Skip to content

elasticsearch-kibana values.yaml📜

domain📜

Type: string

Default value
"bigbang.dev"

Description: Domain used for BigBang created exposed services.

autoRollingUpgrade.enabled📜

Type: bool

Default value
false

Description: Enable BigBang specific autoRollingUpgrade support

imagePullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Pull Policy for all non-init containers in this package.

fluentbit📜

Type: object

Default value
enabled: false

Description: Toggle for networkpolicies to allow fluentbit ingress

kibana.version📜

Type: string

Default value
"8.12.2"

Description: Kibana version

kibana.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/elastic/kibana/kibana"

Description: Kibana image repository

kibana.image.tag📜

Type: string

Default value
"8.12.2"

Description: Kibana image tag

kibana.host📜

Type: string

Default value
""

Description: Kibana Ingress Host Value. Only required if not using Istio for ingress.

kibana.count📜

Type: int

Default value
3

Description: Number of Kibana replicas

kibana.serviceAccountName📜

Type: string

Default value
"logging-kibana"

Description: Name for serviceAccount to use, will be autocreated.

kibana.updateStrategy📜

Type: object

Default value
rollingUpdate:
  maxUnavailable: 1
type: rollingUpdate

Description: Kibana updateStrategy

kibana.securityContext📜

Type: object

Default value
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000

Description: Set securityContext for Kibana pods

kibana.containersecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

kibana.imagePullSecrets📜

Type: list

Default value
[]

Description: Kibana imagePullSecrets

kibana.resources📜

Type: object

Default value
limits:
  cpu: 1
  memory: 2Gi
requests:
  cpu: 1
  memory: 2Gi

Description: Kibana resources

kibana.volumes📜

Type: list

Default value
[]

Description: Kibana volumes

kibana.volumeMounts📜

Type: list

Default value
[]

Description: Kibana volumeMounts

kibana.podAnnotations📜

Type: object

Default value
{}

Description: Kibana podAnnotations

kibana.affinity📜

Type: object

Default value
{}

Description: Kibana affinity

kibana.tolerations📜

Type: list

Default value
[]

Description: Kibana tolerations

kibana.nodeSelector📜

Type: object

Default value
{}

Description: Kibana nodeSelector

kibana.lifecycle📜

Type: object

Default value
{}

Description: Kibana lifecycle

kibana.agents📜

Type: object

Default value
{}

Description: Kibana Elastic Agent / Fleet Server configuration https://www.elastic.co/guide/en/cloud-on-k8s/2.7/k8s-elastic-agent-fleet-quickstart.html

elasticsearch.version📜

Type: string

Default value
"8.12.2"

Description: Elasticsearch version

elasticsearch.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/elastic/elasticsearch/elasticsearch"

Description: Elasticsearch image repository

elasticsearch.image.tag📜

Type: string

Default value
"8.12.2"

Description: Elasticsearch image tag

elasticsearch.imagePullSecrets📜

Type: list

Default value
[]

Description: Elasticsearch imagePullSecrets

elasticsearch.serviceAccountName📜

Type: string

Default value
"logging-elasticsearch"

Description: Name for serviceAccount to use, will be autocreated.

elasticsearch.master.initContainers📜

Type: list

Default value
[]

Description: Add init containers to master pods

elasticsearch.master.securityContext📜

Type: object

Default value
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000

Description: Set securityContext for elasticsearch master node sets

elasticsearch.master.containersecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

elasticsearch.master.updateStrategy📜

Type: object

Default value
rollingUpdate:
  maxUnavailable: 1
type: rollingUpdate

Description: Elasticsearch master updateStrategy

elasticsearch.master.volumes📜

Type: list

Default value
[]

Description: Elasticsearch master volumes

elasticsearch.master.volumeMounts📜

Type: list

Default value
[]

Description: Elasticsearch master volumeMounts

elasticsearch.master.podAnnotations📜

Type: object

Default value
{}

Description: Elasticsearch master podAnnotations

elasticsearch.master.affinity📜

Type: object

Default value
{}

Description: Elasticsearch master affinity

elasticsearch.master.tolerations📜

Type: list

Default value
[]

Description: Elasticsearch master tolerations

elasticsearch.master.nodeSelector📜

Type: object

Default value
{}

Description: Elasticsearch master nodeSelector

elasticsearch.master.lifecycle📜

Type: object

Default value
{}

Description: Elasticsearch master lifecycle

elasticsearch.master.count📜

Type: int

Default value
3

Description: Elasticsearch master pod count

elasticsearch.master.persistence.storageClassName📜

Type: string

Default value
""

Description: Elasticsearch master persistence storageClassName

elasticsearch.master.persistence.size📜

Type: string

Default value
"5Gi"

Description: Elasticsearch master persistence size

elasticsearch.master.resources📜

Type: object

Default value
limits:
  cpu: 1
  memory: 4Gi
requests:
  cpu: 1
  memory: 4Gi

Description: Elasticsearch master pod resources

elasticsearch.master.heap.min📜

Type: string

Default value
"2g"

Description: Elasticsearch master Java heap Xms setting

elasticsearch.master.heap.max📜

Type: string

Default value
"2g"

Description: Elasticsearch master Java heap Xmx setting

elasticsearch.data.initContainers📜

Type: list

Default value
[]

Description: Add init containers to data pods

elasticsearch.data.securityContext📜

Type: object

Default value
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000

Description: Set securityContext for elasticsearch data node sets

elasticsearch.data.containersecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

elasticsearch.data.volumes📜

Type: list

Default value
[]

Description: Elasticsearch data volumes

elasticsearch.data.volumeMounts📜

Type: list

Default value
[]

Description: Elasticsearch data volumeMounts

elasticsearch.data.podAnnotations📜

Type: object

Default value
{}

Description: Elasticsearch data podAnnotations

elasticsearch.data.affinity📜

Type: object

Default value
{}

Description: Elasticsearch data affinity

elasticsearch.data.tolerations📜

Type: list

Default value
[]

Description: Elasticsearch data tolerations

elasticsearch.data.nodeSelector📜

Type: object

Default value
{}

Description: Elasticsearch data nodeSelector

elasticsearch.data.lifecycle📜

Type: object

Default value
{}

Description: Elasticsearch data lifecycle

elasticsearch.data.count📜

Type: int

Default value
4

Description: Elasticsearch data pod count

elasticsearch.data.persistence.storageClassName📜

Type: string

Default value
""

Description: Elasticsearch data persistence storageClassName

elasticsearch.data.persistence.size📜

Type: string

Default value
"100Gi"

Description: Elasticsearch data persistence size

elasticsearch.data.resources📜

Type: object

Default value
limits:
  cpu: 1
  memory: 4Gi
requests:
  cpu: 1
  memory: 4Gi

Description: Elasticsearch data pod resources

elasticsearch.data.heap.min📜

Type: string

Default value
"2g"

Description: Elasticsearch data Java heap Xms setting

elasticsearch.data.heap.max📜

Type: string

Default value
"2g"

Description: Elasticsearch data Java heap Xmx setting

elasticsearch.ingest.enabled📜

Type: bool

Default value
false

Description: Enable ingest specific Elasticsearch pods

elasticsearch.ingest.initContainers📜

Type: list

Default value
[]

Description: initContainers

elasticsearch.ingest.securityContext📜

Type: object

Default value
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000

Description: Set securityContext for elasticsearch ingest node sets

elasticsearch.ingest.containersecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

elasticsearch.ingest.volumes📜

Type: list

Default value
[]

Description: volumes

elasticsearch.ingest.volumeMounts📜

Type: list

Default value
[]

Description: volumeMounts

elasticsearch.ingest.podAnnotations📜

Type: object

Default value
{}

Description: podAnnotations

elasticsearch.ingest.affinity📜

Type: object

Default value
{}

Description: affinity

elasticsearch.ingest.tolerations📜

Type: list

Default value
[]

Description: tolerations

elasticsearch.ingest.nodeSelector📜

Type: object

Default value
{}

Description: nodeSelector

elasticsearch.ingest.lifecycle📜

Type: object

Default value
{}

Description: lifecycle

elasticsearch.ingest.count📜

Type: int

Default value
1

Description: count

elasticsearch.ingest.persistence.storageClassName📜

Type: string

Default value
""

Description: storageClassName

elasticsearch.ingest.persistence.size📜

Type: string

Default value
"100Gi"

Description: size

elasticsearch.ingest.resources📜

Type: object

Default value
limits:
  cpu: 1
  memory: 4Gi
requests:
  cpu: 1
  memory: 4Gi

Description: Elasticsearch ingest pod resources

elasticsearch.ingest.heap.min📜

Type: string

Default value
"2g"

Description: Xms

elasticsearch.ingest.heap.max📜

Type: string

Default value
"2g"

Description: Xmx

elasticsearch.ml.enabled📜

Type: bool

Default value
false

Description: Enable Machine Learning specific Elasticsearch pods

elasticsearch.ml.initContainers📜

Type: list

Default value
[]

Description: initContainers

elasticsearch.ml.securityContext📜

Type: object

Default value
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000

Description: Set securityContext for elasticsearch ml node sets

elasticsearch.ml.containersecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

elasticsearch.ml.updateStrategy📜

Type: object

Default value
rollingUpdate:
  maxUnavailable: 1
type: rollingUpdate

Description: Elasticsearch ml updateStrategy

elasticsearch.ml.volumes📜

Type: list

Default value
[]

Description: volumes

elasticsearch.ml.volumeMounts📜

Type: list

Default value
[]

Description: volumeMounts

elasticsearch.ml.podAnnotations📜

Type: object

Default value
{}

Description: podAnnotations

elasticsearch.ml.affinity📜

Type: object

Default value
{}

Description: affinity

elasticsearch.ml.tolerations📜

Type: list

Default value
[]

Description: tolerations

elasticsearch.ml.nodeSelector📜

Type: object

Default value
{}

Description: nodeSelector

elasticsearch.ml.lifecycle📜

Type: object

Default value
{}

Description: lifecycle

elasticsearch.ml.count📜

Type: int

Default value
1

Description: count

elasticsearch.ml.persistence.storageClassName📜

Type: string

Default value
""

Description: storageClassName

elasticsearch.ml.persistence.size📜

Type: string

Default value
"100Gi"

Description: size

elasticsearch.ml.resources📜

Type: object

Default value
limits:
  cpu: 1
  memory: 4Gi
requests:
  cpu: 1
  memory: 4Gi

Description: Elasticsearch ml pod resources

elasticsearch.ml.heap.min📜

Type: string

Default value
"2g"

Description: Xms

elasticsearch.ml.heap.max📜

Type: string

Default value
"2g"

Description: Xmx

elasticsearch.coord.enabled📜

Type: bool

Default value
false

Description: Enable coordinating specific Elasticsearch pods

elasticsearch.coord.initContainers📜

Type: list

Default value
[]

Description: initContainers

elasticsearch.coord.securityContext📜

Type: object

Default value
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000

Description: Set securityContext for elasticsearch coordinating node sets

elasticsearch.coord.containersecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

elasticsearch.coord.updateStrategy📜

Type: object

Default value
rollingUpdate:
  maxUnavailable: 1
type: rollingUpdate

Description: Elasticsearch coord updateStrategy

elasticsearch.coord.volumes📜

Type: list

Default value
[]

Description: volumes

elasticsearch.coord.volumeMounts📜

Type: list

Default value
[]

Description: volumeMounts

elasticsearch.coord.podAnnotations📜

Type: object

Default value
{}

Description: podAnnotations

elasticsearch.coord.affinity📜

Type: object

Default value
{}

Description: affinity

elasticsearch.coord.tolerations📜

Type: list

Default value
[]

Description: tolerations

elasticsearch.coord.nodeSelector📜

Type: object

Default value
{}

Description: nodeSelector

elasticsearch.coord.lifecycle📜

Type: object

Default value
{}

Description: lifecycle

elasticsearch.coord.count📜

Type: int

Default value
1

Description: count

elasticsearch.coord.persistence.storageClassName📜

Type: string

Default value
""

Description: storageClassName

elasticsearch.coord.persistence.size📜

Type: string

Default value
"100Gi"

Description: size

elasticsearch.coord.resources📜

Type: object

Default value
limits:
  cpu: 1
  memory: 4Gi
requests:
  cpu: 1
  memory: 4Gi

Description: Elasticsearch coord pod resources

elasticsearch.coord.heap.min📜

Type: string

Default value
"2g"

Description: Xms

elasticsearch.coord.heap.max📜

Type: string

Default value
"2g"

Description: Xmx

istio.enabled📜

Type: bool

Default value
false

Description: Toggle istio interaction.

istio.hardened.enabled📜

Type: bool

Default value
false

istio.hardened.customAuthorizationPolicies📜

Type: list

Default value
[]

istio.hardened.prometheus.enabled📜

Type: bool

Default value
true

istio.hardened.prometheus.namespaces[0]📜

Type: string

Default value
"monitoring"

istio.hardened.prometheus.principals[0]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"

istio.hardened.prometheus.principals[1]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"

istio.hardened.prometheus.principals[2]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"

istio.hardened.prometheus.principals[3]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"

istio.hardened.prometheus.principals[4]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"

istio.hardened.prometheus.principals[5]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"

istio.hardened.fluentbit.enabled📜

Type: bool

Default value
true

istio.hardened.fluentbit.namespaces[0]📜

Type: string

Default value
"fluentbit"

istio.hardened.fluentbit.principals[0]📜

Type: string

Default value
"cluster.local/ns/fluentbit/sa/fluentbit-fluent-bit"

istio.hardened.elasticOperator.enabled📜

Type: bool

Default value
true

istio.hardened.elasticOperator.namespaces[0]📜

Type: string

Default value
"eck-operator"

istio.hardened.elasticOperator.principals[0]📜

Type: string

Default value
"cluster.local/ns/eck-operator/sa/elastic-operator"

istio.hardened.mattermost.enabled📜

Type: bool

Default value
true

istio.hardened.mattermost.namespaces[0]📜

Type: string

Default value
"mattermost"

istio.hardened.mattermost.principals[0]📜

Type: string

Default value
"cluster.local/ns/mattermost/sa/mattermost"

istio.hardened.jaeger.enabled📜

Type: bool

Default value
true

istio.hardened.jaeger.namespaces[0]📜

Type: string

Default value
"jaeger"

istio.hardened.jaeger.principals[0]📜

Type: string

Default value
"cluster.local/ns/jaeger/sa/default"

istio.hardened.jaeger.principals[1]📜

Type: string

Default value
"cluster.local/ns/jaeger/sa/jaeger"

istio.hardened.jaeger.principals[2]📜

Type: string

Default value
"cluster.local/ns/jaeger/sa/jaeger-instance"

istio.mtls📜

Type: object

Default value
mode: STRICT

Description: Default EK peer authentication

istio.mtls.mode📜

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

istio.kibana.enabled📜

Type: bool

Default value
true

Description: Toggle virtualService creation

istio.kibana.annotations📜

Type: object

Default value
{}

Description: Annotations for controls the gateway used/attached to the virtualService

istio.kibana.labels📜

Type: object

Default value
{}

Description: Labels for virtualService

istio.kibana.gateways📜

Type: list

Default value
- istio-system/main

Description: Gateway(s) to apply virtualService routes to.

istio.kibana.hosts📜

Type: list

Default value
- kibana.{{ .Values.domain }}

Description: hosts for the virtualService

sso.enabled📜

Type: bool

Default value
false

Description: Toggle SSO with Keycloak

sso.redirect_url📜

Type: string

Default value
""

Description: redirect_url defaults to .Values.istio.kibana.hosts[0] if not set.

sso.client_id📜

Type: string

Default value
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-kibana"

Description: client_id

sso.client_secret📜

Type: string

Default value
""

Description: OIDC client secret, can be empty for public client.

sso.oidc.host📜

Type: string

Default value
"login.dso.mil"

Description: host

sso.oidc.realm📜

Type: string

Default value
"baby-yoda"

Description: realm

sso.issuer📜

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}"

Description: issuer

sso.auth_url📜

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/auth"

Description: auth_url

sso.token_url📜

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/token"

Description: token_url

sso.userinfo_url📜

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/userinfo"

Description: userinfo_url

sso.jwkset_url📜

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/certs"

Description: jwks_url

sso.claims_principal📜

Type: string

Default value
"preferred_username"

Description: claims_principal

sso.requested_scopes📜

Type: list

Default value
- openid

Description: requested_scopes

sso.signature_algorithm📜

Type: string

Default value
"RS256"

Description: signature_algorithm

sso.endsession_url📜

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/logout"

Description: endsession_url

sso.claims_group📜

Type: string

Default value
"groups"

Description: claims_group

sso.claims_mail📜

Type: string

Default value
"email"

Description: claims_mail

sso.claims_principal_pattern📜

Type: string

Default value
""

Description: claims_principal_pattern

sso.cert_authorities📜

Type: list

Default value
[]

Description: cert_authorities

kibanaBasicAuth.enabled📜

Type: bool

Default value
true

Description: Toggle this to turn off Kibana’s built in auth and only allow SSO. Role mappings for SSO groups must be set up and SSO enabled before doing this.

networkPolicies.enabled📜

Type: bool

Default value
false

Description: Toggle BigBang NetworkPolicy templates

networkPolicies.ingressLabels📜

Type: object

Default value
app: istio-ingressgateway
istio: ingressgateway

Description: Istio Ingressgateway labels. passed down to NetworkPolicy to whitelist external access to app

networkPolicies.controlPlaneCidr📜

Type: string

Default value
"0.0.0.0/0"

Description: See kubectl cluster-info and then resolve to IP

upgradeJob.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base"

Description: image repository for upgradeJob

upgradeJob.image.tag📜

Type: string

Default value
"2.1.0"

Description: image tag for upgradeJob

monitoring.enabled📜

Type: bool

Default value
false

Description: Toggle BigBang monitoring integration, controls serviceMonitor template

metrics.enabled📜

Type: bool

Default value
false

Description: Toggle Prometheus ElasticSearch Exporter Installation

metrics.image📜

Type: object

Default value
pullSecret: private-registry

Description: Exporter imagePullSecrets

metrics.podSecurityContext📜

Type: object

Default value
runAsGroup: 1000

Description: Pod securityContext

metrics.securityContext📜

Type: object

Default value
runAsGroup: 1000
runAsUser: 1000

Description: Container securityContext

metrics.imagePullSecrets📜

Type: list

Default value
[]

metrics.serviceMonitor.scheme📜

Type: string

Default value
""

metrics.serviceMonitor.tlsConfig📜

Type: object

Default value
{}

metrics.env📜

Type: object

Default value
ES_USERNAME: elastic

Description: Environment Variable Passthrough to set Auth for Exporter

metrics.extraEnvSecrets📜

Type: object

Default value
ES_PASSWORD:
  key: elastic
  secret: logging-ek-es-elastic-user

Description: Environment Variable Secret Mount to set Auth for Exporter Replace with empty braces if you would like to use a an API_KEY

openshift📜

Type: bool

Default value
false

Description: Openshift Container Platform Feature Toggle

mattermost.enabled📜

Type: bool

Default value
false

Description: Mattermost integration toggle, controls mTLS exception and networkPolicies

bbtests.enabled📜

Type: bool

Default value
false

Description: Big Bang CI/Dev toggle for helm tests

bbtests.cypress.artifacts📜

Type: bool

Default value
true

Description: Toggle creation of cypress artifacts

bbtests.cypress.envs📜

Type: object

Default value
cypress_expect_logs: 'false'
cypress_kibana_url: https://logging-ek-kb-http:5601

Description: ENVs added to cypress test pods

bbtests.cypress.secretEnvs📜

Type: list

Default value
- name: cypress_elastic_password
  valueFrom:
    secretKeyRef:
      key: elastic
      name: logging-ek-es-elastic-user

Description: ENVs added to cypress test pods from existing secrets

bbtests.scripts.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/stedolan/jq:1.7"

Description: image to use for script based tests

bbtests.scripts.envs📜

Type: object

Default value
desired_version: '{{ .Values.elasticsearch.version }}'
elasticsearch_host: https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200

Description: ENVs added to script test pods

bbtests.scripts.secretEnvs📜

Type: list

Default value
- name: ELASTIC_PASSWORD
  valueFrom:
    secretKeyRef:
      key: elastic
      name: logging-ek-es-elastic-user

Description: ENVs added to script test pods from existing secrets