearch.version📜
Type: string
"8.10.3"
Description: Elasticsearch version
elasticsearch.image.repository📜
Type: string
"registry1.dso.mil/ironbank/elastic/elasticsearch/elasticsearch"
Description: Elasticsearch image repository
elasticsearch.image.tag📜
Type: string
"8.10.3"
Description: Elasticsearch image tag
elasticsearch.imagePullSecrets📜
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch imagePullSecrets
elasticsearch.serviceAccountName📜
Type: string
"logging-elasticsearch"
Description: Name for serviceAccount to use, will be autocreated.
elasticsearch.master.initContainers📜
Type: list
[]
Default value (formatted)
[]
Description: Add init containers to master pods
elasticsearch.master.securityContext📜
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch master node sets
elasticsearch.master.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.master.updateStrategy📜
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Elasticsearch master updateStrategy
elasticsearch.master.volumes📜
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch master volumes
elasticsearch.master.volumeMounts📜
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch master volumeMounts
elasticsearch.master.podAnnotations📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master podAnnotations
elasticsearch.master.affinity📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master affinity
elasticsearch.master.tolerations📜
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch master tolerations
elasticsearch.master.nodeSelector📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master nodeSelector
elasticsearch.master.lifecycle📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch master lifecycle
elasticsearch.master.count📜
Type: int
3
Description: Elasticsearch master pod count
elasticsearch.master.persistence.storageClassName📜
Type: string
""
Description: Elasticsearch master persistence storageClassName
elasticsearch.master.persistence.size📜
Type: string
"5Gi"
Description: Elasticsearch master persistence size
elasticsearch.master.resources📜
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch master pod resources
elasticsearch.master.heap.min📜
Type: string
"2g"
Description: Elasticsearch master Java heap Xms setting
elasticsearch.master.heap.max📜
Type: string
"2g"
Description: Elasticsearch master Java heap Xmx setting
elasticsearch.data.initContainers📜
Type: list
[]
Default value (formatted)
[]
Description: Add init containers to data pods
elasticsearch.data.securityContext📜
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch data node sets
elasticsearch.data.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.data.volumes📜
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch data volumes
elasticsearch.data.volumeMounts📜
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch data volumeMounts
elasticsearch.data.podAnnotations📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data podAnnotations
elasticsearch.data.affinity📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data affinity
elasticsearch.data.tolerations📜
Type: list
[]
Default value (formatted)
[]
Description: Elasticsearch data tolerations
elasticsearch.data.nodeSelector📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data nodeSelector
elasticsearch.data.lifecycle📜
Type: object
{}
Default value (formatted)
{}
Description: Elasticsearch data lifecycle
elasticsearch.data.count📜
Type: int
4
Description: Elasticsearch data pod count
elasticsearch.data.persistence.storageClassName📜
Type: string
""
Description: Elasticsearch data persistence storageClassName
elasticsearch.data.persistence.size📜
Type: string
"100Gi"
Description: Elasticsearch data persistence size
elasticsearch.data.resources📜
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch data pod resources
elasticsearch.data.heap.min📜
Type: string
"2g"
Description: Elasticsearch data Java heap Xms setting
elasticsearch.data.heap.max📜
Type: string
"2g"
Description: Elasticsearch data Java heap Xmx setting
elasticsearch.ingest.enabled📜
Type: bool
false
Description: Enable ingest specific Elasticsearch pods
elasticsearch.ingest.initContainers📜
Type: list
[]
Default value (formatted)
[]
Description: initContainers
elasticsearch.ingest.securityContext📜
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch ingest node sets
elasticsearch.ingest.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.ingest.volumes📜
Type: list
[]
Default value (formatted)
[]
Description: volumes
elasticsearch.ingest.volumeMounts📜
Type: list
[]
Default value (formatted)
[]
Description: volumeMounts
elasticsearch.ingest.podAnnotations📜
Type: object
{}
Default value (formatted)
{}
Description: podAnnotations
elasticsearch.ingest.affinity📜
Type: object
{}
Default value (formatted)
{}
Description: affinity
elasticsearch.ingest.tolerations📜
Type: list
[]
Default value (formatted)
[]
Description: tolerations
elasticsearch.ingest.nodeSelector📜
Type: object
{}
Default value (formatted)
{}
Description: nodeSelector
elasticsearch.ingest.lifecycle📜
Type: object
{}
Default value (formatted)
{}
Description: lifecycle
elasticsearch.ingest.count📜
Type: int
1
Description: count
elasticsearch.ingest.persistence.storageClassName📜
Type: string
""
Description: storageClassName
elasticsearch.ingest.persistence.size📜
Type: string
"100Gi"
Description: size
elasticsearch.ingest.resources📜
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch ingest pod resources
elasticsearch.ingest.heap.min📜
Type: string
"2g"
Description: Xms
elasticsearch.ingest.heap.max📜
Type: string
"2g"
Description: Xmx
elasticsearch.ml.enabled📜
Type: bool
false
Description: Enable Machine Learning specific Elasticsearch pods
elasticsearch.ml.initContainers📜
Type: list
[]
Default value (formatted)
[]
Description: initContainers
elasticsearch.ml.securityContext📜
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch ml node sets
elasticsearch.ml.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.ml.updateStrategy📜
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Elasticsearch ml updateStrategy
elasticsearch.ml.volumes📜
Type: list
[]
Default value (formatted)
[]
Description: volumes
elasticsearch.ml.volumeMounts📜
Type: list
[]
Default value (formatted)
[]
Description: volumeMounts
elasticsearch.ml.podAnnotations📜
Type: object
{}
Default value (formatted)
{}
Description: podAnnotations
elasticsearch.ml.affinity📜
Type: object
{}
Default value (formatted)
{}
Description: affinity
elasticsearch.ml.tolerations📜
Type: list
[]
Default value (formatted)
[]
Description: tolerations
elasticsearch.ml.nodeSelector📜
Type: object
{}
Default value (formatted)
{}
Description: nodeSelector
elasticsearch.ml.lifecycle📜
Type: object
{}
Default value (formatted)
{}
Description: lifecycle
elasticsearch.ml.count📜
Type: int
1
Description: count
elasticsearch.ml.persistence.storageClassName📜
Type: string
""
Description: storageClassName
elasticsearch.ml.persistence.size📜
Type: string
"100Gi"
Description: size
elasticsearch.ml.resources📜
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch ml pod resources
elasticsearch.ml.heap.min📜
Type: string
"2g"
Description: Xms
elasticsearch.ml.heap.max📜
Type: string
"2g"
Description: Xmx
elasticsearch.coord.enabled📜
Type: bool
false
Description: Enable coordinating specific Elasticsearch pods
elasticsearch.coord.initContainers📜
Type: list
[]
Default value (formatted)
[]
Description: initContainers
elasticsearch.coord.securityContext📜
Type: object
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted)
{
"fsGroup": 1000,
"runAsGroup": 1000,
"runAsUser": 1000
}
Description: Set securityContext for elasticsearch coordinating node sets
elasticsearch.coord.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.coord.updateStrategy📜
Type: object
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted)
{
"rollingUpdate": {
"maxUnavailable": 1
},
"type": "rollingUpdate"
}
Description: Elasticsearch coord updateStrategy
elasticsearch.coord.volumes📜
Type: list
[]
Default value (formatted)
[]
Description: volumes
elasticsearch.coord.volumeMounts📜
Type: list
[]
Default value (formatted)
[]
Description: volumeMounts
elasticsearch.coord.podAnnotations📜
Type: object
{}
Default value (formatted)
{}
Description: podAnnotations
elasticsearch.coord.affinity📜
Type: object
{}
Default value (formatted)
{}
Description: affinity
elasticsearch.coord.tolerations📜
Type: list
[]
Default value (formatted)
[]
Description: tolerations
elasticsearch.coord.nodeSelector📜
Type: object
{}
Default value (formatted)
{}
Description: nodeSelector
elasticsearch.coord.lifecycle📜
Type: object
{}
Default value (formatted)
{}
Description: lifecycle
elasticsearch.coord.count📜
Type: int
1
Description: count
elasticsearch.coord.persistence.storageClassName📜
Type: string
""
Description: storageClassName
elasticsearch.coord.persistence.size📜
Type: string
"100Gi"
Description: size
elasticsearch.coord.resources📜
Type: object
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted)
{
"limits": {
"cpu": 1,
"memory": "4Gi"
},
"requests": {
"cpu": 1,
"memory": "4Gi"
}
}
Description: Elasticsearch coord pod resources
elasticsearch.coord.heap.min📜
Type: string
"2g"
Description: Xms
elasticsearch.coord.heap.max📜
Type: string
"2g"
Description: Xmx
istio.enabled📜
Type: bool
false
Description: Toggle istio interaction.
istio.mtls📜
Type: object
{"mode":"STRICT"}
Default value (formatted)
{
"mode": "STRICT"
}
Description: Default EK peer authentication
istio.mtls.mode📜
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic
istio.kibana.enabled📜
Type: bool
true
Description: Toggle virtualService creation
istio.kibana.annotations📜
Type: object
{}
Default value (formatted)
{}
Description: Annotations for controls the gateway used/attached to the virtualService
istio.kibana.labels📜
Type: object
{}
Default value (formatted)
{}
Description: Labels for virtualService
istio.kibana.gateways📜
Type: list
["istio-system/main"]
Default value (formatted)
[
"istio-system/main"
]
Description: Gateway(s) to apply virtualService routes to.
istio.kibana.hosts📜
Type: list
["kibana.{{ .Values.domain }}"]
Default value (formatted)
[
"kibana.{{ .Values.domain }}"
]
Description: hosts for the virtualService
sso.enabled📜
Type: bool
false
Description: Toggle SSO with Keycloak
sso.redirect_url📜
Type: string
""
Description: redirect_url defaults to .Values.istio.kibana.hosts[0] if not set.
sso.client_id📜
Type: string
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-kibana"
Description: client_id
sso.client_secret📜
Type: string
""
Description: OIDC client secret, can be empty for public client.
sso.oidc.host📜
Type: string
"login.dso.mil"
Description: host
sso.oidc.realm📜
Type: string
"baby-yoda"
Description: realm
sso.issuer📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}"
Description: issuer
sso.auth_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/auth"
Description: auth_url
sso.token_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/token"
Description: token_url
sso.userinfo_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/userinfo"
Description: userinfo_url
sso.jwkset_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/certs"
Description: jwks_url
sso.claims_principal📜
Type: string
"preferred_username"
Description: claims_principal
sso.requested_scopes📜
Type: list
["openid"]
Default value (formatted)
[
"openid"
]
Description: requested_scopes
sso.signature_algorithm📜
Type: string
"RS256"
Description: signature_algorithm
sso.endsession_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/logout"
Description: endsession_url
sso.claims_group📜
Type: string
"groups"
Description: claims_group
sso.claims_mail📜
Type: string
"email"
Description: claims_mail
sso.claims_principal_pattern📜
Type: string
""
Description: claims_principal_pattern
sso.cert_authorities📜
Type: list
[]
Default value (formatted)
[]
Description: cert_authorities
kibanaBasicAuth.enabled📜
Type: bool
true
Description: Toggle this to turn off Kibana’s built in auth and only allow SSO. Role mappings for SSO groups must be set up and SSO enabled before doing this.
networkPolicies.enabled📜
Type: bool
false
Description: Toggle BigBang NetworkPolicy templates
networkPolicies.ingressLabels📜
Type: object
{"app":"istio-ingressgateway","istio":"ingressgateway"}
Default value (formatted)
{
"app": "istio-ingressgateway",
"istio": "ingressgateway"
}
Description: Istio Ingressgateway labels. passed down to NetworkPolicy to whitelist external access to app
networkPolicies.controlPlaneCidr📜
Type: string
"0.0.0.0/0"
Description: See kubectl cluster-info and then resolve to IP
upgradeJob.image.repository📜
Type: string
"registry1.dso.mil/ironbank/big-bang/base"
Description: image repository for upgradeJob
upgradeJob.image.tag📜
Type: string
"2.0.0"
Description: image tag for upgradeJob
monitoring.enabled📜
Type: bool
false
Description: Toggle BigBang monitoring integration, controls serviceMonitor template
metrics.enabled📜
Type: bool
false
Description: Toggle Prometheus ElasticSearch Exporter Installation
metrics.serviceMonitor.scheme📜
Type: string
""
metrics.serviceMonitor.tlsConfig📜
Type: object
{}
Default value (formatted)
{}
metrics.env📜
Type: object
{"ES_USERNAME":"elastic"}
Default value (formatted)
{
"ES_USERNAME": "elastic"
}
Description: Environment Variable Passthrough to set Auth for Exporter
metrics.extraEnvSecrets📜
Type: object
{"ES_PASSWORD":{"key":"elastic","secret":"logging-ek-es-elastic-user"}}
Default value (formatted)
{
"ES_PASSWORD": {
"key": "elastic",
"secret": "logging-ek-es-elastic-user"
}
}
Description: Environment Variable Secret Mount to set Auth for Exporter Replace with empty braces if you would like to use a an API_KEY
openshift📜
Type: bool
false
Description: Openshift Container Platform Feature Toggle
mattermost.enabled📜
Type: bool
false
Description: Mattermost integration toggle, controls mTLS exception and networkPolicies
bbtests.enabled📜
Type: bool
false
Description: Big Bang CI/Dev toggle for helm tests
bbtests.cypress.artifacts📜
Type: bool
true
Description: Toggle creation of cypress artifacts
bbtests.cypress.envs📜
Type: object
{"cypress_expect_logs":"false","cypress_kibana_url":"https://logging-ek-kb-http:5601/login"}
Default value (formatted)
{
"cypress_expect_logs": "false",
"cypress_kibana_url": "https://logging-ek-kb-http:5601/login"
}
Description: ENVs added to cypress test pods
bbtests.cypress.secretEnvs📜
Type: list
[{"name":"cypress_elastic_password","valueFrom":{"secretKeyRef":{"key":"elastic","name":"logging-ek-es-elastic-user"}}}]
Default value (formatted)
[
{
"name": "cypress_elastic_password",
"valueFrom": {
"secretKeyRef": {
"key": "elastic",
"name": "logging-ek-es-elastic-user"
}
}
}
]
Description: ENVs added to cypress test pods from existing secrets
bbtests.scripts.image📜
Type: string
"registry1.dso.mil/ironbank/stedolan/jq:1.6"
Description: image to use for script based tests
bbtests.scripts.envs📜
Type: object
{"desired_version":"{{ .Values.elasticsearch.version }}","elasticsearch_host":"https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200"}
Default value (formatted)
{
"desired_version": "{{ .Values.elasticsearch.version }}",
"elasticsearch_host": "https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200"
}
Description: ENVs added to script test pods
bbtests.scripts.secretEnvs📜
Type: list
[{"name":"ELASTIC_PASSWORD","valueFrom":{"secretKeyRef":{"key":"elastic","name":"logging-ek-es-elastic-user"}}}]
Default value (formatted)
[
{
"name": "ELASTIC_PASSWORD",
"valueFrom": {
"secretKeyRef": {
"key": "elastic",
"name": "logging-ek-es-elastic-user"
}
}
}
]
Description: ENVs added to script test pods from existing secrets