values.yaml
# Default values for cvat.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
cvat:
backend:
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
initializer:
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
server:
replicas: 1
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
envs:
ALLOWED_HOSTS: "*"
DJANGO_MODWSGI_EXTRA_ARGS: ""
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
worker:
export:
replicas: 2
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
import:
replicas: 2
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
annotation:
replicas: 1
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
webhooks:
replicas: 1
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
qualityreports:
replicas: 1
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
analyticsreports:
replicas: 1
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
utils:
replicas: 1
labels: {}
annotations: {}
resources: {}
affinity: {}
tolerations: []
additionalEnv: []
additionalVolumes: []
additionalVolumeMounts: []
replicas: 1
image: cvat/server
tag: dev
imagePullPolicy: Always
permissionFix:
enabled: true
service:
annotations:
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: http
defaultStorage:
enabled: true
# storageClassName: default
# accessModes:
# - ReadWriteMany
size: 20Gi
disableDistinctCachePerService: false
frontend:
replicas: 1
image: cvat/ui
tag: dev
imagePullPolicy: Always
labels: {}
# test: test
annotations: {}
# test.io/test: test
resources: {}
affinity: {}
tolerations: []
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: kubernetes.io/e2e-az-name
# operator: In
# values:
# - e2e-az1
# - e2e-az2
additionalEnv: []
# Example:
# - name: volume-from-secret
# - name: TEST
# value: "test"
additionalVolumes: []
# Example(assumes that pvc was already created):
# - name: tmp
# persistentVolumeClaim:
# claimName: tmp
additionalVolumeMounts: []
# Example:
# - mountPath: /tmp
# name: tmp
# subPath: test
service:
type: ClusterIP
ports:
- port: 80
targetPort: 80
protocol: TCP
name: http
opa:
replicas: 1
image: openpolicyagent/opa
tag: 0.45.0-rootless
imagePullPolicy: IfNotPresent
labels: {}
# test: test
annotations: {}
# test.io/test: test
resources: {}
affinity: {}
tolerations: []
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: kubernetes.io/e2e-az-name
# operator: In
# values:
# - e2e-az1
# - e2e-az2
additionalEnv: []
# Example:
# - name: volume-from-secret
# - name: TEST
# value: "test"
additionalVolumes: []
# Example(assumes that pvc was already created):
# - name: tmp
# persistentVolumeClaim:
# claimName: tmp
additionalVolumeMounts: []
# Example:
# - mountPath: /tmp
# name: tmp
# subPath: test
composeCompatibleServiceName: true # Sets service name to opa in order to be compatible with Docker Compose. Necessary because changing IAM_OPA_DATA_URL via environment variables in current images. Hinders multiple deployment due to duplicate name
service:
type: ClusterIP
ports:
- port: 8181
targetPort: 8181
protocol: TCP
name: http
kvrocks:
enabled: true
external:
host: kvrocks-external.localdomain
existingSecret: "cvat-kvrocks-secret"
secret:
create: true
name: cvat-kvrocks-secret
password: cvat_kvrocks
image: apache/kvrocks
tag: 2.7.0
imagePullPolicy: IfNotPresent
labels: {}
# test: test
annotations: {}
# test.io/test: test
resources: {}
affinity: {}
tolerations: []
nodeAffinity: {}
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: kubernetes.io/e2e-az-name
# operator: In
# values:
# - e2e-az1
# - e2e-az2
additionalEnv: []
# Example:
# - name: TEST
# value: "test"
additionalVolumes: []
# Example(assumes that pvc was already created):
# - name: tmp
# persistentVolumeClaim:
# claimName: tmp
additionalVolumeMounts: []
# Example:
# - mountPath: /tmp
# name: tmp
# subPath: test
defaultStorage:
enabled: true
# storageClassName: default
# accessModes:
# - ReadWriteOnce
size: 100Gi
postgresql:
#See https://github.com/bitnami/charts/blob/master/bitnami/postgresql/ for more info
enabled: true # false for external db
external:
host: 127.0.0.1
port: 5432
# If not external following config will be applied by default
auth:
existingSecret: "{{ .Release.Name }}-postgres-secret"
username: cvat
database: cvat
service:
ports:
postgresql: 5432
secret:
create: true
name: "{{ .Release.Name }}-postgres-secret"
password: cvat_postgresql
postgres_password: cvat_postgresql_postgres
replication_password: cvat_postgresql_replica
# https://artifacthub.io/packages/helm/bitnami/redis
redis:
enabled: true
external:
host: 127.0.0.1
architecture: standalone
auth:
existingSecret: "cvat-redis-secret"
existingSecretPasswordKey: password
secret:
create: true
name: cvat-redis-secret
password: cvat_redis
# TODO: persistence options
nuclio:
enabled: false
# See https://github.com/nuclio/nuclio/blob/master/hack/k8s/helm/nuclio/values.yaml for more info
# registry:
# loginUrl: someurl
# credentials:
# username: someuser
# password: somepass
analytics:
enabled: true
clickhouseDb: cvat
clickhouseUser: user
clickhousePassword: user
clickhouseHost: "{{ .Release.Name }}-clickhouse"
vector:
envFrom:
- secretRef:
name: cvat-analytics-secret
existingConfigMaps:
- cvat-vector-config
dataDir: "/vector-data-dir"
containerPorts:
- name: http
containerPort: 80
protocol: TCP
service:
ports:
- name: http
port: 80
protocol: TCP
image:
tag: "0.26.0-alpine"
clickhouse:
shards: 1
replicaCount: 1
extraEnvVarsSecret: cvat-analytics-secret
initdbScriptsSecret: cvat-clickhouse-init
auth:
username: user
existingSecret: cvat-analytics-secret
existingSecretKey: CLICKHOUSE_PASSWORD
# Consider enabling zookeeper if a distributed configuration is used
zookeeper:
enabled: false
grafana:
datasources:
datasources.yaml:
apiVersion: 1
datasources:
- name: 'ClickHouse'
type: 'grafana-clickhouse-datasource'
isDefault: true
jsonData:
defaultDatabase: cvat
port: 9000
server: "{{ .Release.Name }}-clickhouse"
username: user
tlsSkipVerify: false
secureJsonData:
password: user
editable: false
dashboardProviders:
dashboardproviders.yaml:
apiVersion: 1
providers:
- name: 'default'
orgId: 1
folder: ''
type: file
disableDeletion: false
editable: true
options:
path: /var/lib/grafana/dashboards
dashboardsConfigMaps:
default: "cvat-grafana-dashboards"
plugins:
- grafana-clickhouse-datasource
grafana.ini:
server:
root_url: https://cvat.local/analytics
dashboards:
default_home_dashboard_path: /var/lib/grafana/dashboards/default/all_events.json
users:
viewers_can_edit: true
auth:
disable_login_form: true
disable_signout_menu: true
auth.anonymous:
enabled: true
org_role: Admin
auth.basic:
enabled: false
ingress:
## @param ingress.enabled Enable ingress resource generation for CVAT
##
enabled: false
## @param ingress.hostname Host for the ingress resource
##
hostname: cvat.local
## @param ingress.annotations Additional annotations for the Ingress resource.
##
## e.g:
## annotations:
## kubernetes.io/ingress.class: nginx
##
annotations: {}
## @param ingress.className IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
##
className: ""
## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter
## TLS certificates will be retrieved from a TLS secret defined in tlsSecretName parameter
##
tls: false
## @param ingress.tlsSecretName Specifies the name of the secret containing TLS certificates. Ignored if ingress.tls is false
##
tlsSecretName: ingress-tls-cvat
traefik:
enabled: false
logs:
general:
format: json
access:
enabled: true
format: json
fields:
general:
defaultmode: drop
names:
ClientHost: keep
DownstreamContentSize: keep
DownstreamStatus: keep
Duration: keep
RequestHost: keep
RequestMethod: keep
RequestPath: keep
RequestPort: keep
RequestProtocol: keep
RouterName: keep
StartUTC: keep
smokescreen:
opts: ''
