kennyh
/
emqx4.3


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214
							## Default values for emqx.
## This is a YAML-formatted file.
## Declare variables to be passed into your templates.

## It is recommended to have odd number of nodes in a cluster, otherwise the emqx cluster cannot be automatically healed in case of net-split.
replicaCount: 3
image:
  repository: emqx/emqx
  pullPolicy: IfNotPresent
  ## Optionally specify an array of imagePullSecrets.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ##
  # pullSecrets:
  # - myRegistryKeySecretName


# The name of a secret in the same kubernetes namespace which contains values to
# be added to the environment (must be manually created)
# This can be useful for passwords and logins, etc.

# envFromSecret: "emqx-secrets"

## Forces the recreation of pods during helm upgrades. This can be useful to update configuration values even if the container image did not change.
recreatePods: false

podAnnotations: {}

# Pod deployment policy
# value: OrderedReady | Parallel
# To redeploy a chart with existing PVC(s), the value must be set to Parallel to avoid deadlock
podManagementPolicy: Parallel

persistence:
  enabled: false
  size: 20Mi
  storageClassName: ""
  accessMode: ReadWriteOnce
  ## Existing PersistentVolumeClaims
  ## The value is evaluated as a template
  ## So, for example, the name can depend on .Release or .Chart
  # existingClaim: ""

resources: {}
  # limits:
  #   cpu: 500m
  #   memory: 512Mi
  # requests:
  #   cpu: 500m
  #   memory: 512Mi

# Containers that run before the creation of EMQX containers. They can contain utilities or setup scripts.
initContainers: {}
  # - name: sysctl
  #   image: busybox
  #   securityContext:
  #     runAsUser: 0
  #     runAsGroup: 0
  #     capabilities:
  #       add:
  #       - SYS_ADMIN
  #       drop:
  #       - ALL
  #   command:
  #     - /bin/sh
  #     - -c
  #     - |
  #       mount -o remount rw /proc/sys
  #       sysctl -w net.core.somaxconn=65535
  #       sysctl -w net.ipv4.ip_local_port_range="1024 65535"
  #       sysctl -w kernel.core_uses_pid=0
  #       sysctl -w net.ipv4.tcp_tw_reuse=1
  #       sysctl -w fs.nr_open=1000000000
  #       sysctl -w fs.file-max=1000000000
  #       sysctl -w net.ipv4.ip_local_port_range='1025 65534'
  #       sysctl -w net.ipv4.udp_mem='74583000 499445000 749166000'
  #       sysctl -w net.ipv4.tcp_max_sync_backlog=163840
  #       sysctl -w net.core.netdev_max_backlog=163840
  #       sysctl -w net.core.optmem_max=16777216
  #       sysctl -w net.ipv4.tcp_rmem='1024 4096 16777216'
  #       sysctl -w net.ipv4.tcp_wmem='1024 4096 16777216'
  #       sysctl -w net.ipv4.tcp_max_tw_buckets=1048576
  #       sysctl -w net.ipv4.tcp_fin_timeout=15
  #       sysctl -w net.core.rmem_default=262144000
  #       sysctl -w net.core.wmem_default=262144000
  #       sysctl -w net.core.rmem_max=262144000
  #       sysctl -w net.core.wmem_max=262144000
  #       sysctl -w net.ipv4.tcp_mem='378150000  504200000  756300000'
  #       sysctl -w net.netfilter.nf_conntrack_max=1000000
  #       sysctl -w net.netfilter.nf_conntrack_tcp_timeout_time_wait=30

## EMQX configuration item, see the documentation (https://hub.docker.com/r/emqx/emqx)
emqxConfig:
  EMQX_CLUSTER__DISCOVERY_STRATEGY: "dns"
  EMQX_CLUSTER__DNS__NAME: "{{ .Release.Name }}-headless.{{ .Release.Namespace }}.svc.cluster.local"
  EMQX_CLUSTER__DNS__RECORD_TYPE: "srv"
  # EMQX_CLUSTER__DISCOVERY_STRATEGY: "k8s"
  # EMQX_CLUSTER__K8S__APISERVER: "https://kubernetes.default.svc:443"
  # EMQX_CLUSTER__K8S__SERVICE_NAME: "{{ .Release.Name }}-headless"
  # EMQX_CLUSTER__K8S__NAMESPACE: "{{ .Release.Namespace }}"
  ## The address type is used to extract host from k8s service.
  ## Value: ip | dns | hostname
  ## Note：Hostname is only supported after v4.0-rc.2
  EMQX_CLUSTER__K8S__ADDRESS_TYPE: "hostname"
  EMQX_CLUSTER__K8S__SUFFIX: "svc.cluster.local"
  ## if EMQX_CLUSTER__K8S__ADDRESS_TYPE eq dns
  # EMQX_CLUSTER__K8S__SUFFIX: "pod.cluster.local"
  EMQX_DASHBOARD__DEFAULT_USERNAME: "admin"
  EMQX_DASHBOARD__DEFAULT_PASSWORD: "public"

## EMQX Enterprise Edition requires manual creation of a Secret containing the licensed content. Write the name of Secret to the value of "emqxLicenseSecretName"
## Example:
##   kubectl create secret generic emqx-license-secret-name --from-file=/path/to/emqx.lic
emqxLicenseSecretName:

service:
  ## Service type
  ##
  type: ClusterIP
  ## Port for MQTT
  ##
  mqtt: 1883
  ## Port for MQTT(SSL)
  ##
  mqttssl: 8883
  ## Port for mgmt API
  ##
  mgmt: 8081
  ## Port for WebSocket/HTTP
  ##
  ws: 8083
  ## Port for WSS/HTTPS
  ##
  wss: 8084
  ## Port for dashboard
  ##
  dashboard: 18083
  ## Port for dashboard HTTPS
  ##
  # dashboardtls: 18084
  ## Specify the nodePort(s) value for the LoadBalancer and NodePort service types.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
  ##
  nodePorts:
    mqtt:
    mqttssl:
    mgmt:
    ws:
    wss:
    dashboard:
    dashboardtls:
  ## Set the LoadBalancer service type to internal only.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
  ##
  # loadBalancerIP:
  ## Load Balancer sources
  ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
  ## Example:
  ## loadBalancerSourceRanges:
  ## - 10.10.10.0/24
  ##
  loadBalancerSourceRanges: []
  ## Set the ExternalIPs
  ##
  externalIPs: []
  ## Provide any additional annotations which may be required. Evaluated as a template
  ##
  annotations: {}

nodeSelector: {}

tolerations: []

affinity: {}

ingress:
  ## ingress for EMQX Dashboard
  dashboard:
    enabled: false
    # ingressClassName: nginx
    annotations: {}
      # kubernetes.io/ingress.class: nginx
      # kubernetes.io/tls-acme: "true"
    path: /
    pathType: ImplementationSpecific
    hosts:
    - dashboard.emqx.local
    tls: []

podSecurityContext:
  enabled: true
  fsGroup: 1000
  fsGroupChangePolicy: Always
  runAsUser: 1000
  supplementalGroups:
    - 1000

containerSecurityContext:
  enabled: true
  runAsNonRoot: true
  runAsUser: 1000

metrics:
  enabled: false
  type: prometheus

ssl:
  enabled: false
  useExisting: false
  existingName: emqx-tls
  dnsnames: {}
  issuer:
    name: letsencrypt-dns
    kind: ClusterIssuer