-
Notifications
You must be signed in to change notification settings - Fork 1
/
values.yaml
81 lines (65 loc) · 2.75 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
image: openidentityplatform/opendj:4.4.3
imagePullPolicy: IfNotPresent
imagePullSecret: mcs-registry
useSecurity: true
# The number of instances in the StatefulSet. Each instance is a combined DS/RS pair.
# You can not change this after installation.
replicas: 1
# Size for DS database storage. Note GKE IOPS scale based on the size of the volume.
storageSize: "3Gi"
# Set storageClass
storageClass: "hdd"
# You need to be on JDK 8u131 or higher to enable these options.
# todo: find JDK 11 args
#javaArgs: "-server -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -XX:+UseCompressedOops -XX:+UseG1GC -XX:MaxGCPauseMillis=100 -XX:MaxRAMFraction=2"
# These defaults work for a small test instance
javaArgs: "-server -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -XX:+UseCompressedOops -XX:+UseG1GC -XX:MaxGCPauseMillis=100 -XX:MaxRAMFraction=2"
networkPolicy:
## Enable creation of NetworkPolicy resources.
##
enabled: false
service:
## Kubernetes service type
type: ClusterIP
clusterIP: None
annotations: {}
loadBalancerIP:
# Resource limits.
# These help for pod placement in a larger cluster to ensure the DS instance gets sufficient resources.
# The default values are artificially low.
# For production, you will want to increase them.
resources:
#securityContext:
#lifecycle: {}
requests:
memory: 1024Mi
limits:
memory: 2048Mi
# DS persistence switch. Setting this to false disables volume claims - all data is stored inside the docker image.
# Used in testing environments without pv providers. When the pod is terminated, the DS data will be deleted!
persistence: true
# Pod Anti Affinity switch. For production this should be set to "hard", otherwise use "soft".
# The hard setting will force ds pods to be spread out over multiple hosts/zones. soft is best effort
# but pods will still be scheduled together if sufficient resources are not available.
podAntiAffinity: "soft"
# This is the exact value for TopologyKey. The other possible value is "failure-domain.beta.kubernetes.io/zone"
# which will ensure that pod is scheduled on nodes in different zones thus allowing for HA across zones.
# Note you want to leave this value as is if you are deploying a single zone cluster and change the values only
# if you have a multi-zone cluster.
topologyKey: "kubernetes.io/hostname"
# This will make sure the mounted PVCs are writable by the user with gid 111111.
securityContext:
runAsUser: 0
fsGroup: 0
runAsNonRoot: false
# supplementalGroups: [ 0, 27 ]
opendj:
port: 1389
ldapsPort: 1636
addBaseEntry: "--addBaseEntry"
baseDN: "dc=directory"
rootUserDN: "cn=Directory Manager"
rootPassword: "devqaldappwd"
secretVolume: ""
replicationType: "simple"
sslOptions: "--generateSelfSignedCertificate"