docs: updating helm configuration (#8973)

Added helm configs that were changed/added in vault-helm
0.5.0. Also corrected the data type of a few config parameters.
This commit is contained in:
Theron Voran 2020-05-18 11:08:40 -07:00 committed by GitHub
parent 6cb26312af
commit b7a9fb8566
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -19,7 +19,7 @@ and consider if they're appropriate for your deployment.
- `enabled` (`boolean: true`) - The master enabled/disabled configuration. If this is true, most components will be installed by default. If this is false, no components will be installed by default and manually opting-in is required, such as by setting `server.enabled` to true. - `enabled` (`boolean: true`) - The master enabled/disabled configuration. If this is true, most components will be installed by default. If this is false, no components will be installed by default and manually opting-in is required, such as by setting `server.enabled` to true.
- `imagePullSecrets` (`string: ""`) - Defines secrets to be used when pulling images from private registries. - `imagePullSecrets` (`array: []`) - References secrets to be used when pulling images from private registries. See [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) for more details.
- `name`: (`string: required`) - Name of the secret containing files required for authentication to private image registries. - `name`: (`string: required`) - Name of the secret containing files required for authentication to private image registries.
@ -45,23 +45,30 @@ and consider if they're appropriate for your deployment.
- `tag` (`string: "1.3.1"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar. **Vault 1.3.1+ is required by the admission controller**. - `tag` (`string: "1.3.1"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar. **Vault 1.3.1+ is required by the admission controller**.
- `resources` (`string: ""`) - The resource requests and limits (CPU, memory, etc.) for each of the server. This should be a multi-line string mapping directly to a Kubernetes [ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#resourcerequirements-v1-core) object. If this isn't specified, then the pods won't request any specific amount of resources.<br /> **Setting this is highly recommended.** - `authPath` (`string: "auth/kubernetes"`) - Mount path of the Vault Kubernetes Auth Method.
- `logLevel` (`string: "info"`) - Configures the log verbosity of the injector. Supported log levels: trace, debug, error, warn, info.
- `logFormat` (`string: "standard"`) - Configures the log format of the injector. Supported log formats: "standard", "json".
- `revokeOnShutdown` (`boolean: false`) - Configures all Vault Agent sidecars to revoke their token when shutting down.
- `resources` (`dictionary: {}`) - The resource requests and limits (CPU, memory, etc.) for each container of the server. This should be a YAML dictionary of a Kubernetes [ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.15/#resourcerequirements-v1-core) object. If this isn't specified, then the pods won't request any specific amount of resources, which limits the ability for Kubernetes to make efficient use of compute resources.<br /> **Setting this is highly recommended.**
```yaml ```yaml
# Resources are defined as a formatted multi-line string: resources:
resources: |
requests: requests:
memory: "10Gi" memory: "10Gi"
limits: limits:
memory: "10Gi" memory: "10Gi"
``` ```
- `namespaceSelector` (`string: ""`) - The selector used by the admission webhook controller to limit what namespaces where injection can happen. If set to null, all non-system namespaces are eligible for injection. - `namespaceSelector` (`dictionary: {}`) - The selector used by the admission webhook controller to limit what namespaces where injection can happen. If set to null, all non-system namespaces are eligible for injection.
```yaml ```yaml
# Selectors are defined as a formatted multi-line string. # Selectors are defined as a YAML dictionary.
# In this example, all namespaces with the label "injection: enabled" are eligible: # In this example, all namespaces with the label "injection: enabled" are eligible:
namespaceSelector: | namespaceSelector:
matchLabels: matchLabels:
injection: enabled injection: enabled
``` ```
@ -76,6 +83,14 @@ and consider if they're appropriate for your deployment.
- `keyName` (`string: "tls.key"`) - The name of the key file within the `secretName` secret. - `keyName` (`string: "tls.key"`) - The name of the key file within the `secretName` secret.
- `extraEnvironmentVars` (`dictionary: {}`) - Extra environment variables to set in the injector deployment.
- `affinity` (`string: null`) - Affinity Settings for injector pods. This should be a multi-line string matching the affinity section of a PodSpec.
- `tolerations` (`string: null`) - Toleration Settings for injector pods. This should be a multi-line string matching the Toleration array in a PodSpec.
- `nodeSelector` (`string: null`) - nodeSelector labels for injector pod assignment, formatted as a muli-line string.
- `server` - Values that configure running a Vault server within Kubernetes. - `server` - Values that configure running a Vault server within Kubernetes.
- `image` - Values that configure the Vault Docker image. - `image` - Values that configure the Vault Docker image.
@ -88,11 +103,10 @@ and consider if they're appropriate for your deployment.
- `updateStrategyType` (`string: "OnDelete"`) - Configure the [Update Strategy Type](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies) for the StatefulSet. - `updateStrategyType` (`string: "OnDelete"`) - Configure the [Update Strategy Type](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies) for the StatefulSet.
- `resources` (`string: null`) - The resource requests and limits (CPU, memory, etc.) for each of the server. This should be a multi-line string mapping directly to a Kubernetes [ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#resourcerequirements-v1-core) object. If this isn't specified, then the pods won't request any specific amount of resources. **Setting this is highly recommended.** - `resources` (`dictionary: {}`) - The resource requests and limits (CPU, memory, etc.) for each container of the server. This should be a YAML dictionary of a Kubernetes [ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.15/#resourcerequirements-v1-core) object. If this isn't specified, then the pods won't request any specific amount of resources, which limits the ability for Kubernetes to make efficient use of compute resources. **Setting this is highly recommended.**
```yaml ```yaml
# Resources are defined as a formatted multi-line string: resources:
resources: |
requests: requests:
memory: "10Gi" memory: "10Gi"
limits: limits:
@ -103,6 +117,8 @@ and consider if they're appropriate for your deployment.
- `enabled` (`boolean: false`) - When set to `true`, an [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) service will be created. - `enabled` (`boolean: false`) - When set to `true`, an [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) service will be created.
- `labels` (`dictionary: {}`) - Labels for the ingress service.
- `annotations` (`string`) - This value defines additional annotations to add to the Ingress service. This should be formatted as a multi-line string. - `annotations` (`string`) - This value defines additional annotations to add to the Ingress service. This should be formatted as a multi-line string.
```yaml ```yaml
@ -178,7 +194,7 @@ and consider if they're appropriate for your deployment.
env: ... env: ...
``` ```
- `extraEnvironmentVars` - The extra environment variables to be applied to the Vault server. This should be a multi-line key/value string. - `extraEnvironmentVars` (`dictionary: {}`) - The extra environment variables to be applied to the Vault server.
```yaml ```yaml
# Extra Environment Variables are defined as key/value strings. # Extra Environment Variables are defined as key/value strings.
@ -268,10 +284,10 @@ and consider if they're appropriate for your deployment.
disktype: ssd disktype: ssd
``` ```
- `extraLabels` - This value defines additional labels for server pods. This should be formatted as a multi-line string. - `extraLabels` (`dictionary: {}`) - This value defines additional labels for server pods.
```yaml ```yaml
extraLabels: | extraLabels:
"sample/label1": "foo" "sample/label1": "foo"
"sample/label2": "bar" "sample/label2": "bar"
``` ```