forked from PrefectHQ/prefect-helm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalues.yaml
232 lines (201 loc) · 8.33 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
## Common parameters
# -- partially overrides common.names.name
nameOverride: ""
# -- fully override common.names.fullname
fullnameOverride: "prefect-worker"
# -- fully override common.names.namespace
namespaceOverride: ""
# -- labels to add to all deployed objects
commonLabels: {}
# -- annotations to add to all deployed objects
commonAnnotations: {}
## Deployment Configuration
worker:
# -- unique cluster identifier, if none is provided this value will be infered at time of helm install
clusterUid: ""
image:
# -- worker image repository
repository: prefecthq/prefect
## prefect tag is pinned to the latest available image tag at packaging time. Update the value here to
## override pinned tag
# -- prefect image tag (immutable tags are recommended)
prefectTag: 2-python3.11-kubernetes
# -- worker image pull policy
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
# -- worker image pull secrets
pullSecrets: []
# -- enable worker image debug mode
debug: false
## general configuration of the worker
config:
# -- the work pool that your started worker will poll.
workPool: ""
# -- one or more work queue names for the worker to pull from. if not provided, the worker will pull from all work queues in the work pool
workQueues: []
# -- how often the worker will query for runs
queryInterval: 5
# -- when querying for runs, how many seconds in the future can they be scheduled
prefetchSeconds: 10
# -- connect using HTTP/2 if the server supports it (experimental)
http2: true
## You can set the worker type here.
## The default image includes only the type "kubernetes".
## Custom workers must be properly registered with the prefect cli.
## See the guide here: https://docs.prefect.io/2.11.3/guides/deployment/developing-a-new-worker-type/
# -- specify the worker type
type: kubernetes
## one of 'always', 'if-not-present', 'never', 'prompt'
# -- install policy to use workers from Prefect integration packages.
installPolicy: prompt
# -- the name to give to the started worker. If not provided, a unique name will be generated.
name: null
# -- maximum number of flow runs to start simultaneously (default: unlimited)
limit: null
# -- JSON formatted base job template. If unspecified, Prefect will use the default base job template for the given worker type. If the work pool already exists, this will be ignored.
baseJobTemplate: null
## connection settings
# -- one of 'cloud', 'selfHosted', or 'server'
apiConfig: "cloud"
cloudApiConfig:
# -- prefect account ID
accountId: ""
# -- prefect workspace ID
workspaceId: ""
apiKeySecret:
# -- prefect API secret name
name: prefect-api-key
# -- prefect API secret key
key: key
# -- prefect cloud API url; the full URL is constructed as https://cloudUrl/accounts/accountId/workspaces/workspaceId
cloudUrl: https://api.prefect.cloud/api
selfHostedCloudApiConfig:
# -- prefect API url (PREFECT_API_URL)
apiUrl: ""
# -- prefect account ID
accountId: ""
# -- prefect workspace ID
workspaceId: ""
apiKeySecret:
# -- prefect API secret name
name: prefect-api-key
# -- prefect API secret key
key: key
# -- self hosted UI url
uiUrl: ""
serverApiConfig:
# If the prefect server is located external to this cluster, set a fully qualified domain name as the apiUrl
# If the prefect server pod is deployed to this cluster, use the cluster DNS endpoint: http://<prefect-server-service-name>.<namespace>.svc.cluster.local:<prefect-server-port>/api
# -- prefect API url (PREFECT_API_URL)
apiUrl: ""
# -- prefect UI url
uiUrl: http://localhost:4200
# -- number of worker replicas to deploy
replicaCount: 1
resources:
# -- the requested resources for the worker container
requests:
memory: 256Mi
cpu: 100m
# -- the requested limits for the worker container
limits:
memory: 1Gi
cpu: 1000m
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
livenessProbe:
enabled: false
config:
# -- The number of seconds to wait before starting the first probe.
initialDelaySeconds: 10
# -- The number of seconds to wait between consecutive probes.
periodSeconds: 10
# -- The number of seconds to wait for a probe response before considering it as failed.
timeoutSeconds: 5
# -- The number of consecutive failures allowed before considering the probe as failed.
failureThreshold: 3
# -- The minimum consecutive successes required to consider the probe successful.
successThreshold: 1
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
# -- set worker pod's security context runAsUser
runAsUser: 1001
# -- set worker pod's security context runAsNonRoot
runAsNonRoot: true
# -- set worker pod's security context fsGroup
fsGroup: 1001
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass
# -- priority class name to use for the worker pods; if the priority class is empty or doesn't exist, the worker pods are scheduled without a priority class
priorityClassName: ""
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
containerSecurityContext:
# -- set worker containers' security context runAsUser
runAsUser: 1001
# -- set worker containers' security context runAsNonRoot
runAsNonRoot: true
# -- set worker containers' security context readOnlyRootFilesystem
readOnlyRootFilesystem: true
# -- set worker containers' security context allowPrivilegeEscalation
allowPrivilegeEscalation: false
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
# -- extra labels for worker pod
podLabels: {}
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
# -- extra annotations for worker pod
podAnnotations: {}
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
# -- affinity for worker pods assignment
affinity: {}
## ref: https://kubernetes.io/docs/user-guide/node-selection/
# -- node labels for worker pods assignment
nodeSelector: {}
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
# -- tolerations for worker pods assignment
tolerations: []
## List of extra env vars
## e.g:
## extraEnvVars:
## - name: FOO
## value: "bar"
# -- array with extra environment variables to add to worker nodes
extraEnvVars: []
# -- name of existing ConfigMap containing extra env vars to add to worker nodes
extraEnvVarsCM: ""
# -- name of existing Secret containing extra env vars to add to worker nodes
extraEnvVarsSecret: ""
# -- additional sidecar containers
extraContainers: []
# -- array with extra volumes for the worker pod
extraVolumes: []
# -- array with extra volumeMounts for the worker pod
extraVolumeMounts: []
# -- array with extra Arguments for the worker container to start with
extraArgs: []
## ServiceAccount configuration
serviceAccount:
# -- specifies whether a ServiceAccount should be created
create: true
# -- the name of the ServiceAccount to use. if not set and create is true, a name is generated using the common.names.fullname template
name: ""
# -- additional service account annotations (evaluated as a template)
annotations: {}
## Role configuration
role:
# -- specifies whether a Role should be created
create: true
## List of extra role permissions
## e.g:
## extraPermissions:
## - apiGroups: [""]
## resources: ["pods", "services"]
## verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
# -- array with extra permissions to add to the worker role
extraPermissions: []
## RoleBinding configuration
rolebinding:
# -- specifies whether a RoleBinding should be created
create: true