From fa1f016ec4adadf2c03b1451a492959c24866240 Mon Sep 17 00:00:00 2001 From: Bitnami Containers Date: Thu, 4 Apr 2024 23:47:21 +0000 Subject: [PATCH 1/2] [bitnami/jupyterhub] Release 7.0.1 updating components versions Signed-off-by: Bitnami Containers --- bitnami/jupyterhub/Chart.lock | 6 +++--- bitnami/jupyterhub/Chart.yaml | 12 ++++++------ bitnami/jupyterhub/values.yaml | 8 ++++---- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/bitnami/jupyterhub/Chart.lock b/bitnami/jupyterhub/Chart.lock index 80c12093595624..31a1214adea01e 100644 --- a/bitnami/jupyterhub/Chart.lock +++ b/bitnami/jupyterhub/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.1.4 + version: 15.2.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.1 -digest: sha256:f15ec057688c4a9b9c003f05e6baae7e63b8ecd7dc2dcb8810a252def93422ba -generated: "2024-04-01T08:41:26.613204+02:00" +digest: sha256:3e92f6281cd6514443c63639a235280230dd8d74f427b9e215bda673b7d4dedc +generated: "2024-04-04T23:47:10.145537337Z" diff --git a/bitnami/jupyterhub/Chart.yaml b/bitnami/jupyterhub/Chart.yaml index 6d8ed4b1bb9da6..737955d89ec5d6 100644 --- a/bitnami/jupyterhub/Chart.yaml +++ b/bitnami/jupyterhub/Chart.yaml @@ -6,15 +6,15 @@ annotations: licenses: Apache-2.0 images: | - name: configurable-http-proxy - image: docker.io/bitnami/configurable-http-proxy:4.6.1-debian-12-r12 + image: docker.io/bitnami/configurable-http-proxy:4.6.1-debian-12-r13 - name: jupyter-base-notebook - image: docker.io/bitnami/jupyter-base-notebook:4.1.3-debian-12-r0 + image: docker.io/bitnami/jupyter-base-notebook:4.1.4-debian-12-r1 - name: jupyterhub - image: docker.io/bitnami/jupyterhub:4.1.4-debian-12-r0 + image: docker.io/bitnami/jupyterhub:4.1.5-debian-12-r0 - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r17 + image: docker.io/bitnami/os-shell:12-debian-12-r18 apiVersion: v2 -appVersion: 4.1.4 +appVersion: 4.1.5 dependencies: - condition: postgresql.enabled name: postgresql @@ -37,4 +37,4 @@ maintainers: name: jupyterhub sources: - https://github.com/bitnami/charts/tree/main/bitnami/jupyterhub -version: 7.0.0 +version: 7.0.1 diff --git a/bitnami/jupyterhub/values.yaml b/bitnami/jupyterhub/values.yaml index 09666ed6fa53e3..7d8f5d8b2c4541 100644 --- a/bitnami/jupyterhub/values.yaml +++ b/bitnami/jupyterhub/values.yaml @@ -77,7 +77,7 @@ hub: image: registry: docker.io repository: bitnami/jupyterhub - tag: 4.1.4-debian-12-r0 + tag: 4.1.5-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -701,7 +701,7 @@ proxy: image: registry: docker.io repository: bitnami/configurable-http-proxy - tag: 4.6.1-debian-12-r12 + tag: 4.6.1-debian-12-r13 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1621,7 +1621,7 @@ singleuser: image: registry: docker.io repository: bitnami/jupyter-base-notebook - tag: 4.1.3-debian-12-r0 + tag: 4.1.4-debian-12-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1861,7 +1861,7 @@ singleuser: auxiliaryImage: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r17 + tag: 12-debian-12-r18 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. From ab1afc6cbb4821b4c8c77e3d3656656e785dad68 Mon Sep 17 00:00:00 2001 From: Bitnami Containers Date: Thu, 4 Apr 2024 23:47:47 +0000 Subject: [PATCH 2/2] Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers --- bitnami/jupyterhub/README.md | 562 +++++++++++++++++------------------ 1 file changed, 281 insertions(+), 281 deletions(-) diff --git a/bitnami/jupyterhub/README.md b/bitnami/jupyterhub/README.md index a5f41a5cc7ad04..94f3524a22183a 100644 --- a/bitnami/jupyterhub/README.md +++ b/bitnami/jupyterhub/README.md @@ -342,90 +342,90 @@ There are cases where you may want to deploy extra objects, such a ConfigMap con ### Hub deployment parameters -| Name | Description | Value | -| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------- | -| `hub.image.registry` | Hub image registry | `REGISTRY_NAME` | -| `hub.image.repository` | Hub image repository | `REPOSITORY_NAME/jupyterhub` | -| `hub.image.digest` | Hub image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `hub.image.pullPolicy` | Hub image pull policy | `IfNotPresent` | -| `hub.image.pullSecrets` | Hub image pull secrets | `[]` | -| `hub.baseUrl` | Hub base URL | `/` | -| `hub.adminUser` | Hub Dummy authenticator admin user | `user` | -| `hub.password` | Hub Dummy authenticator password | `""` | -| `hub.services` | JupyterHub services interacting with the JupyterHub API | `{}` | -| `hub.configuration` | Hub configuration file (to be used by jupyterhub_config.py) | `""` | -| `hub.existingConfigmap` | Configmap with Hub init scripts (replaces the scripts in templates/hub/configmap.yml) | `""` | -| `hub.existingSecret` | Secret with hub configuration (replaces the hub.configuration value) and proxy token | `""` | -| `hub.command` | Override Hub default command | `[]` | -| `hub.args` | Override Hub default args | `[]` | -| `hub.extraEnvVars` | Add extra environment variables to the Hub container | `[]` | -| `hub.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `hub.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `hub.containerPorts.http` | Hub container port | `8081` | -| `hub.startupProbe.enabled` | Enable startupProbe on Hub containers | `true` | -| `hub.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `hub.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `hub.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `hub.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | -| `hub.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `hub.livenessProbe.enabled` | Enable livenessProbe on Hub containers | `true` | -| `hub.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `hub.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `hub.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | -| `hub.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | -| `hub.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `hub.readinessProbe.enabled` | Enable readinessProbe on Hub containers | `true` | -| `hub.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `hub.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `hub.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `hub.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | -| `hub.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `hub.customStartupProbe` | Override default startup probe | `{}` | -| `hub.customLivenessProbe` | Override default liveness probe | `{}` | -| `hub.customReadinessProbe` | Override default readiness probe | `{}` | -| `hub.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if hub.resources is set (hub.resources is recommended for production). | `small` | -| `hub.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `hub.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `hub.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `hub.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `hub.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `hub.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `hub.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `hub.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `hub.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `hub.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `hub.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `hub.podSecurityContext.enabled` | Enabled Hub pods' Security Context | `true` | -| `hub.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `hub.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `hub.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `hub.podSecurityContext.fsGroup` | Set Hub pod's Security Context fsGroup | `1001` | -| `hub.lifecycleHooks` | LifecycleHooks for the Hub container to automate configuration before or after startup | `{}` | -| `hub.automountServiceAccountToken` | Mount Service Account token in pod | `true` | -| `hub.hostAliases` | Add deployment host aliases | `[]` | -| `hub.podLabels` | Add extra labels to the Hub pods | `{}` | -| `hub.podAnnotations` | Add extra annotations to the Hub pods | `{}` | -| `hub.podAffinityPreset` | Pod affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `hub.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `hub.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `hub.nodeAffinityPreset.key` | Node label key to match. Ignored if `hub.affinity` is set | `""` | -| `hub.nodeAffinityPreset.values` | Node label values to match. Ignored if `hub.affinity` is set | `[]` | -| `hub.affinity` | Affinity for pod assignment. | `{}` | -| `hub.nodeSelector` | Node labels for pod assignment. | `{}` | -| `hub.tolerations` | Tolerations for pod assignment. | `[]` | -| `hub.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `hub.priorityClassName` | Priority Class Name | `""` | -| `hub.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `hub.terminationGracePeriodSeconds` | Seconds Hub pod needs to terminate gracefully | `""` | -| `hub.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `hub.updateStrategy.rollingUpdate` | Hub deployment rolling update configuration parameters | `{}` | -| `hub.extraVolumes` | Optionally specify extra list of additional volumes for Hub pods | `[]` | -| `hub.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Hub container(s) | `[]` | -| `hub.initContainers` | Add additional init containers to the Hub pods | `[]` | -| `hub.sidecars` | Add additional sidecar containers to the Hub pod | `[]` | -| `hub.pdb.create` | Deploy Hub PodDisruptionBudget | `false` | -| `hub.pdb.minAvailable` | Set minimum available hub instances | `""` | -| `hub.pdb.maxUnavailable` | Set maximum available hub instances | `""` | +| Name | Description | Value | +| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `hub.image.registry` | Hub image registry | `REGISTRY_NAME` | +| `hub.image.repository` | Hub image repository | `REPOSITORY_NAME/jupyterhub` | +| `hub.image.digest` | Hub image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `hub.image.pullPolicy` | Hub image pull policy | `IfNotPresent` | +| `hub.image.pullSecrets` | Hub image pull secrets | `[]` | +| `hub.baseUrl` | Hub base URL | `/` | +| `hub.adminUser` | Hub Dummy authenticator admin user | `user` | +| `hub.password` | Hub Dummy authenticator password | `""` | +| `hub.services` | JupyterHub services interacting with the JupyterHub API | `{}` | +| `hub.configuration` | Hub configuration file (to be used by jupyterhub_config.py) | `""` | +| `hub.existingConfigmap` | Configmap with Hub init scripts (replaces the scripts in templates/hub/configmap.yml) | `""` | +| `hub.existingSecret` | Secret with hub configuration (replaces the hub.configuration value) and proxy token | `""` | +| `hub.command` | Override Hub default command | `[]` | +| `hub.args` | Override Hub default args | `[]` | +| `hub.extraEnvVars` | Add extra environment variables to the Hub container | `[]` | +| `hub.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `hub.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `hub.containerPorts.http` | Hub container port | `8081` | +| `hub.startupProbe.enabled` | Enable startupProbe on Hub containers | `true` | +| `hub.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `hub.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `hub.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `hub.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | +| `hub.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `hub.livenessProbe.enabled` | Enable livenessProbe on Hub containers | `true` | +| `hub.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `hub.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `hub.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | +| `hub.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | +| `hub.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `hub.readinessProbe.enabled` | Enable readinessProbe on Hub containers | `true` | +| `hub.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `hub.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `hub.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `hub.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | +| `hub.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `hub.customStartupProbe` | Override default startup probe | `{}` | +| `hub.customLivenessProbe` | Override default liveness probe | `{}` | +| `hub.customReadinessProbe` | Override default readiness probe | `{}` | +| `hub.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if hub.resources is set (hub.resources is recommended for production). | `small` | +| `hub.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `hub.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `hub.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `hub.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `hub.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `hub.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `hub.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `hub.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | +| `hub.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `hub.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `hub.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `hub.podSecurityContext.enabled` | Enabled Hub pods' Security Context | `true` | +| `hub.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `hub.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `hub.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `hub.podSecurityContext.fsGroup` | Set Hub pod's Security Context fsGroup | `1001` | +| `hub.lifecycleHooks` | LifecycleHooks for the Hub container to automate configuration before or after startup | `{}` | +| `hub.automountServiceAccountToken` | Mount Service Account token in pod | `true` | +| `hub.hostAliases` | Add deployment host aliases | `[]` | +| `hub.podLabels` | Add extra labels to the Hub pods | `{}` | +| `hub.podAnnotations` | Add extra annotations to the Hub pods | `{}` | +| `hub.podAffinityPreset` | Pod affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `hub.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `hub.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `hub.nodeAffinityPreset.key` | Node label key to match. Ignored if `hub.affinity` is set | `""` | +| `hub.nodeAffinityPreset.values` | Node label values to match. Ignored if `hub.affinity` is set | `[]` | +| `hub.affinity` | Affinity for pod assignment. | `{}` | +| `hub.nodeSelector` | Node labels for pod assignment. | `{}` | +| `hub.tolerations` | Tolerations for pod assignment. | `[]` | +| `hub.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `hub.priorityClassName` | Priority Class Name | `""` | +| `hub.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `hub.terminationGracePeriodSeconds` | Seconds Hub pod needs to terminate gracefully | `""` | +| `hub.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `hub.updateStrategy.rollingUpdate` | Hub deployment rolling update configuration parameters | `{}` | +| `hub.extraVolumes` | Optionally specify extra list of additional volumes for Hub pods | `[]` | +| `hub.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Hub container(s) | `[]` | +| `hub.initContainers` | Add additional init containers to the Hub pods | `[]` | +| `hub.sidecars` | Add additional sidecar containers to the Hub pod | `[]` | +| `hub.pdb.create` | Deploy Hub PodDisruptionBudget | `false` | +| `hub.pdb.minAvailable` | Set minimum available hub instances | `""` | +| `hub.pdb.maxUnavailable` | Set maximum available hub instances | `""` | ### Hub RBAC parameters @@ -481,87 +481,87 @@ There are cases where you may want to deploy extra objects, such a ConfigMap con ### Proxy deployment parameters -| Name | Description | Value | -| --------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | -| `proxy.image.registry` | Proxy image registry | `REGISTRY_NAME` | -| `proxy.image.repository` | Proxy image repository | `REPOSITORY_NAME/configurable-http-proxy` | -| `proxy.image.digest` | Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `proxy.image.pullPolicy` | Proxy image pull policy | `IfNotPresent` | -| `proxy.image.pullSecrets` | Proxy image pull secrets | `[]` | -| `proxy.image.debug` | Activate verbose output | `false` | -| `proxy.secretToken` | Proxy secret token (used for communication with the Hub) | `""` | -| `proxy.command` | Override Proxy default command | `[]` | -| `proxy.args` | Override Proxy default args | `[]` | -| `proxy.extraEnvVars` | Add extra environment variables to the Proxy container | `[]` | -| `proxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `proxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `proxy.containerPort.api` | Proxy api container port | `8001` | -| `proxy.containerPort.metrics` | Proxy metrics container port | `8002` | -| `proxy.containerPort.http` | Proxy http container port | `8000` | -| `proxy.startupProbe.enabled` | Enable startupProbe on Proxy containers | `true` | -| `proxy.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `proxy.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `proxy.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `proxy.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | -| `proxy.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `proxy.livenessProbe.enabled` | Enable livenessProbe on Proxy containers | `true` | -| `proxy.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `proxy.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `proxy.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | -| `proxy.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | -| `proxy.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `proxy.readinessProbe.enabled` | Enable readinessProbe on Proxy containers | `true` | -| `proxy.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `proxy.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `proxy.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `proxy.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | -| `proxy.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `proxy.customStartupProbe` | Override default startup probe | `{}` | -| `proxy.customLivenessProbe` | Override default liveness probe | `{}` | -| `proxy.customReadinessProbe` | Override default readiness probe | `{}` | -| `proxy.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if proxy.resources is set (proxy.resources is recommended for production). | `nano` | -| `proxy.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `proxy.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `proxy.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `proxy.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `proxy.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `proxy.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `proxy.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `proxy.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `proxy.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `proxy.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `proxy.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `proxy.podSecurityContext.enabled` | Enabled Proxy pods' Security Context | `true` | -| `proxy.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `proxy.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `proxy.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `proxy.podSecurityContext.fsGroup` | Set Proxy pod's Security Context fsGroup | `1001` | -| `proxy.lifecycleHooks` | Add lifecycle hooks to the Proxy deployment | `{}` | -| `proxy.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `proxy.hostAliases` | Add deployment host aliases | `[]` | -| `proxy.podLabels` | Add extra labels to the Proxy pods | `{}` | -| `proxy.podAnnotations` | Add extra annotations to the Proxy pods | `{}` | -| `proxy.podAffinityPreset` | Pod affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `proxy.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `proxy.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `proxy.nodeAffinityPreset.key` | Node label key to match. Ignored if `proxy.affinity` is set | `""` | -| `proxy.nodeAffinityPreset.values` | Node label values to match. Ignored if `proxy.affinity` is set | `[]` | -| `proxy.affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `proxy.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `proxy.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `proxy.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `proxy.priorityClassName` | Priority Class Name | `""` | -| `proxy.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `proxy.terminationGracePeriodSeconds` | Seconds Proxy pod needs to terminate gracefully | `""` | -| `proxy.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `proxy.updateStrategy.rollingUpdate` | Proxy deployment rolling update configuration parameters | `{}` | -| `proxy.extraVolumes` | Optionally specify extra list of additional volumes for Proxy pods | `[]` | -| `proxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Proxy container(s) | `[]` | -| `proxy.initContainers` | Add additional init containers to the Proxy pods | `[]` | -| `proxy.sidecars` | Add additional sidecar containers to the Proxy pod | `[]` | -| `proxy.pdb.create` | Deploy Proxy PodDisruptionBudget | `false` | -| `proxy.pdb.minAvailable` | Set minimum available proxy instances | `""` | -| `proxy.pdb.maxUnavailable` | Set maximum available proxy instances | `""` | +| Name | Description | Value | +| --------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | +| `proxy.image.registry` | Proxy image registry | `REGISTRY_NAME` | +| `proxy.image.repository` | Proxy image repository | `REPOSITORY_NAME/configurable-http-proxy` | +| `proxy.image.digest` | Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `proxy.image.pullPolicy` | Proxy image pull policy | `IfNotPresent` | +| `proxy.image.pullSecrets` | Proxy image pull secrets | `[]` | +| `proxy.image.debug` | Activate verbose output | `false` | +| `proxy.secretToken` | Proxy secret token (used for communication with the Hub) | `""` | +| `proxy.command` | Override Proxy default command | `[]` | +| `proxy.args` | Override Proxy default args | `[]` | +| `proxy.extraEnvVars` | Add extra environment variables to the Proxy container | `[]` | +| `proxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `proxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `proxy.containerPort.api` | Proxy api container port | `8001` | +| `proxy.containerPort.metrics` | Proxy metrics container port | `8002` | +| `proxy.containerPort.http` | Proxy http container port | `8000` | +| `proxy.startupProbe.enabled` | Enable startupProbe on Proxy containers | `true` | +| `proxy.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `proxy.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `proxy.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `proxy.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | +| `proxy.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `proxy.livenessProbe.enabled` | Enable livenessProbe on Proxy containers | `true` | +| `proxy.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `proxy.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `proxy.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | +| `proxy.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | +| `proxy.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `proxy.readinessProbe.enabled` | Enable readinessProbe on Proxy containers | `true` | +| `proxy.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `proxy.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `proxy.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `proxy.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | +| `proxy.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `proxy.customStartupProbe` | Override default startup probe | `{}` | +| `proxy.customLivenessProbe` | Override default liveness probe | `{}` | +| `proxy.customReadinessProbe` | Override default readiness probe | `{}` | +| `proxy.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if proxy.resources is set (proxy.resources is recommended for production). | `nano` | +| `proxy.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `proxy.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `proxy.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `proxy.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `proxy.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `proxy.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `proxy.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `proxy.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | +| `proxy.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `proxy.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `proxy.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `proxy.podSecurityContext.enabled` | Enabled Proxy pods' Security Context | `true` | +| `proxy.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `proxy.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `proxy.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `proxy.podSecurityContext.fsGroup` | Set Proxy pod's Security Context fsGroup | `1001` | +| `proxy.lifecycleHooks` | Add lifecycle hooks to the Proxy deployment | `{}` | +| `proxy.automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `proxy.hostAliases` | Add deployment host aliases | `[]` | +| `proxy.podLabels` | Add extra labels to the Proxy pods | `{}` | +| `proxy.podAnnotations` | Add extra annotations to the Proxy pods | `{}` | +| `proxy.podAffinityPreset` | Pod affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `proxy.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `proxy.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `proxy.nodeAffinityPreset.key` | Node label key to match. Ignored if `proxy.affinity` is set | `""` | +| `proxy.nodeAffinityPreset.values` | Node label values to match. Ignored if `proxy.affinity` is set | `[]` | +| `proxy.affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `proxy.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `proxy.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `proxy.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `proxy.priorityClassName` | Priority Class Name | `""` | +| `proxy.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `proxy.terminationGracePeriodSeconds` | Seconds Proxy pod needs to terminate gracefully | `""` | +| `proxy.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `proxy.updateStrategy.rollingUpdate` | Proxy deployment rolling update configuration parameters | `{}` | +| `proxy.extraVolumes` | Optionally specify extra list of additional volumes for Proxy pods | `[]` | +| `proxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Proxy container(s) | `[]` | +| `proxy.initContainers` | Add additional init containers to the Proxy pods | `[]` | +| `proxy.sidecars` | Add additional sidecar containers to the Proxy pod | `[]` | +| `proxy.pdb.create` | Deploy Proxy PodDisruptionBudget | `false` | +| `proxy.pdb.minAvailable` | Set minimum available proxy instances | `""` | +| `proxy.pdb.maxUnavailable` | Set maximum available proxy instances | `""` | ### Proxy RBAC Parameters @@ -650,125 +650,125 @@ There are cases where you may want to deploy extra objects, such a ConfigMap con ### Image puller deployment parameters -| Name | Description | Value | -| --------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | -| `imagePuller.enabled` | Deploy ImagePuller daemonset | `true` | -| `imagePuller.command` | Override ImagePuller default command | `[]` | -| `imagePuller.args` | Override ImagePuller default args | `[]` | -| `imagePuller.extraEnvVars` | Add extra environment variables to the ImagePuller container | `[]` | -| `imagePuller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `imagePuller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `imagePuller.livenessProbe.enabled` | Enable livenessProbe on ImagePuller containers | `true` | -| `imagePuller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `1` | -| `imagePuller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `imagePuller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | -| `imagePuller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | -| `imagePuller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `imagePuller.readinessProbe.enabled` | Enable readinessProbe on ImagePuller containers | `true` | -| `imagePuller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `1` | -| `imagePuller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `imagePuller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `imagePuller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | -| `imagePuller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `imagePuller.startupProbe.enabled` | Enable startupProbe on ImagePuller containers | `false` | -| `imagePuller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `1` | -| `imagePuller.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `imagePuller.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `imagePuller.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | -| `imagePuller.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `imagePuller.customStartupProbe` | Override default startup probe | `{}` | -| `imagePuller.customLivenessProbe` | Override default liveness probe | `{}` | -| `imagePuller.customReadinessProbe` | Override default readiness probe | `{}` | -| `imagePuller.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if imagePuller.resources is set (imagePuller.resources is recommended for production). | `nano` | -| `imagePuller.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `imagePuller.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `imagePuller.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `imagePuller.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `imagePuller.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `imagePuller.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `imagePuller.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `imagePuller.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `imagePuller.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `imagePuller.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `imagePuller.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `imagePuller.podSecurityContext.enabled` | Enabled ImagePuller pods' Security Context | `true` | -| `imagePuller.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `imagePuller.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `imagePuller.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `imagePuller.podSecurityContext.fsGroup` | Set ImagePuller pod's Security Context fsGroup | `1001` | -| `imagePuller.lifecycleHooks` | Add lifecycle hooks to the ImagePuller deployment | `{}` | -| `imagePuller.hostAliases` | Add deployment host aliases | `[]` | -| `imagePuller.podLabels` | Pod extra labels | `{}` | -| `imagePuller.podAnnotations` | Annotations for ImagePuller pods | `{}` | -| `imagePuller.podAffinityPreset` | Pod affinity preset. Ignored if `imagePuller.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imagePuller.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `imagePuller.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `imagePuller.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `imagePuller.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imagePuller.nodeAffinityPreset.key` | Node label key to match. Ignored if `imagePuller.affinity` is set | `""` | -| `imagePuller.nodeAffinityPreset.values` | Node label values to match. Ignored if `imagePuller.affinity` is set | `[]` | -| `imagePuller.affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `imagePuller.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `imagePuller.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `imagePuller.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `imagePuller.priorityClassName` | Priority Class Name | `""` | -| `imagePuller.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `imagePuller.terminationGracePeriodSeconds` | Seconds ImagePuller pod needs to terminate gracefully | `""` | -| `imagePuller.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `imagePuller.updateStrategy.rollingUpdate` | ImagePuller deployment rolling update configuration parameters | `{}` | -| `imagePuller.extraVolumes` | Optionally specify extra list of additional volumes for ImagePuller pods | `[]` | -| `imagePuller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for ImagePuller container(s) | `[]` | -| `imagePuller.initContainers` | Add additional init containers to the ImagePuller pods | `[]` | -| `imagePuller.sidecars` | Add additional sidecar containers to the ImagePuller pod | `[]` | -| `imagePuller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `imagePuller.serviceAccount.name` | Override image puller service account name | `""` | -| `imagePuller.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | -| `imagePuller.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `imagePuller.networkPolicy.enabled` | Deploy imagePuller network policies | `true` | -| `imagePuller.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `imagePuller.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `imagePuller.networkPolicy.extraEgress` | Add extra egress rules to the NetworkPolicy | `[]` | +| Name | Description | Value | +| --------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | +| `imagePuller.enabled` | Deploy ImagePuller daemonset | `true` | +| `imagePuller.command` | Override ImagePuller default command | `[]` | +| `imagePuller.args` | Override ImagePuller default args | `[]` | +| `imagePuller.extraEnvVars` | Add extra environment variables to the ImagePuller container | `[]` | +| `imagePuller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `imagePuller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `imagePuller.livenessProbe.enabled` | Enable livenessProbe on ImagePuller containers | `true` | +| `imagePuller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `1` | +| `imagePuller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `imagePuller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | +| `imagePuller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | +| `imagePuller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `imagePuller.readinessProbe.enabled` | Enable readinessProbe on ImagePuller containers | `true` | +| `imagePuller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `1` | +| `imagePuller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `imagePuller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `imagePuller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | +| `imagePuller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `imagePuller.startupProbe.enabled` | Enable startupProbe on ImagePuller containers | `false` | +| `imagePuller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `1` | +| `imagePuller.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `imagePuller.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `imagePuller.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | +| `imagePuller.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `imagePuller.customStartupProbe` | Override default startup probe | `{}` | +| `imagePuller.customLivenessProbe` | Override default liveness probe | `{}` | +| `imagePuller.customReadinessProbe` | Override default readiness probe | `{}` | +| `imagePuller.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if imagePuller.resources is set (imagePuller.resources is recommended for production). | `nano` | +| `imagePuller.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `imagePuller.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `imagePuller.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `imagePuller.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `imagePuller.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `imagePuller.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `imagePuller.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `imagePuller.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | +| `imagePuller.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `imagePuller.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `imagePuller.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `imagePuller.podSecurityContext.enabled` | Enabled ImagePuller pods' Security Context | `true` | +| `imagePuller.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `imagePuller.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `imagePuller.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `imagePuller.podSecurityContext.fsGroup` | Set ImagePuller pod's Security Context fsGroup | `1001` | +| `imagePuller.lifecycleHooks` | Add lifecycle hooks to the ImagePuller deployment | `{}` | +| `imagePuller.hostAliases` | Add deployment host aliases | `[]` | +| `imagePuller.podLabels` | Pod extra labels | `{}` | +| `imagePuller.podAnnotations` | Annotations for ImagePuller pods | `{}` | +| `imagePuller.podAffinityPreset` | Pod affinity preset. Ignored if `imagePuller.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imagePuller.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `imagePuller.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `imagePuller.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `imagePuller.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imagePuller.nodeAffinityPreset.key` | Node label key to match. Ignored if `imagePuller.affinity` is set | `""` | +| `imagePuller.nodeAffinityPreset.values` | Node label values to match. Ignored if `imagePuller.affinity` is set | `[]` | +| `imagePuller.affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `imagePuller.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `imagePuller.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `imagePuller.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `imagePuller.priorityClassName` | Priority Class Name | `""` | +| `imagePuller.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `imagePuller.terminationGracePeriodSeconds` | Seconds ImagePuller pod needs to terminate gracefully | `""` | +| `imagePuller.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `imagePuller.updateStrategy.rollingUpdate` | ImagePuller deployment rolling update configuration parameters | `{}` | +| `imagePuller.extraVolumes` | Optionally specify extra list of additional volumes for ImagePuller pods | `[]` | +| `imagePuller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for ImagePuller container(s) | `[]` | +| `imagePuller.initContainers` | Add additional init containers to the ImagePuller pods | `[]` | +| `imagePuller.sidecars` | Add additional sidecar containers to the ImagePuller pod | `[]` | +| `imagePuller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `imagePuller.serviceAccount.name` | Override image puller service account name | `""` | +| `imagePuller.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | +| `imagePuller.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `imagePuller.networkPolicy.enabled` | Deploy imagePuller network policies | `true` | +| `imagePuller.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `imagePuller.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `imagePuller.networkPolicy.extraEgress` | Add extra egress rules to the NetworkPolicy | `[]` | ### Singleuser deployment parameters -| Name | Description | Value | -| -------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | -| `singleuser.image.registry` | Single User image registry | `REGISTRY_NAME` | -| `singleuser.image.repository` | Single User image repository | `REPOSITORY_NAME/jupyter-base-notebook` | -| `singleuser.image.digest` | Single User image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `singleuser.image.pullPolicy` | Single User image pull policy | `IfNotPresent` | -| `singleuser.image.pullSecrets` | Single User image pull secrets | `[]` | -| `singleuser.notebookDir` | Notebook directory (it will be the same as the PVC volume mount) | `/opt/bitnami/jupyterhub-singleuser` | -| `singleuser.allowPrivilegeEscalation` | Controls whether a process can gain more privileges than its parent process | `false` | -| `singleuser.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `singleuser.command` | Override Single User default command | `[]` | -| `singleuser.extraEnvVars` | Extra environment variables that should be set for the user pods | `[]` | -| `singleuser.containerPorts.http` | Single User container port | `8888` | -| `singleuser.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if singleuser.resources is set (singleuser.resources is recommended for production). | `small` | -| `singleuser.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `singleuser.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `singleuser.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `singleuser.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `singleuser.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `singleuser.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `singleuser.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `singleuser.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `singleuser.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `singleuser.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `singleuser.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `singleuser.podSecurityContext.enabled` | Enabled Single User pods' Security Context | `true` | -| `singleuser.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `singleuser.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `singleuser.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `singleuser.podSecurityContext.fsGroup` | Set Single User pod's Security Context fsGroup | `1001` | -| `singleuser.podLabels` | Extra labels for Single User pods | `{}` | -| `singleuser.podAnnotations` | Annotations for Single User pods | `{}` | -| `singleuser.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `singleuser.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `singleuser.priorityClassName` | Single User pod priority class name | `""` | -| `singleuser.lifecycleHooks` | Add lifecycle hooks to the Single User deployment to automate configuration before or after startup | `{}` | -| `singleuser.extraVolumes` | Optionally specify extra list of additional volumes for Single User pods | `[]` | -| `singleuser.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Single User container(s) | `[]` | -| `singleuser.initContainers` | Add additional init containers to the Single User pods | `[]` | -| `singleuser.sidecars` | Add additional sidecar containers to the Single User pod | `[]` | +| Name | Description | Value | +| -------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | +| `singleuser.image.registry` | Single User image registry | `REGISTRY_NAME` | +| `singleuser.image.repository` | Single User image repository | `REPOSITORY_NAME/jupyter-base-notebook` | +| `singleuser.image.digest` | Single User image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `singleuser.image.pullPolicy` | Single User image pull policy | `IfNotPresent` | +| `singleuser.image.pullSecrets` | Single User image pull secrets | `[]` | +| `singleuser.notebookDir` | Notebook directory (it will be the same as the PVC volume mount) | `/opt/bitnami/jupyterhub-singleuser` | +| `singleuser.allowPrivilegeEscalation` | Controls whether a process can gain more privileges than its parent process | `false` | +| `singleuser.automountServiceAccountToken` | Mount Service Account token in pod | `false` | +| `singleuser.command` | Override Single User default command | `[]` | +| `singleuser.extraEnvVars` | Extra environment variables that should be set for the user pods | `[]` | +| `singleuser.containerPorts.http` | Single User container port | `8888` | +| `singleuser.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if singleuser.resources is set (singleuser.resources is recommended for production). | `small` | +| `singleuser.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `singleuser.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `singleuser.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `singleuser.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `singleuser.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | +| `singleuser.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `singleuser.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `singleuser.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | +| `singleuser.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `singleuser.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `singleuser.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `singleuser.podSecurityContext.enabled` | Enabled Single User pods' Security Context | `true` | +| `singleuser.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `singleuser.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `singleuser.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `singleuser.podSecurityContext.fsGroup` | Set Single User pod's Security Context fsGroup | `1001` | +| `singleuser.podLabels` | Extra labels for Single User pods | `{}` | +| `singleuser.podAnnotations` | Annotations for Single User pods | `{}` | +| `singleuser.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `singleuser.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `singleuser.priorityClassName` | Single User pod priority class name | `""` | +| `singleuser.lifecycleHooks` | Add lifecycle hooks to the Single User deployment to automate configuration before or after startup | `{}` | +| `singleuser.extraVolumes` | Optionally specify extra list of additional volumes for Single User pods | `[]` | +| `singleuser.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Single User container(s) | `[]` | +| `singleuser.initContainers` | Add additional init containers to the Single User pods | `[]` | +| `singleuser.sidecars` | Add additional sidecar containers to the Single User pod | `[]` | ### Single User RBAC parameters