# Default values for cvat. # This is a YAML-formatted file. # Declare variables to be passed into your templates. imagePullSecrets: [] nameOverride: "" fullnameOverride: "" cvat: backend: labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] initializer: labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] server: replicas: 1 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] envs: ALLOWED_HOSTS: "*" DJANGO_MODWSGI_EXTRA_ARGS: "" additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] worker: export: replicas: 2 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] import: replicas: 2 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] annotation: replicas: 1 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] webhooks: replicas: 1 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] qualityreports: replicas: 1 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] analyticsreports: replicas: 1 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] utils: replicas: 1 labels: {} annotations: {} resources: {} affinity: {} tolerations: [] additionalEnv: [] additionalVolumes: [] additionalVolumeMounts: [] replicas: 1 image: cvat/server tag: dev imagePullPolicy: Always permissionFix: enabled: true service: annotations: traefik.ingress.kubernetes.io/service.sticky.cookie: "true" spec: type: ClusterIP ports: - port: 8080 targetPort: 8080 protocol: TCP name: http defaultStorage: enabled: true # storageClassName: default # accessModes: # - ReadWriteMany size: 20Gi disableDistinctCachePerService: false frontend: replicas: 1 image: cvat/ui tag: dev imagePullPolicy: Always labels: {} # test: test annotations: {} # test.io/test: test resources: {} affinity: {} tolerations: [] # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 additionalEnv: [] # Example: # - name: volume-from-secret # - name: TEST # value: "test" additionalVolumes: [] # Example(assumes that pvc was already created): # - name: tmp # persistentVolumeClaim: # claimName: tmp additionalVolumeMounts: [] # Example: # - mountPath: /tmp # name: tmp # subPath: test service: type: ClusterIP ports: - port: 80 targetPort: 80 protocol: TCP name: http opa: replicas: 1 image: openpolicyagent/opa tag: 0.45.0-rootless imagePullPolicy: IfNotPresent labels: {} # test: test annotations: {} # test.io/test: test resources: {} affinity: {} tolerations: [] # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 additionalEnv: [] # Example: # - name: volume-from-secret # - name: TEST # value: "test" additionalVolumes: [] # Example(assumes that pvc was already created): # - name: tmp # persistentVolumeClaim: # claimName: tmp additionalVolumeMounts: [] # Example: # - mountPath: /tmp # name: tmp # subPath: test composeCompatibleServiceName: true # Sets service name to opa in order to be compatible with Docker Compose. Necessary because changing IAM_OPA_DATA_URL via environment variables in current images. Hinders multiple deployment due to duplicate name service: type: ClusterIP ports: - port: 8181 targetPort: 8181 protocol: TCP name: http kvrocks: enabled: true external: host: kvrocks-external.localdomain existingSecret: "cvat-kvrocks-secret" secret: create: true name: cvat-kvrocks-secret password: cvat_kvrocks image: apache/kvrocks tag: 2.7.0 imagePullPolicy: IfNotPresent labels: {} # test: test annotations: {} # test.io/test: test resources: {} affinity: {} tolerations: [] nodeAffinity: {} # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 additionalEnv: [] # Example: # - name: TEST # value: "test" additionalVolumes: [] # Example(assumes that pvc was already created): # - name: tmp # persistentVolumeClaim: # claimName: tmp additionalVolumeMounts: [] # Example: # - mountPath: /tmp # name: tmp # subPath: test defaultStorage: enabled: true # storageClassName: default # accessModes: # - ReadWriteOnce size: 100Gi postgresql: #See https://github.com/bitnami/charts/blob/master/bitnami/postgresql/ for more info enabled: true # false for external db external: host: 127.0.0.1 port: 5432 # If not external following config will be applied by default auth: existingSecret: "{{ .Release.Name }}-postgres-secret" username: cvat database: cvat service: ports: postgresql: 5432 secret: create: true name: "{{ .Release.Name }}-postgres-secret" password: cvat_postgresql postgres_password: cvat_postgresql_postgres replication_password: cvat_postgresql_replica # https://artifacthub.io/packages/helm/bitnami/redis redis: enabled: true external: host: 127.0.0.1 architecture: standalone auth: existingSecret: "cvat-redis-secret" existingSecretPasswordKey: password secret: create: true name: cvat-redis-secret password: cvat_redis # TODO: persistence options nuclio: enabled: false # See https://github.com/nuclio/nuclio/blob/master/hack/k8s/helm/nuclio/values.yaml for more info # registry: # loginUrl: someurl # credentials: # username: someuser # password: somepass analytics: enabled: true clickhouseDb: cvat clickhouseUser: user clickhousePassword: user clickhouseHost: "{{ .Release.Name }}-clickhouse" vector: envFrom: - secretRef: name: cvat-analytics-secret existingConfigMaps: - cvat-vector-config dataDir: "/vector-data-dir" containerPorts: - name: http containerPort: 80 protocol: TCP service: ports: - name: http port: 80 protocol: TCP image: tag: "0.26.0-alpine" clickhouse: shards: 1 replicaCount: 1 extraEnvVarsSecret: cvat-analytics-secret initdbScriptsSecret: cvat-clickhouse-init auth: username: user existingSecret: cvat-analytics-secret existingSecretKey: CLICKHOUSE_PASSWORD # Consider enabling zookeeper if a distributed configuration is used zookeeper: enabled: false grafana: datasources: datasources.yaml: apiVersion: 1 datasources: - name: 'ClickHouse' type: 'grafana-clickhouse-datasource' isDefault: true jsonData: defaultDatabase: cvat port: 9000 server: "{{ .Release.Name }}-clickhouse" username: user tlsSkipVerify: false secureJsonData: password: user editable: false dashboardProviders: dashboardproviders.yaml: apiVersion: 1 providers: - name: 'default' orgId: 1 folder: '' type: file disableDeletion: false editable: true options: path: /var/lib/grafana/dashboards dashboardsConfigMaps: default: "cvat-grafana-dashboards" plugins: - grafana-clickhouse-datasource grafana.ini: server: root_url: https://cvat.local/analytics dashboards: default_home_dashboard_path: /var/lib/grafana/dashboards/default/all_events.json users: viewers_can_edit: true auth: disable_login_form: true disable_signout_menu: true auth.anonymous: enabled: true org_role: Admin auth.basic: enabled: false ingress: ## @param ingress.enabled Enable ingress resource generation for CVAT ## enabled: false ## @param ingress.hostname Host for the ingress resource ## hostname: cvat.local ## @param ingress.annotations Additional annotations for the Ingress resource. ## ## e.g: ## annotations: ## kubernetes.io/ingress.class: nginx ## annotations: {} ## @param ingress.className IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ ## className: "" ## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter ## TLS certificates will be retrieved from a TLS secret defined in tlsSecretName parameter ## tls: false ## @param ingress.tlsSecretName Specifies the name of the secret containing TLS certificates. Ignored if ingress.tls is false ## tlsSecretName: ingress-tls-cvat traefik: enabled: false logs: general: format: json access: enabled: true format: json fields: general: defaultmode: drop names: ClientHost: keep DownstreamContentSize: keep DownstreamStatus: keep Duration: keep RequestHost: keep RequestMethod: keep RequestPath: keep RequestPort: keep RequestProtocol: keep RouterName: keep StartUTC: keep smokescreen: opts: ''