charts/direktiv/README.md
# direktiv
direktiv helm chart
  
## Additional Information
This chart installs direktiv.
### Changes in 0.1.21
* Changed ui image name to frontend
* Changed ingress configuration for API and frontend
* Version upgrade
### Changes in 0.1.20
* Direktiv version upgrade
* Resources CPU/Memory configurable
### Changes in 0.1.19
* Fixed image commands
### Changes in 0.1.18
* Fixed image references
### Changes in 0.1.17
*Direktiv version upgrade*
### Changes in 0.1.16
*Direktiv version upgrade*
### Changes in 0.1.15
* Deprecated unused function configuration items
* Added disk size to small, medium, large function settings
* Added permission to watch configmaps to function deployment
* Updated dependencies (Prometheus, Nginx)
### Changes in 0.1.14
* Added helm labels to function namespace
* Updated prometheus, nginx dependencies
### Changes in 0.1.13
* Added function namespace generation automatically
* Added update strategy for deployments
* Ingresses are optional, default true
### Changes in 0.1.12
*Version upgrade*
### Changes in 0.1.11
*Version upgrade*
### Changes in 0.1.10
*Version upgrade*
*Added API secret*
### Changes in 0.1.9
*Version fix*
### Changes in 0.1.8
*Version upgrade*
### Changes in 0.1.7
*Version upgrade*
### Changes in 0.1.6
*Flow filesystem is writable for git integration*
### Changes in 0.1.3
*creating of service accounts is optional*
*added `additional` for additional attribuites for db connections*
*make the cpu/mem limits for knative containers configurable*
*multiple replicas have now requiredDuringSchedulingIgnoredDuringExecution podAntiAffinity*
### Changes in 0.1.2
*Removed unnecessary environment variables in UI deployment*
*Fixed typo in opentelemetry config*
## Installing the Chart
To install the chart with the release name `direktiv`:
```console
$ kubectl create ns direktiv-services-direktiv
$ helm repo add direktiv https://charts.direktiv.io
$ helm install direktiv direktiv/direktiv
```
## Requirements
| Repository | Name | Version |
|------------|------|---------|
| https://fluent.github.io/helm-charts | fluent-bit | 0.43.0 |
| https://kubernetes.github.io/ingress-nginx | ingress-nginx | 4.9.0 |
| https://prometheus-community.github.io/helm-charts | prometheus | 25.8.2 |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| affinity | object | `{}` | |
| apikey | string | `"none"` | enabled api key for API authentication with the `direktiv-token` header |
| database.additional | string | `""` | additional connection attributes, e.g. target_session_attrs |
| database.host | string | `"postgres-postgresql-ha-pgpool.postgres"` | database host |
| database.name | string | `"direktiv"` | database name, has to be created before installation |
| database.password | string | `"direktivdirektiv"` | database password |
| database.port | int | `5432` | database port |
| database.sslmode | string | `"require"` | sslmode for database |
| database.user | string | `"direktiv"` | database user |
| flow.affinity | object | `{}` | affinity for flow pods |
| flow.containers.secrets.resources.limits.memory | string | `"512Mi"` | |
| flow.containers.secrets.resources.requests.memory | string | `"128Mi"` | |
| flow.debug | bool | `false` | Output debug-level logs. |
| flow.encryptionKey | string | `nil` | Set to define an encryption key to be used for secrets. If set to empty, one will be generated on install. |
| flow.extraContainers | list | `[]` | extra container in flow pod |
| flow.extraVariables | list | `[]` | extra environment variables in flow pod |
| flow.extraVolumeMounts | string | `nil` | extra volume mounts in flow pod |
| flow.extraVolumes | string | `nil` | extra volumes in flow pod |
| flow.max_scale | int | `5` | Knative max scale |
| flow.replicas | int | `1` | number of flow replicas |
| fluent-bit | object | `{"config":{"customParsers":"[PARSER]\n Name cri_direktiv\n Format regex\n Regex ^(?<time>[^ ]+) (?<stream>stdout|stderr) (?<logtag>[^ ]*) (?<log>.*)$\n Time_Key time\n Time_Format %Y-%m-%dT%H:%M:%S.%L%z\n","filters":"[FILTER]\n Name rewrite_tag\n Match input\n Rule $log ^.*\"track\":\"([^\"]+)\"[^}]*}$ flow.$1 true\n","inputs":"[INPUT]\n Name tail\n Path /var/log/containers/*flow*.log,/var/log/containers/*direktiv-sidecar*.log\n Mem_Buf_Limit 5MB\n Skip_Long_Lines Off\n Tag input\n Parser cri_direktiv\n Refresh_Interval 1\n Buffer_Max_Size 64k\n","outputs":"[OUTPUT]\n name pgsql\n match flow.*\n port 5432\n table fluentbit\n user ${PG_USER}\n database direktiv\n host ${PG_HOST}\n password ${PG_PASSWORD}\n"},"envFrom":[{"secretRef":{"name":"direktiv-fluentbit"}}],"install":true}` | fluentbit configuration |
| fluentbit.extraConfig | string | `""` | postgres for direktiv services Append extra output to fluentbit configuration. There are two log types: application (system), functions (workflows) these can be matched to new outputs. |
| frontend | object | `{"additionalAnnotations":{},"additionalLabels":{},"additionalSecEnvs":{},"backend":{"skip-verify":false,"url":null},"certificate":null,"command":"","extraConfig":null,"extraVariables":[],"image":"direktiv/frontend","logging":{"debug":true,"json":true},"logos":{"favicon":null,"icon-dark":null,"icon-light":null,"logo-dark":null,"logo-light":null},"replicas":1,"resources":{"limits":{"memory":"512Mi"},"requests":{"memory":"128Mi"}}}` | Frontend configuration |
| frontend.additionalAnnotations | object | `{}` | Additional Annotations for frontend |
| frontend.additionalLabels | object | `{}` | Additional Labels for frontend |
| frontend.additionalSecEnvs | object | `{}` | Additional secret environment variables |
| frontend.backend | object | `{"skip-verify":false,"url":null}` | Backend configuration for the workflow engine |
| frontend.backend.skip-verify | bool | `false` | Skip verifing TLS certificate if TLS is configured |
| frontend.backend.url | string | `nil` | Defaults to engine in the same namespace |
| frontend.certificate | string | `nil` | certificate secret for frontend |
| frontend.logging | object | `{"debug":true,"json":true}` | Logging setting for the UI |
| frontend.logging.debug | bool | `true` | Enable/Disable debug mode |
| frontend.logging.json | bool | `true` | Logging in JSON or console format |
| frontend.logos.favicon | string | `nil` | Path to favicon |
| frontend.logos.icon-dark | string | `nil` | Path to small, dark icon |
| frontend.logos.icon-light | string | `nil` | Path to small, light icon |
| frontend.logos.logo-dark | string | `nil` | Path to dark logo |
| frontend.logos.logo-light | string | `nil` | Path to light logo |
| functions.affinity | object | `{}` | |
| functions.containers.functionscontroller.resources.limits.memory | string | `"1024Mi"` | |
| functions.containers.functionscontroller.resources.requests.memory | string | `"128Mi"` | |
| functions.extraContainers | list | `[]` | extra containers for tasks and knative pods |
| functions.extraContainersPod | list | `[]` | extra containers for function controller, e.g. database containers for google cloud or logging |
| functions.extraVolumes | list | `[]` | extra volumes for tasks and knative pods |
| functions.ingressClass | string | `"contour.ingress.networking.knative.dev"` | |
| functions.limits | object | `{"cpu":{"large":1,"medium":"500m","small":"250m"},"disk":{"large":4096,"medium":1024,"small":256},"memory":{"large":2048,"medium":1024,"small":512}}` | knative service limits |
| functions.namespace | string | `"direktiv-services-direktiv"` | |
| functions.netShape | string | `nil` | Egress/Ingress network limit for functions if supported by network |
| functions.podCleaner | bool | `true` | Cleaning up tasks, Kubernetes < 1.20 does not clean finished tasks |
| functions.replicas | int | `1` | number of controller replicas |
| functions.runtime | string | `"default"` | runtime to use, e.g. gvisor on GCP |
| http_proxy | string | `""` | http proxy settings |
| https_proxy | string | `""` | https proxy settings |
| image | string | `"direktiv/direktiv"` | image for main direktiv binary |
| imagePullSecrets | list | `[]` | Container registry secrets. |
| ingress | object | `{"additionalAnnotations":{},"additionalLabels":{},"certificate":null,"class":"nginx","enabled":true,"host":null}` | knative eventing enabled, requires knative setup and configuration eventing: enabled: true |
| ingress-nginx | object | `{"controller":{"admissionWebhooks":{"patch":{"podAnnotations":{"linkerd.io/inject":"disabled"}}},"config":{"proxy-buffer-size":"16k"},"podAnnotations":{"linkerd.io/inject":"disabled"},"replicaCount":1},"install":true}` | nginx ingress controller configuration |
| ingress.additionalAnnotations | object | `{}` | Additional Annotations |
| ingress.additionalLabels | object | `{}` | Additional Labels |
| ingress.certificate | string | `nil` | TLS secret |
| ingress.class | string | `"nginx"` | Ingress class |
| ingress.host | string | `nil` | Host for external services, only required for TLS |
| no_proxy | string | `""` | no proxy proxy settings |
| nodeSelector | object | `{}` | |
| opentelemetry.agentconfig | string | `"receivers:\n otlp:\n protocols:\n grpc:\n http:\nexporters:\n otlp:\n endpoint: \"tempo.grafana.svc:4317\" # otel receivers grpc port for expl. tempo \n insecure: true\n sending_queue:\n num_consumers: 4\n queue_size: 100\n retry_on_failure:\n enabled: true\n logging:\n loglevel: debug\nprocessors:\n batch:\n memory_limiter:\n # Same as --mem-ballast-size-mib CLI argument\n ballast_size_mib: 165\n # 80% of maximum memory up to 2G\n limit_mib: 400\n # 25% of limit up to 2G\n spike_limit_mib: 100\n check_interval: 5s\nextensions:\n zpages: {}\nservice:\n extensions: [zpages]\n pipelines:\n traces:\n receivers: [otlp]\n processors: [memory_limiter, batch]\n exporters: [logging, otlp]\n"` | config for sidecar agent |
| opentelemetry.enabled | bool | `false` | installs opentelemtry agent as sidecar in flow |
| opentelemetry.image | string | `"otel/opentelemetry-collector-dev:latest"` | |
| prometheus.alertmanager.enabled | bool | `false` | |
| prometheus.backendName | string | `"prom-backend-server"` | |
| prometheus.global.evaluation_interval | string | `"1m"` | |
| prometheus.global.scrape_interval | string | `"1m"` | |
| prometheus.install | bool | `true` | |
| prometheus.kube-state-metrics.enabled | bool | `false` | |
| prometheus.prometheus-node-exporter.enabled | bool | `false` | |
| prometheus.prometheus-pushgateway.enabled | bool | `false` | |
| prometheus.server.persistentVolume.enabled | bool | `false` | |
| prometheus.server.retention | string | `"96h"` | |
| prometheus.serviceAccounts.server.create | bool | `true` | |
| pullPolicy | string | `"Always"` | Container pull policy. |
| registry | string | `"docker.io"` | Container registry from which to pull direktiv. |
| requestTimeout | int | `7200` | max request timeouts in seconds. Used in Knative and the ingress controller if enabled. |
| serviceAccount | object | `{"annotations":{},"create":true,"name":""}` | service account for components. If preconfigured serviceaccounts are used the name ise the base and two additional service accounts are needed, e.g. service account name is myaccount then another two acounts are needed: myaccount-functions and myaccount-functions-pod |
| tag | string | `""` | image tag for main direktiv binary pod |
| tolerations | list | `[]` | |