elasticsearch-kibana values.yaml
📜
domain📜
Type: string
"bigbang.dev"
Description: Domain used for BigBang created exposed services.
autoRollingUpgrade.enabled📜
Type: bool
false
Description: Enable BigBang specific autoRollingUpgrade support
imagePullPolicy📜
Type: string
"IfNotPresent"
Description: Pull Policy for all non-init containers in this package.
fluentbit📜
Type: object
enabled: false
Description: Toggle for networkpolicies to allow fluentbit ingress
kibana.version📜
Type: string
"8.13.0"
Description: Kibana version
kibana.image.repository📜
Type: string
"registry1.dso.mil/ironbank/elastic/kibana/kibana"
Description: Kibana image repository
kibana.image.tag📜
Type: string
"8.13.0"
Description: Kibana image tag
kibana.host📜
Type: string
""
Description: Kibana Ingress Host Value. Only required if not using Istio for ingress.
kibana.count📜
Type: int
3
Description: Number of Kibana replicas
kibana.serviceAccountName📜
Type: string
"logging-kibana"
Description: Name for serviceAccount to use, will be autocreated.
kibana.updateStrategy📜
Type: object
rollingUpdate:
maxUnavailable: 1
type: rollingUpdate
Description: Kibana updateStrategy
kibana.securityContext📜
Type: object
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
Description: Set securityContext for Kibana pods
kibana.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
kibana.imagePullSecrets📜
Type: list
[]
Description: Kibana imagePullSecrets
kibana.resources📜
Type: object
limits:
cpu: 1
memory: 2Gi
requests:
cpu: 1
memory: 2Gi
Description: Kibana resources
kibana.volumes📜
Type: list
[]
Description: Kibana volumes
kibana.volumeMounts📜
Type: list
[]
Description: Kibana volumeMounts
kibana.podAnnotations📜
Type: object
{}
Description: Kibana podAnnotations
kibana.affinity📜
Type: object
{}
Description: Kibana affinity
kibana.tolerations📜
Type: list
[]
Description: Kibana tolerations
kibana.nodeSelector📜
Type: object
{}
Description: Kibana nodeSelector
kibana.lifecycle📜
Type: object
{}
Description: Kibana lifecycle
kibana.agents📜
Type: object
{}
Description: Kibana Elastic Agent / Fleet Server configuration https://www.elastic.co/guide/en/cloud-on-k8s/2.7/k8s-elastic-agent-fleet-quickstart.html
elasticsearch.version📜
Type: string
"8.13.0"
Description: Elasticsearch version
elasticsearch.image.repository📜
Type: string
"registry1.dso.mil/ironbank/elastic/elasticsearch/elasticsearch"
Description: Elasticsearch image repository
elasticsearch.image.tag📜
Type: string
"8.13.0"
Description: Elasticsearch image tag
elasticsearch.imagePullSecrets📜
Type: list
[]
Description: Elasticsearch imagePullSecrets
elasticsearch.serviceAccountName📜
Type: string
"logging-elasticsearch"
Description: Name for serviceAccount to use, will be autocreated.
elasticsearch.master.initContainers📜
Type: list
[]
Description: Add init containers to master pods
elasticsearch.master.securityContext📜
Type: object
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
Description: Set securityContext for elasticsearch master node sets
elasticsearch.master.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.master.updateStrategy📜
Type: object
rollingUpdate:
maxUnavailable: 1
type: rollingUpdate
Description: Elasticsearch master updateStrategy
elasticsearch.master.volumes📜
Type: list
[]
Description: Elasticsearch master volumes
elasticsearch.master.volumeMounts📜
Type: list
[]
Description: Elasticsearch master volumeMounts
elasticsearch.master.podAnnotations📜
Type: object
{}
Description: Elasticsearch master podAnnotations
elasticsearch.master.affinity📜
Type: object
{}
Description: Elasticsearch master affinity
elasticsearch.master.tolerations📜
Type: list
[]
Description: Elasticsearch master tolerations
elasticsearch.master.nodeSelector📜
Type: object
{}
Description: Elasticsearch master nodeSelector
elasticsearch.master.lifecycle📜
Type: object
{}
Description: Elasticsearch master lifecycle
elasticsearch.master.count📜
Type: int
3
Description: Elasticsearch master pod count
elasticsearch.master.persistence.storageClassName📜
Type: string
""
Description: Elasticsearch master persistence storageClassName
elasticsearch.master.persistence.size📜
Type: string
"5Gi"
Description: Elasticsearch master persistence size
elasticsearch.master.resources📜
Type: object
limits:
cpu: 1
memory: 4Gi
requests:
cpu: 1
memory: 4Gi
Description: Elasticsearch master pod resources
elasticsearch.master.heap.min📜
Type: string
"2g"
Description: Elasticsearch master Java heap Xms setting
elasticsearch.master.heap.max📜
Type: string
"2g"
Description: Elasticsearch master Java heap Xmx setting
elasticsearch.data.initContainers📜
Type: list
[]
Description: Add init containers to data pods
elasticsearch.data.securityContext📜
Type: object
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
Description: Set securityContext for elasticsearch data node sets
elasticsearch.data.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.data.volumes📜
Type: list
[]
Description: Elasticsearch data volumes
elasticsearch.data.volumeMounts📜
Type: list
[]
Description: Elasticsearch data volumeMounts
elasticsearch.data.podAnnotations📜
Type: object
{}
Description: Elasticsearch data podAnnotations
elasticsearch.data.affinity📜
Type: object
{}
Description: Elasticsearch data affinity
elasticsearch.data.tolerations📜
Type: list
[]
Description: Elasticsearch data tolerations
elasticsearch.data.nodeSelector📜
Type: object
{}
Description: Elasticsearch data nodeSelector
elasticsearch.data.lifecycle📜
Type: object
{}
Description: Elasticsearch data lifecycle
elasticsearch.data.count📜
Type: int
4
Description: Elasticsearch data pod count
elasticsearch.data.persistence.storageClassName📜
Type: string
""
Description: Elasticsearch data persistence storageClassName
elasticsearch.data.persistence.size📜
Type: string
"100Gi"
Description: Elasticsearch data persistence size
elasticsearch.data.resources📜
Type: object
limits:
cpu: 1
memory: 4Gi
requests:
cpu: 1
memory: 4Gi
Description: Elasticsearch data pod resources
elasticsearch.data.heap.min📜
Type: string
"2g"
Description: Elasticsearch data Java heap Xms setting
elasticsearch.data.heap.max📜
Type: string
"2g"
Description: Elasticsearch data Java heap Xmx setting
elasticsearch.ingest.enabled📜
Type: bool
false
Description: Enable ingest specific Elasticsearch pods
elasticsearch.ingest.initContainers📜
Type: list
[]
Description: initContainers
elasticsearch.ingest.securityContext📜
Type: object
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
Description: Set securityContext for elasticsearch ingest node sets
elasticsearch.ingest.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.ingest.volumes📜
Type: list
[]
Description: volumes
elasticsearch.ingest.volumeMounts📜
Type: list
[]
Description: volumeMounts
elasticsearch.ingest.podAnnotations📜
Type: object
{}
Description: podAnnotations
elasticsearch.ingest.affinity📜
Type: object
{}
Description: affinity
elasticsearch.ingest.tolerations📜
Type: list
[]
Description: tolerations
elasticsearch.ingest.nodeSelector📜
Type: object
{}
Description: nodeSelector
elasticsearch.ingest.lifecycle📜
Type: object
{}
Description: lifecycle
elasticsearch.ingest.count📜
Type: int
1
Description: count
elasticsearch.ingest.persistence.storageClassName📜
Type: string
""
Description: storageClassName
elasticsearch.ingest.persistence.size📜
Type: string
"100Gi"
Description: size
elasticsearch.ingest.resources📜
Type: object
limits:
cpu: 1
memory: 4Gi
requests:
cpu: 1
memory: 4Gi
Description: Elasticsearch ingest pod resources
elasticsearch.ingest.heap.min📜
Type: string
"2g"
Description: Xms
elasticsearch.ingest.heap.max📜
Type: string
"2g"
Description: Xmx
elasticsearch.ml.enabled📜
Type: bool
false
Description: Enable Machine Learning specific Elasticsearch pods
elasticsearch.ml.initContainers📜
Type: list
[]
Description: initContainers
elasticsearch.ml.securityContext📜
Type: object
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
Description: Set securityContext for elasticsearch ml node sets
elasticsearch.ml.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.ml.updateStrategy📜
Type: object
rollingUpdate:
maxUnavailable: 1
type: rollingUpdate
Description: Elasticsearch ml updateStrategy
elasticsearch.ml.volumes📜
Type: list
[]
Description: volumes
elasticsearch.ml.volumeMounts📜
Type: list
[]
Description: volumeMounts
elasticsearch.ml.podAnnotations📜
Type: object
{}
Description: podAnnotations
elasticsearch.ml.affinity📜
Type: object
{}
Description: affinity
elasticsearch.ml.tolerations📜
Type: list
[]
Description: tolerations
elasticsearch.ml.nodeSelector📜
Type: object
{}
Description: nodeSelector
elasticsearch.ml.lifecycle📜
Type: object
{}
Description: lifecycle
elasticsearch.ml.count📜
Type: int
1
Description: count
elasticsearch.ml.persistence.storageClassName📜
Type: string
""
Description: storageClassName
elasticsearch.ml.persistence.size📜
Type: string
"100Gi"
Description: size
elasticsearch.ml.resources📜
Type: object
limits:
cpu: 1
memory: 4Gi
requests:
cpu: 1
memory: 4Gi
Description: Elasticsearch ml pod resources
elasticsearch.ml.heap.min📜
Type: string
"2g"
Description: Xms
elasticsearch.ml.heap.max📜
Type: string
"2g"
Description: Xmx
elasticsearch.coord.enabled📜
Type: bool
false
Description: Enable coordinating specific Elasticsearch pods
elasticsearch.coord.initContainers📜
Type: list
[]
Description: initContainers
elasticsearch.coord.securityContext📜
Type: object
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
Description: Set securityContext for elasticsearch coordinating node sets
elasticsearch.coord.containersecurityContext.capabilities.drop[0]📜
Type: string
"ALL"
elasticsearch.coord.updateStrategy📜
Type: object
rollingUpdate:
maxUnavailable: 1
type: rollingUpdate
Description: Elasticsearch coord updateStrategy
elasticsearch.coord.volumes📜
Type: list
[]
Description: volumes
elasticsearch.coord.volumeMounts📜
Type: list
[]
Description: volumeMounts
elasticsearch.coord.podAnnotations📜
Type: object
{}
Description: podAnnotations
elasticsearch.coord.affinity📜
Type: object
{}
Description: affinity
elasticsearch.coord.tolerations📜
Type: list
[]
Description: tolerations
elasticsearch.coord.nodeSelector📜
Type: object
{}
Description: nodeSelector
elasticsearch.coord.lifecycle📜
Type: object
{}
Description: lifecycle
elasticsearch.coord.count📜
Type: int
1
Description: count
elasticsearch.coord.persistence.storageClassName📜
Type: string
""
Description: storageClassName
elasticsearch.coord.persistence.size📜
Type: string
"100Gi"
Description: size
elasticsearch.coord.resources📜
Type: object
limits:
cpu: 1
memory: 4Gi
requests:
cpu: 1
memory: 4Gi
Description: Elasticsearch coord pod resources
elasticsearch.coord.heap.min📜
Type: string
"2g"
Description: Xms
elasticsearch.coord.heap.max📜
Type: string
"2g"
Description: Xmx
istio.enabled📜
Type: bool
false
Description: Toggle istio interaction.
istio.hardened.enabled📜
Type: bool
false
istio.hardened.customAuthorizationPolicies📜
Type: list
[]
istio.hardened.outboundTrafficPolicyMode📜
Type: string
"REGISTRY_ONLY"
istio.hardened.customServiceEntries📜
Type: list
[]
istio.hardened.prometheus.enabled📜
Type: bool
true
istio.hardened.prometheus.namespaces[0]📜
Type: string
"monitoring"
istio.hardened.prometheus.principals[0]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.prometheus.principals[1]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.prometheus.principals[2]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.prometheus.principals[3]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.prometheus.principals[4]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.prometheus.principals[5]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.hardened.fluentbit.enabled📜
Type: bool
true
istio.hardened.fluentbit.namespaces[0]📜
Type: string
"fluentbit"
istio.hardened.fluentbit.principals[0]📜
Type: string
"cluster.local/ns/fluentbit/sa/fluentbit-fluent-bit"
istio.hardened.elasticOperator.enabled📜
Type: bool
true
istio.hardened.elasticOperator.namespaces[0]📜
Type: string
"eck-operator"
istio.hardened.elasticOperator.principals[0]📜
Type: string
"cluster.local/ns/eck-operator/sa/elastic-operator"
istio.hardened.mattermost.enabled📜
Type: bool
true
istio.hardened.mattermost.namespaces[0]📜
Type: string
"mattermost"
istio.hardened.mattermost.principals[0]📜
Type: string
"cluster.local/ns/mattermost/sa/mattermost"
istio.hardened.jaeger.enabled📜
Type: bool
true
istio.hardened.jaeger.namespaces[0]📜
Type: string
"jaeger"
istio.hardened.jaeger.principals[0]📜
Type: string
"cluster.local/ns/jaeger/sa/default"
istio.hardened.jaeger.principals[1]📜
Type: string
"cluster.local/ns/jaeger/sa/jaeger"
istio.hardened.jaeger.principals[2]📜
Type: string
"cluster.local/ns/jaeger/sa/jaeger-instance"
istio.mtls📜
Type: object
mode: STRICT
Description: Default EK peer authentication
istio.mtls.mode📜
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic
istio.elasticsearch.enabled📜
Type: bool
true
Description: Toggle virtualService creation
istio.elasticsearch.annotations📜
Type: object
{}
Description: Annotations for controls the gateway used/attached to the virtualService
istio.elasticsearch.labels📜
Type: object
{}
Description: Labels for virtualService
istio.elasticsearch.gateways📜
Type: list
- istio-system/main
Description: Gateway(s) to apply virtualService routes to.
istio.elasticsearch.hosts📜
Type: list
- elasticsearch.{{ .Values.domain }}
Description: hosts for the virtualService
istio.kibana.enabled📜
Type: bool
true
Description: Toggle virtualService creation
istio.kibana.annotations📜
Type: object
{}
Description: Annotations for controls the gateway used/attached to the virtualService
istio.kibana.labels📜
Type: object
{}
Description: Labels for virtualService
istio.kibana.gateways📜
Type: list
- istio-system/main
Description: Gateway(s) to apply virtualService routes to.
istio.kibana.hosts📜
Type: list
- kibana.{{ .Values.domain }}
Description: hosts for the virtualService
sso.enabled📜
Type: bool
false
Description: Toggle SSO with Keycloak
sso.redirect_url📜
Type: string
""
Description: redirect_url defaults to .Values.istio.kibana.hosts[0] if not set.
sso.client_id📜
Type: string
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-kibana"
Description: client_id
sso.client_secret📜
Type: string
""
Description: OIDC client secret, can be empty for public client.
sso.oidc.host📜
Type: string
"login.dso.mil"
Description: host
sso.oidc.realm📜
Type: string
"baby-yoda"
Description: realm
sso.issuer📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}"
Description: issuer
sso.auth_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/auth"
Description: auth_url
sso.token_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/token"
Description: token_url
sso.userinfo_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/userinfo"
Description: userinfo_url
sso.jwkset_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/certs"
Description: jwks_url
sso.claims_principal📜
Type: string
"preferred_username"
Description: claims_principal
sso.requested_scopes📜
Type: list
- openid
Description: requested_scopes
sso.signature_algorithm📜
Type: string
"RS256"
Description: signature_algorithm
sso.endsession_url📜
Type: string
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/logout"
Description: endsession_url
sso.claims_group📜
Type: string
"groups"
Description: claims_group
sso.claims_mail📜
Type: string
"email"
Description: claims_mail
sso.claims_principal_pattern📜
Type: string
""
Description: claims_principal_pattern
sso.cert_authorities📜
Type: list
[]
Description: cert_authorities
kibanaBasicAuth.enabled📜
Type: bool
true
Description: Toggle this to turn off Kibana’s built in auth and only allow SSO. Role mappings for SSO groups must be set up and SSO enabled before doing this.
networkPolicies.enabled📜
Type: bool
false
Description: Toggle BigBang NetworkPolicy templates
networkPolicies.ingressLabels📜
Type: object
app: istio-ingressgateway
istio: ingressgateway
Description: Istio Ingressgateway labels. passed down to NetworkPolicy to whitelist external access to app
networkPolicies.controlPlaneCidr📜
Type: string
"0.0.0.0/0"
Description: See kubectl cluster-info
and then resolve to IP
upgradeJob.image.repository📜
Type: string
"registry1.dso.mil/ironbank/big-bang/base"
Description: image repository for upgradeJob
upgradeJob.image.tag📜
Type: string
"2.1.0"
Description: image tag for upgradeJob
monitoring.enabled📜
Type: bool
false
Description: Toggle BigBang monitoring integration, controls serviceMonitor template
metrics.enabled📜
Type: bool
false
Description: Toggle Prometheus ElasticSearch Exporter Installation
metrics.image📜
Type: object
pullSecret: private-registry
Description: Exporter imagePullSecrets
metrics.podSecurityContext📜
Type: object
runAsGroup: 1000
Description: Pod securityContext
metrics.securityContext📜
Type: object
runAsGroup: 1000
runAsUser: 1000
Description: Container securityContext
metrics.imagePullSecrets📜
Type: list
[]
metrics.serviceMonitor.scheme📜
Type: string
""
metrics.serviceMonitor.tlsConfig📜
Type: object
{}
metrics.env📜
Type: object
ES_USERNAME: elastic
Description: Environment Variable Passthrough to set Auth for Exporter
metrics.extraEnvSecrets📜
Type: object
ES_PASSWORD:
key: elastic
secret: logging-ek-es-elastic-user
Description: Environment Variable Secret Mount to set Auth for Exporter Replace with empty braces if you would like to use a an API_KEY
openshift📜
Type: bool
false
Description: Openshift Container Platform Feature Toggle
mattermost.enabled📜
Type: bool
false
Description: Mattermost integration toggle, controls mTLS exception and networkPolicies
bbtests.enabled📜
Type: bool
false
Description: Big Bang CI/Dev toggle for helm tests
bbtests.cypress.artifacts📜
Type: bool
true
Description: Toggle creation of cypress artifacts
bbtests.cypress.envs📜
Type: object
cypress_expect_logs: 'false'
cypress_kibana_url: https://logging-ek-kb-http:5601
Description: ENVs added to cypress test pods
bbtests.cypress.secretEnvs📜
Type: list
- name: cypress_elastic_password
valueFrom:
secretKeyRef:
key: elastic
name: logging-ek-es-elastic-user
Description: ENVs added to cypress test pods from existing secrets
bbtests.scripts.image📜
Type: string
"registry1.dso.mil/ironbank/stedolan/jq:1.7"
Description: image to use for script based tests
bbtests.scripts.envs📜
Type: object
desired_version: '{{ .Values.elasticsearch.version }}'
elasticsearch_host: https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200
Description: ENVs added to script test pods
bbtests.scripts.secretEnvs📜
Type: list
- name: ELASTIC_PASSWORD
valueFrom:
secretKeyRef:
key: elastic
name: logging-ek-es-elastic-user
Description: ENVs added to script test pods from existing secrets