Skip to content

mattermost-operator values.yamlπŸ“œ

image.imagePullPolicyπŸ“œ

Type: string

Default value
"IfNotPresent"

Description: Default image pull policy

image.repositoryπŸ“œ

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/mattermost/mattermost-operator"

Description: Full image name

image.tagπŸ“œ

Type: string

Default value
"v1.21.0"

Description: Image tag

replicas.countπŸ“œ

Type: int

Default value
1

Description: Mattermost operator desired replicas

imagePullSecretsπŸ“œ

Type: list

Default value
- name: private-registry

Description: Image pull secrets

resourcesπŸ“œ

Type: object

Default value
limits:
  cpu: 100m
  memory: 512Mi
requests:
  cpu: 100m
  memory: 512Mi

Description: Resources for operator pod(s)

securityContextπŸ“œ

Type: object

Default value
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532

Description: securityContext for Kubernetes pod(s)

containerSecurityContextπŸ“œ

Type: object

Default value
capabilities:
  drop:
  - ALL
privileged: false
readOnlyRootFilesystem: true

Description: containerSecurityContext for operator container

affinityπŸ“œ

Type: object

Default value
{}

Description: Affinity for operator pod(s)

nodeSelectorπŸ“œ

Type: object

Default value
{}

Description: Node selector for operator pod(s)

tolerationsπŸ“œ

Type: object

Default value
{}

Description: Tolerations for operator pod(s)

podAnnotationsπŸ“œ

Type: object

Default value
{}

Description: Annotations for operator pod(s)

networkPolicies.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle on/off Big Bang provided network policies

networkPolicies.controlPlaneCidrπŸ“œ

Type: string

Default value
"0.0.0.0/0"

Description: See kubectl cluster-info and then resolve to IP

istio.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle on/off istio interaction, used for network policies and mTLS

istio.hardened.enabledπŸ“œ

Type: bool

Default value
false

istio.hardened.customAuthorizationPoliciesπŸ“œ

Type: list

Default value
[]

istio.hardened.outboundTrafficPolicyModeπŸ“œ

Type: string

Default value
"REGISTRY_ONLY"

istio.hardened.customServiceEntriesπŸ“œ

Type: list

Default value
[]

istio.hardened.monitoring.enabledπŸ“œ

Type: bool

Default value
true

istio.hardened.monitoring.namespaces[0]πŸ“œ

Type: string

Default value
"monitoring"

istio.hardened.monitoring.principals[0]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"

istio.hardened.monitoring.principals[1]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"

istio.hardened.monitoring.principals[2]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"

istio.hardened.monitoring.principals[3]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"

istio.hardened.monitoring.principals[4]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"

istio.hardened.monitoring.principals[5]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"

istio.mtlsπŸ“œ

Type: object

Default value
mode: STRICT

Description: Default peer authentication

istio.mtls.modeπŸ“œ

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

monitoring.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle on/off monitoring interaction, used for network policies

openshiftπŸ“œ

Type: bool

Default value
false

Description: Openshift feature toggle, used for DNS network policy