headlamp values.yaml
π
domainπ
Type: string
"dev.bigbang.mil"
Description: Domain used for BigBang created exposed services
global.imagePullSecrets[0].nameπ
Type: string
"private-registry"
istio.enabledπ
Type: bool
false
istio.hardenedπ
Type: object
customAuthorizationPolicies: []
customServiceEntries: []
enabled: false
outboundTrafficPolicyMode: REGISTRY_ONLY
Description: Default peer authentication values
istio.mtls.modeπ
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic
istio.headlampπ
Type: object
annotations: {}
enabled: true
gateways:
- istio-system/public
hosts:
- headlamp.{{ .Values.domain }}
labels: {}
Description: Headlamp UI specific VirtualService values
istio.headlamp.enabledπ
Type: bool
true
Description: Toggle VirtualService creation
networkPolicies.enabledπ
Type: bool
false
networkPolicies.controlPlaneCidrπ
Type: string
"0.0.0.0/0"
networkPolicies.ingressLabels.appπ
Type: string
"public-ingressgateway"
networkPolicies.ingressLabels.istioπ
Type: string
"ingressgateway"
networkPolicies.additionalPoliciesπ
Type: list
[]
openshiftπ
Type: bool
false
monitoringπ
Type: object
enabled: false
serviceMonitor:
scheme: ''
tlsConfig: {}
Description: Monitoring toggle, affects servicemonitor and networkPolicies
metrics.enabledπ
Type: bool
false
Description: Toggle Prometheus Blackbox Exporter Installation
metrics.portπ
Type: int
9115
metrics.globalπ
Type: object
imagePullSecrets:
- name: private-registry
Description: Exporter imagePullSecrets
metrics.image.registryπ
Type: string
"registry1.dso.mil"
metrics.image.repositoryπ
Type: string
"ironbank/opensource/prometheus/blackbox_exporter"
metrics.image.tagπ
Type: string
"v0.26.0"
metrics.image.pullSecretπ
Type: string
"private-registry"
metrics.podSecurityContextπ
Type: object
runAsGroup: 1000
Description: Pod securityContext
metrics.securityContextπ
Type: object
runAsGroup: 1000
runAsUser: 1000
Description: Container securityContext
metrics.config.modules.http_2xx.proberπ
Type: string
"http"
metrics.config.modules.http_2xx.timeoutπ
Type: string
"5s"
metrics.config.modules.http_2xx.http.methodπ
Type: string
"GET"
bbtests.enabledπ
Type: bool
false
bbtests.cypress.artifactsπ
Type: bool
true
bbtests.cypress.envs.cypress_urlπ
Type: string
"http://headlamp.headlamp.svc.cluster.local:4466"
bbtests.cypress.resources.requests.cpuπ
Type: string
"1"
bbtests.cypress.resources.requests.memoryπ
Type: string
"2Gi"
bbtests.cypress.resources.limits.cpuπ
Type: string
"1"
bbtests.cypress.resources.limits.memoryπ
Type: string
"2Gi"
replicaCountπ
Type: int
1
Description: Number of desired pods
image.registryπ
Type: string
"registry1.dso.mil"
Description: Container image registry
image.repositoryπ
Type: string
"ironbank/opensource/headlamp-k8s/headlamp"
Description: Container image name
image.pullPolicyπ
Type: string
"IfNotPresent"
Description: Image pull policy. One of Always, Never, IfNotPresent
image.tagπ
Type: string
"v0.30.0"
Description: Container image tag, If ββ uses appVersion in Chart.yaml
image.pullSecrets[0]π
Type: string
"private-registry"
imagePullSecretsπ
Type: list
- name: private-registry
Description: An optional list of references to secrets in the same namespace to use for pulling any of the images used
nameOverrideπ
Type: string
""
Description: Overrides the name of the chart
fullnameOverrideπ
Type: string
""
Description: Overrides the full name of the chart
initContainersπ
Type: list
[]
Description: An optional list of init containers to be run before the main containers.
config.inClusterπ
Type: bool
true
config.baseURLπ
Type: string
""
Description: base url path at which headlamp should run
config.oidc.secret.createπ
Type: bool
false
Description: Generate OIDC secret. If true, will generate a secret using .config.oidc.
config.oidc.secret.nameπ
Type: string
"oidc"
Description: Name of the OIDC secret.
config.oidc.clientIDπ
Type: string
""
Description: OIDC client ID Change to your respective IDP endpoints
config.oidc.clientSecretπ
Type: string
""
Description: OIDC client secret
config.oidc.issuerURLπ
Type: string
""
Description: OIDC issuer URL
config.oidc.scopesπ
Type: string
""
Description: OIDC scopes to be used
config.oidc.externalSecret.enabledπ
Type: bool
false
config.oidc.externalSecret.nameπ
Type: string
""
config.pluginsDirπ
Type: string
"/headlamp/plugins"
Description: directory to look for plugins
config.extraArgsπ
Type: list
[]
serviceAccountπ
Type: object
annotations: {}
create: true
name: ''
Description: An optional list of environment variables env: - name: KUBERNETES_SERVICE_HOST value: βlocalhostβ - name: KUBERNETES_SERVICE_PORT value: β6443β
serviceAccount.createπ
Type: bool
true
Description: Specifies whether a service account should be created
serviceAccount.annotationsπ
Type: object
{}
Description: Annotations to add to the service account
serviceAccount.nameπ
Type: string
""
Description: The name of the service account to use.(If not set and create is true, a name is generated using the fullname template)
clusterRoleBinding.createπ
Type: bool
true
Description: Specified whether a cluster role binding should be created
clusterRoleBinding.clusterRoleNameπ
Type: string
"cluster-admin"
Description: Set name of the Cluster Role with limited permissions from you cluster for example - clusterRoleName: user-ro
clusterRoleBinding.annotationsπ
Type: object
{}
Description: Annotations to add to the cluster role binding
podAnnotationsπ
Type: object
{}
Description: Annotations to add to the pod
podSecurityContextπ
Type: object
{}
Description: Headlamp podβs Security Context
securityContextπ
Type: object
privileged: false
runAsGroup: 101
runAsNonRoot: true
runAsUser: 100
Description: Headlamp containers Security Context
service.typeπ
Type: string
"ClusterIP"
Description: Kubernetes Service type
service.portπ
Type: int
4466
Description: Kubernetes Service port
service.clusterIPπ
Type: string
""
Description: Kubernetes Service clusterIP
service.loadBalancerIPπ
Type: string
""
Description: Kubernetes Service loadBalancerIP
service.loadBalancerSourceRangesπ
Type: list
[]
Description: Kubernetes Service loadBalancerSourceRanges
service.nodePortπ
Type: string
nil
Description: Kubernetes Service Nodeport
volumeMountsπ
Type: list
[]
Description: Headlamp containers volume mounts
volumesπ
Type: list
[]
Description: Headlamp podβs volumes
persistentVolumeClaim.enabledπ
Type: bool
false
Description: Enable Persistent Volume Claim
persistentVolumeClaim.annotationsπ
Type: object
{}
Description: Annotations to add to the persistent volume claim (if enabled)
persistentVolumeClaim.accessModesπ
Type: list
[]
Description: accessModes for the persistent volume claim, eg: ReadWriteOnce, ReadOnlyMany, ReadWriteMany etc.
persistentVolumeClaim.sizeπ
Type: string
""
Description: size of the persistent volume claim, eg: 10Gi. Required if enabled is true.
persistentVolumeClaim.storageClassNameπ
Type: string
""
Description: storageClassName for the persistent volume claim.
persistentVolumeClaim.selectorπ
Type: object
{}
Description: selector for the persistent volume claim.
persistentVolumeClaim.volumeModeπ
Type: string
""
Description: volumeMode for the persistent volume claim, eg: Filesystem, Block.
ingress.enabledπ
Type: bool
false
Description: Enable ingress controller resource
ingress.annotationsπ
Type: object
{}
Description: Annotations for Ingress resource
ingress.labelsπ
Type: object
{}
Description: Additional labels to add to the Ingress resource
ingress.ingressClassNameπ
Type: string
""
Description: Ingress class name. replacement for the deprecated βkubernetes.io/ingress.classβ annotation
ingress.hostsπ
Type: list
[]
Description: Hostname(s) for the Ingress resource Please refer to https://kubernetes.io/docs/reference/kubernetes-api/service-resources/ingress-v1/#IngressSpec for more information.
ingress.tlsπ
Type: list
[]
Description: Ingress TLS configuration
resourcesπ
Type: object
{}
Description: CPU/Memory resource requests/limits
nodeSelectorπ
Type: object
{}
Description: Node labels for pod assignment
tolerationsπ
Type: list
[]
Description: Toleration labels for pod assignment
affinityπ
Type: object
{}
Description: Affinity settings for pod assignment
extraManifestsπ
Type: list
[]
Description: Additional Kubernetes manifests to be deployed. Include the manifest as nested YAML.
waitJob.enabledπ
Type: bool
true
waitJob.scripts.imageπ
Type: string
"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.32.4"
waitJob.permissions.apiGroups[0]π
Type: string
"apps"
waitJob.permissions.resources[0]π
Type: string
"deployments"
waitJob.permissions.verbs[0]π
Type: string
"get"
waitJob.permissions.verbs[1]π
Type: string
"list"
waitJob.permissions.verbs[2]π
Type: string
"watch"