diff --git a/.vib/milvus/vib-action.config b/.vib/milvus/vib-action.config new file mode 100644 index 00000000000000..b524337ec95e2e --- /dev/null +++ b/.vib/milvus/vib-action.config @@ -0,0 +1,2 @@ +verification-mode=SERIAL + diff --git a/bitnami/milvus/CHANGELOG.md b/bitnami/milvus/CHANGELOG.md index e24759e89e7491..13e7a7261add72 100644 --- a/bitnami/milvus/CHANGELOG.md +++ b/bitnami/milvus/CHANGELOG.md @@ -1,8 +1,12 @@ # Changelog +## 8.1.0 (2024-05-29) + +* [bitnami/milvus] PDB review ([#25983](https://github.com/bitnami/charts/pull/25983)) + ## 8.0.0 (2024-05-27) -* [bitnami/milvus] Update dependencies ([#26445](https://github.com/bitnami/charts/pull/26445)) +* [bitnami/milvus] Update dependencies (#26445) ([e4dc085](https://github.com/bitnami/charts/commit/e4dc085dc62abade1fb18389831ad5a4ef41a75d)), closes [#26445](https://github.com/bitnami/charts/issues/26445) ## 7.1.2 (2024-05-24) diff --git a/bitnami/milvus/Chart.yaml b/bitnami/milvus/Chart.yaml index 9b429778358d4d..4a2fb1a096118c 100644 --- a/bitnami/milvus/Chart.yaml +++ b/bitnami/milvus/Chart.yaml @@ -48,4 +48,4 @@ maintainers: name: milvus sources: - https://github.com/bitnami/charts/tree/main/bitnami/milvus -version: 8.0.0 +version: 8.1.0 diff --git a/bitnami/milvus/README.md b/bitnami/milvus/README.md index b4d60643cde4c8..d11485f7427ea7 100644 --- a/bitnami/milvus/README.md +++ b/bitnami/milvus/README.md @@ -437,9 +437,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `dataCoord.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `dataCoord.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `dataCoord.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `dataCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `dataCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `dataCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `dataCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `dataCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `dataCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `dataCoord.pdb.minAvailable` and `dataCoord.pdb.maxUnavailable` are empty. | `{}` | ### Data Coordinator Autoscaling configuration @@ -584,9 +584,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `rootCoord.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `rootCoord.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `rootCoord.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `rootCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `rootCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `rootCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `rootCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `rootCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `rootCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `rootCoord.pdb.minAvailable` and `rootCoord.pdb.maxUnavailable` are empty. | `{}` | ### Root Coordinator Autoscaling configuration @@ -731,9 +731,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `queryCoord.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `queryCoord.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `queryCoord.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `queryCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `queryCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `queryCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `queryCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `queryCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `queryCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `queryCoord.pdb.minAvailable` and `queryCoord.pdb.maxUnavailable` are empty. | `{}` | ### Query Coordinator Autoscaling configuration @@ -878,9 +878,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `indexCoord.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `indexCoord.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `indexCoord.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `indexCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `indexCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `indexCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `indexCoord.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `indexCoord.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `indexCoord.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable.Defaults to `1` if both `queryCoord.pdb.minAvailable` and `queryCoord.pdb.maxUnavailable` are empty. | `{}` | ### Index Coordinator Autoscaling configuration @@ -1025,9 +1025,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `dataNode.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `dataNode.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `dataNode.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `dataNode.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `dataNode.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `dataNode.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `dataNode.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `dataNode.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `dataNode.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `dataNode.pdb.minAvailable` and `dataNode.pdb.maxUnavailable` are empty. | `{}` | ### Data Node Autoscaling configuration @@ -1172,9 +1172,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `queryNode.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `queryNode.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `queryNode.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `queryNode.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `queryNode.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `queryNode.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `queryNode.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `queryNode.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `queryNode.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `queryNode.pdb.minAvailable` and `queryNode.pdb.maxUnavailable` are empty. | `{}` | ### Query Node Autoscaling configuration @@ -1319,9 +1319,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `indexNode.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `indexNode.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `indexNode.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `indexNode.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `indexNode.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `indexNode.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `indexNode.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `indexNode.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `indexNode.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `indexNode.pdb.minAvailable` and `indexNode.pdb.maxUnavailable` are empty. | `{}` | ### Index Node Autoscaling configuration @@ -1478,9 +1478,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `proxy.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `proxy.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `proxy.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `proxy.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `proxy.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `proxy.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `proxy.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `proxy.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `proxy.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `proxy.pdb.minAvailable` and `proxy.pdb.maxUnavailable` are empty. | `{}` | ### Proxy Autoscaling configuration @@ -1626,9 +1626,9 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= | `attu.serviceAccount.name` | The name of the ServiceAccount to use | `""` | | `attu.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | | `attu.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `attu.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `attu.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `attu.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `attu.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | +| `attu.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | +| `attu.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `attu.pdb.minAvailable` and `attu.pdb.maxUnavailable` are empty. | `{}` | ### Attu Autoscaling configuration diff --git a/bitnami/milvus/templates/attu/pdb.yaml b/bitnami/milvus/templates/attu/pdb.yaml index e38e93b9691d99..6f3c7baf54c01f 100644 --- a/bitnami/milvus/templates/attu/pdb.yaml +++ b/bitnami/milvus/templates/attu/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.attu.pdb.create }} +{{- if and .Values.attu.enabled .Values.attu.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -21,8 +21,8 @@ spec: {{- if .Values.attu.pdb.minAvailable }} minAvailable: {{ .Values.attu.pdb.minAvailable }} {{- end }} - {{- if .Values.attu.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.attu.pdb.maxUnavailable }} + {{- if or .Values.attu.pdb.maxUnavailable (not .Values.attu.pdb.minAvailable) }} + maxUnavailable: {{ .Values.attu.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.attu.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/data-coordinator/pdb.yaml b/bitnami/milvus/templates/data-coordinator/pdb.yaml index 1d23af3af438a3..87e672f06eda3a 100644 --- a/bitnami/milvus/templates/data-coordinator/pdb.yaml +++ b/bitnami/milvus/templates/data-coordinator/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.dataCoord.pdb.create }} +{{- if and .Values.dataCoord.enabled .Values.dataCoord.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.dataCoord.pdb.minAvailable }} minAvailable: {{ .Values.dataCoord.pdb.minAvailable }} {{- end }} - {{- if .Values.dataCoord.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.dataCoord.pdb.maxUnavailable }} + {{- if or .Values.dataCoord.pdb.maxUnavailable (not .Values.dataCoord.pdb.minAvailable) }} + maxUnavailable: {{ .Values.dataCoord.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.dataCoord.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/data-node/pdb.yaml b/bitnami/milvus/templates/data-node/pdb.yaml index 4c18da0e14d77a..0bff293309b342 100644 --- a/bitnami/milvus/templates/data-node/pdb.yaml +++ b/bitnami/milvus/templates/data-node/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.dataNode.pdb.create }} +{{- if and .Values.dataNode.enabled .Values.dataNode.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.dataNode.pdb.minAvailable }} minAvailable: {{ .Values.dataNode.pdb.minAvailable }} {{- end }} - {{- if .Values.dataNode.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.dataNode.pdb.maxUnavailable }} + {{- if or .Values.dataNode.pdb.maxUnavailable (not .Values.dataNode.pdb.minAvailable) }} + maxUnavailable: {{ .Values.dataNode.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.dataNode.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/index-coordinator/pdb.yaml b/bitnami/milvus/templates/index-coordinator/pdb.yaml index d7c817b4b2098c..31a47418526aee 100644 --- a/bitnami/milvus/templates/index-coordinator/pdb.yaml +++ b/bitnami/milvus/templates/index-coordinator/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.indexCoord.pdb.create }} +{{- if and .Values.indexCoord.enabled .Values.indexCoord.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.indexCoord.pdb.minAvailable }} minAvailable: {{ .Values.indexCoord.pdb.minAvailable }} {{- end }} - {{- if .Values.indexCoord.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.indexCoord.pdb.maxUnavailable }} + {{- if or .Values.indexCoord.pdb.maxUnavailable (not .Values.indexCoord.pdb.minAvailable) }} + maxUnavailable: {{ .Values.indexCoord.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.indexCoord.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/index-node/pdb.yaml b/bitnami/milvus/templates/index-node/pdb.yaml index 5f672b2fe18197..fec6af3a011a10 100644 --- a/bitnami/milvus/templates/index-node/pdb.yaml +++ b/bitnami/milvus/templates/index-node/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.indexNode.pdb.create }} +{{- if and .Values.indexNode.enabled .Values.indexNode.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.indexNode.pdb.minAvailable }} minAvailable: {{ .Values.indexNode.pdb.minAvailable }} {{- end }} - {{- if .Values.indexNode.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.indexNode.pdb.maxUnavailable }} + {{- if or .Values.indexNode.pdb.maxUnavailable (not .Values.indexNode.pdb.minAvailable) }} + maxUnavailable: {{ .Values.indexNode.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.indexNode.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/proxy/pdb.yaml b/bitnami/milvus/templates/proxy/pdb.yaml index 3754f35001bd8a..d4d72b3bcbbbdd 100644 --- a/bitnami/milvus/templates/proxy/pdb.yaml +++ b/bitnami/milvus/templates/proxy/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.proxy.pdb.create }} +{{- if and .Values.proxy.enabled .Values.proxy.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.proxy.pdb.minAvailable }} minAvailable: {{ .Values.proxy.pdb.minAvailable }} {{- end }} - {{- if .Values.proxy.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.proxy.pdb.maxUnavailable }} + {{- if or .Values.proxy.pdb.maxUnavailable (not .Values.proxy.pdb.minAvailable) }} + maxUnavailable: {{ .Values.proxy.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.proxy.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/query-coordinator/pdb.yaml b/bitnami/milvus/templates/query-coordinator/pdb.yaml index abf63e9c9c6110..f8ed9bb6bf74d2 100644 --- a/bitnami/milvus/templates/query-coordinator/pdb.yaml +++ b/bitnami/milvus/templates/query-coordinator/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.queryCoord.pdb.create }} +{{- if and .Values.queryCoord.enabled .Values.queryCoord.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.queryCoord.pdb.minAvailable }} minAvailable: {{ .Values.queryCoord.pdb.minAvailable }} {{- end }} - {{- if .Values.queryCoord.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.queryCoord.pdb.maxUnavailable }} + {{- if or .Values.queryCoord.pdb.maxUnavailable (not .Values.queryCoord.pdb.minAvailable) }} + maxUnavailable: {{ .Values.queryCoord.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.queryCoord.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/query-node/pdb.yaml b/bitnami/milvus/templates/query-node/pdb.yaml index 65d26894354302..37948578c3d08e 100644 --- a/bitnami/milvus/templates/query-node/pdb.yaml +++ b/bitnami/milvus/templates/query-node/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.queryNode.pdb.create }} +{{- if and .Values.queryNode.enabled .Values.queryNode.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.queryNode.pdb.minAvailable }} minAvailable: {{ .Values.queryNode.pdb.minAvailable }} {{- end }} - {{- if .Values.queryNode.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.queryNode.pdb.maxUnavailable }} + {{- if or .Values.queryNode.pdb.maxUnavailable (not .Values.queryNode.pdb.minAvailable) }} + maxUnavailable: {{ .Values.queryNode.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.queryNode.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/templates/root-coordinator/pdb.yaml b/bitnami/milvus/templates/root-coordinator/pdb.yaml index 812360b521a46f..654a0661f39be9 100644 --- a/bitnami/milvus/templates/root-coordinator/pdb.yaml +++ b/bitnami/milvus/templates/root-coordinator/pdb.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.rootCoord.pdb.create }} +{{- if and .Values.rootCoord.enabled .Values.rootCoord.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: @@ -19,8 +19,8 @@ spec: {{- if .Values.rootCoord.pdb.minAvailable }} minAvailable: {{ .Values.rootCoord.pdb.minAvailable }} {{- end }} - {{- if .Values.rootCoord.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.rootCoord.pdb.maxUnavailable }} + {{- if or .Values.rootCoord.pdb.maxUnavailable (not .Values.rootCoord.pdb.minAvailable) }} + maxUnavailable: {{ .Values.rootCoord.pdb.maxUnavailable | default 1 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.rootCoord.podLabels .Values.commonLabels ) "context" . ) }} selector: diff --git a/bitnami/milvus/values.schema.json b/bitnami/milvus/values.schema.json index e4328edbf63081..76d1961b88f972 100644 --- a/bitnami/milvus/values.schema.json +++ b/bitnami/milvus/values.schema.json @@ -20,6 +20,21 @@ "type": "string", "description": "Global StorageClass for Persistent Volume(s)", "default": "" + }, + "compatibility": { + "type": "object", + "properties": { + "openshift": { + "type": "object", + "properties": { + "adaptSecurityContext": { + "type": "string", + "description": "Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)", + "default": "auto" + } + } + } + } } } }, @@ -62,7 +77,7 @@ "enableServiceLinks": { "type": "boolean", "description": "Whether information about services should be injected into all pods' environment variable", - "default": true + "default": false }, "diagnosticMode": { "type": "object", @@ -103,17 +118,12 @@ "registry": { "type": "string", "description": "Milvus image registry", - "default": "docker.io" + "default": "REGISTRY_NAME" }, "repository": { "type": "string", "description": "Milvus image repository", - "default": "bitnami/milvus" - }, - "tag": { - "type": "string", - "description": "Milvus image tag (immutable tags are recommended)", - "default": "2.2.10-debian-11-r3" + "default": "REPOSITORY_NAME/milvus" }, "digest": { "type": "string", @@ -165,13 +175,18 @@ "type": "string", "description": "Name of a secret containing the Milvus password", "default": "" + }, + "existingSecretPasswordKey": { + "type": "string", + "description": "Name of the secret key containing the Milvus password", + "default": "" } } }, "defaultConfig": { "type": "string", "description": "Milvus components default configuration", - "default": "# etcd configuration\netcd:\n endpoints:\n {{- if .Values.etcd.enabled }}\n {{- $replicas := $.Values.etcd.replicaCount | int }}\n {{- range $i, $_e := until $replicas }}\n - {{ printf \"%s://%s-%d.%s:%v\" (ternary \"https\" \"http\" $.Values.etcd.auth.client.secureTransport) (include \"milvus.etcd.fullname\" $ ) $i (include \"milvus.etcd.headlessServiceName\" $) ( include \"milvus.etcd.port\" $ ) }} {{- end }}\n {{- else }}\n {{- range $node := .Values.externalEtcd.servers }}\n - {{ ternary \"https\" \"http\" $.Values.externalEtcd.secureTransport }}://{{ printf \"%s:%v\" $node (include \"milvus.etcd.port\" $) }}\n {{- end }}\n {{- end }}\nmetastore:\n type: etcd\n\n# S3 configuration\nminio:\n address: {{ include \"milvus.s3.host\" . }}\n port: {{ include \"milvus.s3.port\" . }}\n accessKeyID: {{ print \"{{ MILVUS_S3_ACCESS_ID }}\" | quote }}\n secretAccessKey: {{ print \"{{ MILVUS_S3_SECRET_ACCESS_KEY }}\" | quote }}\n useSSL: {{ include \"milvus.s3.useSSL\" . }}\n bucketName: {{ include \"milvus.s3.bucket\" . }}\n rootPath: {{ include \"milvus.s3.rootPath\" . }}\n useIAM: {{ include \"milvus.s3.useIAM\" . }}\n {{- if not .Values.minio.enabled }}\n cloudProvider: {{ .Values.externalS3.cloudProvider }}\n iamEndpoint: {{ .Values.externalS3.iamEndpoint }}\n {{- end }}\n\n# Kafka configuration\nkafka:\n brokerList:\n {{- if .Values.kafka.enabled }}\n {{- $replicas := $.Values.kafka.replicaCount | int }}\n {{- range $i, $_e := until $replicas }}\n - {{ printf \"%s-%d.%s:%v\" (include \"milvus.kafka.fullname\" $ ) $i (include \"milvus.kafka.headlessServiceName\" $) ( include \"milvus.kafka.port\" $ ) }}\n {{- end }}\n {{- else }}\n {{- range $node := .Values.kafka.servers }}\n - {{ printf \"%s:%v\" $node (include \"milvus.kafka.port\" $) }}\n {{- end }}\n {{- end }}\n securityProtocol: {{ include \"milvus.kafka.securityProtocol\" . }}\n {{- if include \"milvus.kafka.authEnabled\" . }}\n saslMechanisms: {{ include \"milvus.kafka.saslMechanisms\" . }}\n saslUsername: {{ include \"milvus.kafka.user\" . }}\n saslPassword: {{ print \"{{ MILVUS_KAFKA_PASSWORD }}\" | quote }}\n {{- end }}\n\n# Data coordinator\ndataCoord:\n address: {{ include \"milvus.data-coordinator.fullname\" . }}\n port: {{ .Values.dataCoord.service.ports.grpc }}\n\n# Root coordinator\nrootCoord:\n address: {{ include \"milvus.root-coordinator.fullname\" . }}\n port: {{ .Values.rootCoord.service.ports.grpc }}\n\n# Index coordinator\nindexCoord:\n address: {{ include \"milvus.index-coordinator.fullname\" . }}\n port: {{ .Values.indexCoord.service.ports.grpc }}\n\n# Query coordinator\nqueryCoord:\n address: {{ include \"milvus.query-coordinator.fullname\" . }}\n port: {{ .Values.queryCoord.service.ports.grpc }}\n\n# Data node\ndataNode:\n port: {{ .Values.dataNode.service.ports.grpc }}\n\n# Index node\nindexNode:\n port: {{ .Values.indexNode.service.ports.grpc }}\n\n# Query node\nqueryNode:\n port: {{ .Values.queryNode.service.ports.grpc }}\n\nproxy:\n port: {{ .Values.proxy.service.ports.grpc }}\n accessLog:\n localPath: /dev\n filename: stdout\n http:\n enabled: true\n\n# Log configuration\nlog:\n level: {{ ternary \"debug\" \"info\" .Values.milvus.image.debug }}\n stdout: true\n\n# Common configuration\ncommon:\n storageType: minio\n security:\n authorizationEnabled: {{ .Values.milvus.auth.enabled }}\n {{- if .Values.milvus.auth.enabled }}\n superUsers:\n - {{ .Values.milvus.auth.username }}\n {{- end }}\n" + "default": "\"\"" }, "extraConfig": { "type": "object", @@ -204,17 +219,12 @@ "registry": { "type": "string", "description": "PyMilvus image registry", - "default": "docker.io" + "default": "REGISTRY_NAME" }, "repository": { "type": "string", "description": "PyMilvus image repository", - "default": "bitnami/pymilvus" - }, - "tag": { - "type": "string", - "description": "PyMilvus image tag (immutable tags are recommended)", - "default": "2.2.13-debian-11-r1" + "default": "REPOSITORY_NAME/pymilvus" }, "digest": { "type": "string", @@ -244,27 +254,27 @@ "properties": { "existingSecret": { "type": "string", - "description": "Name of the existing secret containing the TLS certificates for initJob", + "description": "Name of the existing secret containing the TLS certificates for initJob.", "default": "" }, "cert": { "type": "string", "description": "The secret key from the existingSecret if 'cert' key different from the default (client.pem)", - "default": "tls.crt" + "default": "client.pem" }, "key": { "type": "string", "description": "The secret key from the existingSecret if 'key' key different from the default (client.key)", - "default": "tls.key" + "default": "client.key" }, "caCert": { "type": "string", "description": "The secret key from the existingSecret if 'caCert' key different from the default (ca.pem)", - "default": "ca.crt" + "default": "ca.pem" }, "keyPassword": { "type": "string", - "description": "Password to access the password-protected PEM key if necessary", + "description": "Password to access the password-protected PEM key if necessary.", "default": "" } } @@ -290,27 +300,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled credential init job containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set credential init job containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set credential init job containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set credential init job containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -318,7 +338,7 @@ "properties": { "drop": { "type": "array", - "description": "Set container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -327,6 +347,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -338,20 +368,27 @@ "description": "Enabled credential init job pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set credential init job pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -377,52 +414,147 @@ "default": [], "items": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if initJob.resources is set (initJob.resources is recommended for production).", + "default": "micro" + }, "resources": { + "type": "object", + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} + }, + "livenessProbe": { "type": "object", "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the container", - "default": {} + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on init job", + "default": true }, - "requests": { - "type": "object", - "description": "The requested resources for the container", - "default": {} + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 5 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 } } }, - "hostAliases": { - "type": "array", - "description": "Add deployment host aliases", - "default": [], - "items": {} + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on init job", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 5 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } }, - "annotations": { + "startupProbe": { "type": "object", "properties": { - "helm": { - "type": "object", - "properties": { - "sh/hook": { - "type": "string", - "description": "", - "default": "post-install" - }, - "sh/hook-delete-policy": { - "type": "string", - "description": "", - "default": "before-hook-creation,hook-succeeded" - }, - "sh/hook-weight": { - "type": "string", - "description": "", - "default": "10" - } - } + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on Data Coordinator containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 5 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 } } }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, + "hostAliases": { + "type": "array", + "description": "Add deployment host aliases", + "default": [], + "items": {} + }, "podLabels": { "type": "object", "description": "Additional pod labels", @@ -432,6 +564,37 @@ "type": "object", "description": "Additional pod annotations", "default": {} + }, + "networkPolicy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable creation of NetworkPolicy resources", + "default": true + }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, + "extraIngress": { + "type": "array", + "description": "Add extra ingress rules to the NetworkPolicy", + "default": "[]", + "items": { + "type": "string" + } + }, + "extraEgress": { + "type": "array", + "description": "Add extra ingress rules to the NetworkPolicy", + "default": "[]", + "items": { + "type": "string" + } + } + } } } }, @@ -462,7 +625,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\ndataCoord:\n port: {{ .Values.dataCoord.containerPorts.grpc }}\n enableActiveStandby: true\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -631,20 +794,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if dataCoord.resources is set (dataCoord.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the data coordinator containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the data coordinator containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -654,20 +812,27 @@ "description": "Enabled Data Coordinator pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Data Coordinator pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Data Coordinator container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -676,27 +841,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Data Coordinator containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Data Coordinator containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Data Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Data Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Data Coordinator container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -704,7 +879,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Data Coordinator container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -713,6 +888,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -726,6 +911,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "data coordinator pods host aliases", @@ -855,7 +1045,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Data Coordinator pods", - "default": false + "default": true }, "name": { "type": "string", @@ -880,17 +1070,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -1063,24 +1243,33 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", "description": "The Policy model to apply", "default": true }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, @@ -1092,26 +1281,6 @@ "description": "Enable metrics", "default": false }, - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.dataCoord.service.ports.grpc }}" - } - } - } - } - }, "serviceMonitor": { "type": "object", "properties": { @@ -1205,7 +1374,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\nrootCoord:\n port: {{ .Values.rootCoord.containerPorts.grpc }}\n enableActiveStandby: true\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -1374,20 +1543,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if rootCoord.resources is set (rootCoord.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the data coordinator containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the data coordinator containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -1397,20 +1561,27 @@ "description": "Enabled Root Coordinator pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Root Coordinator pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Root Coordinator container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -1419,27 +1590,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Root Coordinator containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Root Coordinator containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Root Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Root Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Root Coordinator container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -1447,7 +1628,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Root Coordinator container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -1456,6 +1637,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -1469,6 +1660,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "data coordinator pods host aliases", @@ -1598,7 +1794,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Root Coordinator pods", - "default": false + "default": true }, "name": { "type": "string", @@ -1623,17 +1819,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -1806,50 +1992,39 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", - "description": "The Policy model to apply", + "description": "The Policy model to apply", + "default": true + }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", "default": true }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, "metrics": { "type": "object", "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.rootCoord.service.ports.grpc }}" - } - } - } - } - }, "enabled": { "type": "boolean", "description": "Enable metrics", @@ -1948,7 +2123,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\nqueryCoord:\n port: {{ .Values.queryCoord.containerPorts.grpc }}\n enableActiveStandby: true\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -2117,20 +2292,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if queryCoord.resources is set (queryCoord.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the data coordinator containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the data coordinator containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -2140,20 +2310,27 @@ "description": "Enabled Query Coordinator pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Query Coordinator pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Query Coordinator container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -2162,27 +2339,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Query Coordinator containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Query Coordinator containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Query Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Query Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Query Coordinator container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -2190,7 +2377,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Query Coordinator container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -2199,6 +2386,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -2212,6 +2409,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "data coordinator pods host aliases", @@ -2341,7 +2543,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Query Coordinator pods", - "default": false + "default": true }, "name": { "type": "string", @@ -2366,17 +2568,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -2549,50 +2741,39 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", "description": "The Policy model to apply", "default": true }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, "metrics": { "type": "object", "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.queryCoord.service.ports.grpc }}" - } - } - } - } - }, "enabled": { "type": "boolean", "description": "Enable metrics", @@ -2691,7 +2872,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\nindexCoord:\n port: {{ .Values.indexCoord.containerPorts.grpc }}\n enableActiveStandby: true\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -2860,20 +3041,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if indexCoord.resources is set (indexCoord.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the data coordinator containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the data coordinator containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -2883,20 +3059,27 @@ "description": "Enabled Index Coordinator pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Index Coordinator pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Index Coordinator container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -2905,27 +3088,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Index Coordinator containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Index Coordinator containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Index Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Index Coordinator containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Index Coordinator container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -2933,7 +3126,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Index Coordinator container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -2942,6 +3135,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -2955,6 +3158,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "data coordinator pods host aliases", @@ -3084,7 +3292,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Index Coordinator pods", - "default": false + "default": true }, "name": { "type": "string", @@ -3109,17 +3317,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -3292,50 +3490,39 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", "description": "The Policy model to apply", "default": true }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, "metrics": { "type": "object", "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.indexCoord.service.ports.grpc }}" - } - } - } - } - }, "enabled": { "type": "boolean", "description": "Enable metrics", @@ -3434,7 +3621,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\ndataNode:\n port: {{ .Values.dataNode.containerPorts.grpc }}\n enableDisk: true\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -3603,20 +3790,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if dataNode.resources is set (dataNode.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the data node containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the data node containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -3626,20 +3808,27 @@ "description": "Enabled Data Node pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Data Node pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Data Node container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -3648,27 +3837,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Data Node containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Data Node containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Data Node containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Data Node containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Data Node container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -3676,7 +3875,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Data Node container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -3685,6 +3884,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -3698,6 +3907,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "data node pods host aliases", @@ -3827,7 +4041,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Data Node pods", - "default": false + "default": true }, "name": { "type": "string", @@ -3849,20 +4063,10 @@ "pdb": { "type": "object", "properties": { - "create": { - "type": "boolean", - "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "create": { + "type": "boolean", + "description": "Enable/disable a Pod Disruption Budget creation", + "default": true } } }, @@ -4035,50 +4239,39 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", "description": "The Policy model to apply", "default": true }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, "metrics": { "type": "object", "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.dataNode.service.ports.grpc }}" - } - } - } - } - }, "enabled": { "type": "boolean", "description": "Enable metrics", @@ -4177,7 +4370,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\nqueryNode:\n port: {{ .Values.queryNode.containerPorts.grpc }}\n enableDisk: true\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -4346,20 +4539,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if queryNode.resources is set (queryNode.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the data node containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the data node containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -4369,20 +4557,27 @@ "description": "Enabled Query Node pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Query Node pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Query Node container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -4391,27 +4586,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Query Node containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Query Node containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Query Node containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Query Node containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Query Node container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -4419,7 +4624,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Query Node container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -4428,6 +4633,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -4441,6 +4656,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "data node pods host aliases", @@ -4570,7 +4790,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Query Node pods", - "default": false + "default": true }, "name": { "type": "string", @@ -4595,17 +4815,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -4778,50 +4988,39 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", "description": "The Policy model to apply", "default": true }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, "metrics": { "type": "object", "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.queryNode.service.ports.grpc }}" - } - } - } - } - }, "enabled": { "type": "boolean", "description": "Enable metrics", @@ -4920,7 +5119,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\nindexNode:\n port: {{ .Values.indexNode.containerPorts.grpc }}\n enableDisk: true\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -5089,20 +5288,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if indexNode.resources is set (indexNode.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the data node containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the data node containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -5112,20 +5306,27 @@ "description": "Enabled Index Node pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Index Node pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Index Node container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -5134,27 +5335,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Index Node containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Index Node containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Index Node containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Index Node containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Index Node container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -5162,7 +5373,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Index Node container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -5171,6 +5382,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -5184,6 +5405,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "data node pods host aliases", @@ -5313,7 +5539,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Index Node pods", - "default": false + "default": true }, "name": { "type": "string", @@ -5338,17 +5564,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -5521,50 +5737,39 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", "description": "The Policy model to apply", "default": true }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, "metrics": { "type": "object", "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.indexNode.service.ports.grpc }}" - } - } - } - } - }, "enabled": { "type": "boolean", "description": "Enable metrics", @@ -5648,33 +5853,33 @@ "type": "object", "properties": { "mode": { - "type": "integer", + "type": "number", "description": "TLS mode for proxy. Allowed values: `0`, `1`, `2`", - "default": false + "default": 0 }, "existingSecret": { "type": "string", - "description": "Name of the existing secret containing the TLS certificates for proxy", + "description": "Name of the existing secret containing the TLS certificates for proxy.", "default": "" }, "cert": { "type": "string", "description": "The secret key from the existingSecret if 'cert' key different from the default (server.pem)", - "default": "tls.crt" + "default": "server.pem" }, "key": { "type": "string", "description": "The secret key from the existingSecret if 'key' key different from the default (server.key)", - "default": "tls.key" + "default": "server.key" }, "caCert": { "type": "string", "description": "The secret key from the existingSecret if 'caCert' key different from the default (ca.pem)", - "default": "ca.crt" + "default": "ca.pem" }, "keyPassword": { "type": "string", - "description": "Password to access the password-protected PEM key if necessary", + "description": "Password to access the password-protected PEM key if necessary.", "default": "" } } @@ -5698,7 +5903,7 @@ "defaultConfig": { "type": "string", "description": "Default override configuration from the common set in milvus.defaultConfig", - "default": "# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)\nproxy:\n port: {{ .Values.proxy.containerPorts.grpc }}\n internalPort: {{ .Values.proxy.containerPorts.grpcInternal }}\n" + "default": "\"\"" }, "existingConfigMap": { "type": "string", @@ -5872,20 +6077,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if proxy.resources is set (proxy.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the proxy containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the proxy containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -5895,20 +6095,27 @@ "description": "Enabled Proxy pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Proxy pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Proxy container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -5917,27 +6124,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Proxy containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Proxy containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Proxy containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Proxy containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Proxy container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -5945,7 +6162,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Proxy container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -5954,6 +6171,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -5967,6 +6194,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "proxy pods host aliases", @@ -6096,7 +6328,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Proxy pods", - "default": false + "default": true }, "name": { "type": "string", @@ -6121,17 +6353,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -6298,29 +6520,45 @@ } } }, - "metrics": { + "networkPolicy": { "type": "object", "properties": { - "annotations": { - "type": "object", - "properties": { - "prometheus": { - "type": "object", - "properties": { - "io/scrape": { - "type": "string", - "description": "", - "default": "true" - }, - "io/port": { - "type": "string", - "description": "", - "default": "{{ .Values.proxy.service.ports.grpc }}" - } - } - } + "enabled": { + "type": "boolean", + "description": "Enable creation of NetworkPolicy resources", + "default": true + }, + "allowExternal": { + "type": "boolean", + "description": "The Policy model to apply", + "default": true + }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, + "extraIngress": { + "type": "array", + "description": "Add extra ingress rules to the NetworkPolicy", + "default": "[]", + "items": { + "type": "string" } }, + "extraEgress": { + "type": "array", + "description": "Add extra ingress rules to the NetworkPolicy", + "default": "[]", + "items": { + "type": "string" + } + } + } + }, + "metrics": { + "type": "object", + "properties": { "enabled": { "type": "boolean", "description": "Enable metrics", @@ -6389,33 +6627,6 @@ } } } - }, - "networkPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Enable creation of NetworkPolicy resources", - "default": false - }, - "allowExternal": { - "type": "boolean", - "description": "The Policy model to apply", - "default": true - }, - "extraIngress": { - "type": "array", - "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} - }, - "extraEgress": { - "type": "array", - "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} - } - } } } }, @@ -6433,17 +6644,12 @@ "registry": { "type": "string", "description": "Attu image registry", - "default": "docker.io" + "default": "REGISTRY_NAME" }, "repository": { "type": "string", "description": "Attu image repository", - "default": "bitnami/attu" - }, - "tag": { - "type": "string", - "description": "Attu image tag (immutable tags are recommended)", - "default": "2.2.6-debian-11-r1" + "default": "REPOSITORY_NAME/attu" }, "digest": { "type": "string", @@ -6631,20 +6837,15 @@ "description": "Custom startupProbe that overrides the default one", "default": {} }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if attu.resources is set (attu.resources is recommended for production).", + "default": "micro" + }, "resources": { "type": "object", - "properties": { - "limits": { - "type": "object", - "description": "The resources limits for the attu containers", - "default": {} - }, - "requests": { - "type": "object", - "description": "The requested resources for the attu containers", - "default": {} - } - } + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} }, "podSecurityContext": { "type": "object", @@ -6654,20 +6855,27 @@ "description": "Enabled Attu pods' Security Context", "default": true }, + "fsGroupChangePolicy": { + "type": "string", + "description": "Set filesystem group change policy", + "default": "Always" + }, + "sysctls": { + "type": "array", + "description": "Set kernel settings using the sysctl interface", + "default": [], + "items": {} + }, + "supplementalGroups": { + "type": "array", + "description": "Set filesystem extra groups", + "default": [], + "items": {} + }, "fsGroup": { "type": "number", "description": "Set Attu pod's Security Context fsGroup", "default": 1001 - }, - "seccompProfile": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Set Attu container's Security Context seccomp profile", - "default": "RuntimeDefault" - } - } } } }, @@ -6676,27 +6884,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Attu containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Attu containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Attu containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Attu containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Attu container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -6704,7 +6922,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Attu container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -6713,6 +6931,16 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } }, @@ -6726,6 +6954,11 @@ "description": "Name of the runtime class to be used by pod(s)", "default": "" }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Mount Service Account token in pod", + "default": false + }, "hostAliases": { "type": "array", "description": "attu pods host aliases", @@ -6855,7 +7088,7 @@ "create": { "type": "boolean", "description": "Enable creation of ServiceAccount for Attu pods", - "default": false + "default": true }, "name": { "type": "string", @@ -6880,17 +7113,7 @@ "create": { "type": "boolean", "description": "Enable/disable a Pod Disruption Budget creation", - "default": false - }, - "minAvailable": { - "type": "number", - "description": "Minimum number/percentage of pods that should remain scheduled", - "default": 1 - }, - "maxUnavailable": { - "type": "string", - "description": "Maximum number/percentage of pods that may be made unavailable", - "default": "" + "default": true } } }, @@ -7133,24 +7356,33 @@ "enabled": { "type": "boolean", "description": "Enable creation of NetworkPolicy resources", - "default": false + "default": true }, "allowExternal": { "type": "boolean", "description": "The Policy model to apply", "default": true }, + "allowExternalEgress": { + "type": "boolean", + "description": "Allow the pod to access any range of port and all destinations.", + "default": true + }, "extraIngress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } }, "extraEgress": { "type": "array", "description": "Add extra ingress rules to the NetworkPolicy", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } } @@ -7165,17 +7397,12 @@ "registry": { "type": "string", "description": "Init container wait-container image registry", - "default": "docker.io" + "default": "REGISTRY_NAME" }, "repository": { "type": "string", "description": "Init container wait-container image name", - "default": "bitnami/os-shell" - }, - "tag": { - "type": "string", - "description": "Init container wait-container image tag", - "default": "11-debian-11-r2" + "default": "REPOSITORY_NAME/os-shell" }, "digest": { "type": "string", @@ -7190,8 +7417,10 @@ "pullSecrets": { "type": "array", "description": "Specify docker-registry secret names as an array", - "default": [], - "items": {} + "default": "[]", + "items": { + "type": "string" + } } } }, @@ -7200,27 +7429,37 @@ "properties": { "enabled": { "type": "boolean", - "description": "Enabled Milvus containers' Security Context", + "description": "Enabled containers' Security Context", "default": true }, "runAsUser": { "type": "number", - "description": "Set Milvus containers' Security Context runAsUser", + "description": "Set containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set containers' Security Context runAsGroup", "default": 1001 }, "runAsNonRoot": { "type": "boolean", - "description": "Set Milvus containers' Security Context runAsNonRoot", + "description": "Set container's Security Context runAsNonRoot", "default": true }, + "privileged": { + "type": "boolean", + "description": "Set container's Security Context privileged", + "default": false + }, "readOnlyRootFilesystem": { "type": "boolean", - "description": "Set Milvus containers' Security Context runAsNonRoot", + "description": "Set container's Security Context readOnlyRootFilesystem", "default": true }, "allowPrivilegeEscalation": { "type": "boolean", - "description": "Set Milvus container's privilege escalation", + "description": "Set container's Security Context allowPrivilegeEscalation", "default": false }, "capabilities": { @@ -7228,7 +7467,7 @@ "properties": { "drop": { "type": "array", - "description": "Set Milvus container's Security Context runAsNonRoot", + "description": "List of capabilities to be dropped", "default": [ "ALL" ], @@ -7237,8 +7476,28 @@ } } } + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } } } + }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if initJob.resources is set (initJob.resources is recommended for production).", + "default": "micro" + }, + "resources": { + "type": "object", + "description": "Set container requests and limits for different resources like CPU or memory (essential for production workloads)", + "default": {} } } }, @@ -7256,37 +7515,57 @@ "description": "Port of the external etcd instance", "default": 2379 }, + "user": { + "type": "string", + "description": "User of the external etcd instance", + "default": "root" + }, + "password": { + "type": "string", + "description": "Password of the external etcd instance", + "default": "" + }, + "existingSecret": { + "type": "string", + "description": "Name of a secret containing the external etcd password", + "default": "" + }, + "existingSecretPasswordKey": { + "type": "string", + "description": "Key inside the secret containing the external etcd password", + "default": "etcd-root-password" + }, "tls": { "type": "object", "properties": { "enabled": { "type": "boolean", - "description": "Enable TLS for etcd client connections", + "description": "Enable TLS for etcd client connections.", "default": false }, "existingSecret": { "type": "string", - "description": "Name of the existing secret containing the TLS certificates for external etcd client communications", + "description": "Name of the existing secret containing the TLS certificates for external etcd client communications.", "default": "" }, "cert": { "type": "string", - "description": "The secret key from the existingSecret if 'cert' key different from the default", + "description": "The secret key from the existingSecret if 'cert' key different from the default (tls.crt)", "default": "tls.crt" }, "key": { "type": "string", - "description": "The secret key from the existingSecret if 'key' key different from the default", + "description": "The secret key from the existingSecret if 'key' key different from the default (tls.key)", "default": "tls.key" }, "caCert": { "type": "string", - "description": "The secret key from the existingSecret if 'caCert' key different from the default", + "description": "The secret key from the existingSecret if 'caCert' key different from the default (ca.crt)", "default": "ca.crt" }, "keyPassword": { "type": "string", - "description": "Password to access the password-protected PEM key if necessary", + "description": "Password to access the password-protected PEM key if necessary.", "default": "" } } @@ -7375,6 +7654,46 @@ "type": "number", "description": "External Kafka port", "default": 9092 + }, + "listener": { + "type": "object", + "properties": { + "protocol": { + "type": "string", + "description": "Kafka listener protocol. Allowed protocols: PLAINTEXT, SASL_PLAINTEXT, SASL_SSL and SSL", + "default": "PLAINTEXT" + } + } + }, + "sasl": { + "type": "object", + "properties": { + "user": { + "type": "string", + "description": "User for SASL authentication", + "default": "user" + }, + "password": { + "type": "string", + "description": "Password for SASL authentication", + "default": "" + }, + "existingSecret": { + "type": "string", + "description": "Name of the existing secret containing a password for SASL authentication (under the key named \"client-passwords\")", + "default": "" + }, + "existingSecretPasswordKey": { + "type": "string", + "description": "Name of the secret key containing the Kafka client user password", + "default": "kafka-root-password" + }, + "enabledMechanisms": { + "type": "string", + "description": "Kafka enabled SASL mechanisms", + "default": "PLAIN" + } + } } } }, @@ -7526,10 +7845,15 @@ "description": "Enable/disable Kafka chart installation", "default": true }, - "replicaCount": { - "type": "number", - "description": "Number of Kafka brokers", - "default": 1 + "controller": { + "type": "object", + "properties": { + "replicaCount": { + "type": "number", + "description": "Number of Kafka controller eligible (controller+broker) nodes", + "default": 1 + } + } }, "service": { "type": "object", @@ -7546,35 +7870,45 @@ } } }, - "auth": { + "extraConfig": { + "type": "string", + "description": "Additional configuration to be appended at the end of the generated Kafka configuration file.", + "default": "offsets.topic.replication.factor=1" + }, + "listeners": { + "type": "object", + "properties": { + "client": { + "type": "object", + "properties": { + "protocol": { + "type": "string", + "description": "Kafka authentication protocol for the client listener", + "default": "SASL_PLAINTEXT" + } + } + } + } + }, + "sasl": { "type": "object", "properties": { - "clientProtocol": { + "enabledMechanisms": { "type": "string", - "description": "Kafka authentication protocol for the client", - "default": "sasl" + "description": "Kafka enabled SASL mechanisms", + "default": "PLAIN" }, - "sasl": { + "client": { "type": "object", "properties": { - "mechanisms": { - "type": "string", - "description": "Kafka authentication mechanisms for SASL", - "default": "plain" - }, - "jaas": { - "type": "object", - "properties": { - "clientUsers": { - "type": "array", - "description": "Kafka client users", - "default": [ - "user" - ], - "items": { - "type": "string" - } - } + "users": { + "type": "array", + "description": "Kafka client users", + "default": [ + "user" + ], + "items": { + "type": "string" } } } @@ -7584,4 +7918,4 @@ } } } -} +} \ No newline at end of file diff --git a/bitnami/milvus/values.yaml b/bitnami/milvus/values.yaml index ac78abe3698c2e..29749e1e4a9e6a 100644 --- a/bitnami/milvus/values.yaml +++ b/bitnami/milvus/values.yaml @@ -802,12 +802,12 @@ dataCoord: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param dataCoord.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param dataCoord.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param dataCoord.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param dataCoord.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param dataCoord.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `dataCoord.pdb.minAvailable` and `dataCoord.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Data Coordinator Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -1307,12 +1307,12 @@ rootCoord: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param rootCoord.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param rootCoord.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param rootCoord.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param rootCoord.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param rootCoord.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `rootCoord.pdb.minAvailable` and `rootCoord.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Root Coordinator Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -1812,12 +1812,12 @@ queryCoord: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param queryCoord.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param queryCoord.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param queryCoord.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param queryCoord.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param queryCoord.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `queryCoord.pdb.minAvailable` and `queryCoord.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Query Coordinator Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -2317,12 +2317,12 @@ indexCoord: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param indexCoord.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param indexCoord.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param indexCoord.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param indexCoord.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param indexCoord.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable.Defaults to `1` if both `queryCoord.pdb.minAvailable` and `queryCoord.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Index Coordinator Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -2822,12 +2822,12 @@ dataNode: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param dataNode.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param dataNode.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param dataNode.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param dataNode.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param dataNode.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `dataNode.pdb.minAvailable` and `dataNode.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Data Node Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -3327,12 +3327,12 @@ queryNode: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param queryNode.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param queryNode.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param queryNode.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param queryNode.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param queryNode.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `queryNode.pdb.minAvailable` and `queryNode.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Query Node Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -3832,12 +3832,12 @@ indexNode: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param indexNode.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param indexNode.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param indexNode.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param indexNode.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param indexNode.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `indexNode.pdb.minAvailable` and `indexNode.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Index Node Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -4365,12 +4365,12 @@ proxy: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param proxy.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param proxy.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param proxy.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param proxy.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param proxy.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `proxy.pdb.minAvailable` and `proxy.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Proxy Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ @@ -4883,12 +4883,12 @@ attu: ## Pod Disruption Budget configuration ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb ## @param attu.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param attu.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param attu.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable + ## @param attu.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled + ## @param attu.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `attu.pdb.minAvailable` and `attu.pdb.maxUnavailable` are empty. ## pdb: - create: false - minAvailable: 1 + create: true + minAvailable: "" maxUnavailable: "" ## @section Attu Autoscaling configuration ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/