diff --git a/keda-crd/.helmignore b/keda-crd/.helmignore new file mode 100644 index 00000000..a9f39f79 --- /dev/null +++ b/keda-crd/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +*.gotmpl diff --git a/keda-crd/Chart.yaml b/keda-crd/Chart.yaml new file mode 100644 index 00000000..4774cca7 --- /dev/null +++ b/keda-crd/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: keda-crd +description: A Helm Chart for KEDA Custom Resource Definitions (CRDS) + +# Specify the Kubernetes version range that we support. +# We allow pre-release versions for cloud-specific Kubernetes versions such as v1.21.5-gke.1302 or v1.18.9-eks-d1db3c +kubeVersion: ">=v1.23.0-0" + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 2.14.2 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 2.14.0 + +home: https://github.com/kedacore/keda +icon: https://raw.githubusercontent.com/kedacore/keda/main/images/keda-logo-500x500-white.png +sources: + - https://github.com/kedacore/keda +maintainers: + - name: Ahmed ElSayed + email: ahmels@microsoft.com + - name: Jorge Turrado + email: jorge_turrado@hotmail.es + - name: Tom Kerkhove + email: kerkhove.tom@gmail.com + - name: Zbynek Roubalik + email: zbynek@kedify.io diff --git a/keda-crd/README.md b/keda-crd/README.md new file mode 100644 index 00000000..702052f9 --- /dev/null +++ b/keda-crd/README.md @@ -0,0 +1,28 @@ +# keda-crd + +![Version: 2.14.2](https://img.shields.io/badge/Version-2.14.2-informational?style=flat-square) ![AppVersion: 2.14.0](https://img.shields.io/badge/AppVersion-2.14.0-informational?style=flat-square) + +A Helm Chart for KEDA Custom Resource Definitions (CRDS) + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| Ahmed ElSayed | | | +| Jorge Turrado | | | +| Tom Kerkhove | | | +| Zbynek Roubalik | | | + +## Source Code + +* + +## Requirements + +Kubernetes: `>=v1.23.0-0` + +---------------------------------------------- + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs/). diff --git a/keda-crd/README.md.gotmpl b/keda-crd/README.md.gotmpl new file mode 100644 index 00000000..7991d3c2 --- /dev/null +++ b/keda-crd/README.md.gotmpl @@ -0,0 +1,20 @@ +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +---------------------------------------------- + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs/). diff --git a/keda-crd/templates/_helpers.tpl b/keda-crd/templates/_helpers.tpl new file mode 100644 index 00000000..e64afaa2 --- /dev/null +++ b/keda-crd/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "keda.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Generate basic labels for CRD +*/}} +{{- define "keda.crd-labels" }} +helm.sh/chart: {{ include "keda.chart" . }} +app.kubernetes.io/component: operator +app.kubernetes.io/managed-by: {{ .Values.customManagedBy | default .Release.Service }} +app.kubernetes.io/part-of: {{ .Values.operator.name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end }} +{{- end }} + +{{/* +Generate basic labels +*/}} +{{- define "keda.labels" -}} +{{- include "keda.crd-labels" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Values.additionalLabels }} +{{ toYaml .Values.additionalLabels }} +{{- end }} +{{- end }} diff --git a/keda-crd/templates/crd-cloudeventsources.yaml b/keda-crd/templates/crd-cloudeventsources.yaml new file mode 120000 index 00000000..3d81604e --- /dev/null +++ b/keda-crd/templates/crd-cloudeventsources.yaml @@ -0,0 +1 @@ +../../keda/templates/crds/crd-cloudeventsources.yaml \ No newline at end of file diff --git a/keda-crd/templates/crd-clustertriggerauthentications.yaml b/keda-crd/templates/crd-clustertriggerauthentications.yaml new file mode 120000 index 00000000..890c728f --- /dev/null +++ b/keda-crd/templates/crd-clustertriggerauthentications.yaml @@ -0,0 +1 @@ +../../keda/templates/crds/crd-clustertriggerauthentications.yaml \ No newline at end of file diff --git a/keda-crd/templates/crd-scaledjobs.yaml b/keda-crd/templates/crd-scaledjobs.yaml new file mode 120000 index 00000000..260cd64d --- /dev/null +++ b/keda-crd/templates/crd-scaledjobs.yaml @@ -0,0 +1 @@ +../../keda/templates/crds/crd-scaledjobs.yaml \ No newline at end of file diff --git a/keda-crd/templates/crd-scaledobjects.yaml b/keda-crd/templates/crd-scaledobjects.yaml new file mode 120000 index 00000000..5ebf8c64 --- /dev/null +++ b/keda-crd/templates/crd-scaledobjects.yaml @@ -0,0 +1 @@ +../../keda/templates/crds/crd-scaledobjects.yaml \ No newline at end of file diff --git a/keda-crd/templates/crd-triggerauthentications.yaml b/keda-crd/templates/crd-triggerauthentications.yaml new file mode 120000 index 00000000..2ffacd2a --- /dev/null +++ b/keda-crd/templates/crd-triggerauthentications.yaml @@ -0,0 +1 @@ +../../keda/templates/crds/crd-triggerauthentications.yaml \ No newline at end of file diff --git a/keda-crd/values.yaml b/keda-crd/values.yaml new file mode 100644 index 00000000..42882ccb --- /dev/null +++ b/keda-crd/values.yaml @@ -0,0 +1,12 @@ +crds: + # -- Defines whether the KEDA CRDs have to be installed or not. + install: true + + # -- Custom annotations specifically for CRDs + additionalAnnotations: + {} + # foo: bar + +operator: + # -- Name of the KEDA operator + name: keda-operator diff --git a/keda-crd/values.yaml.orig b/keda-crd/values.yaml.orig new file mode 100644 index 00000000..6be3df10 --- /dev/null +++ b/keda-crd/values.yaml.orig @@ -0,0 +1,853 @@ +# Default values for keda. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + image: + # -- Global image registry of KEDA components + registry: null + +image: + keda: + # -- Image registry of KEDA operator + registry: ghcr.io + # -- Image name of KEDA operator + repository: kedacore/keda + # -- Image tag of KEDA operator. Optional, given app version of Helm chart is used by default + tag: "" + metricsApiServer: + # -- Image registry of KEDA Metrics API Server + registry: ghcr.io + # -- Image name of KEDA Metrics API Server + repository: kedacore/keda-metrics-apiserver + # -- Image tag of KEDA Metrics API Server. Optional, given app version of Helm chart is used by default + tag: "" + webhooks: + # -- Image registry of KEDA admission-webhooks + registry: ghcr.io + # -- Image name of KEDA admission-webhooks + repository: kedacore/keda-admission-webhooks + # -- Image tag of KEDA admission-webhooks . Optional, given app version of Helm chart is used by default + tag: "" + # -- Image pullPolicy for all KEDA components + pullPolicy: Always + +# -- Kubernetes cluster name. Used in features such as emitting CloudEvents +clusterName: kubernetes-default + +# -- Kubernetes cluster domain +clusterDomain: cluster.local + +crds: + # -- Defines whether the KEDA CRDs have to be installed or not. + install: true + + # -- Custom annotations specifically for CRDs + additionalAnnotations: + {} + # foo: bar + +# -- Defines Kubernetes namespaces to watch to scale their workloads. Default watches all namespaces +watchNamespace: "" + +# -- Name of secret to use to pull images to use to pull Docker images +imagePullSecrets: [] + +networkPolicy: + # -- Enable network policies + enabled: false + # -- Flavor of the network policies (cilium) + flavor: "cilium" + # -- Allow use of extra egress rules for cilium network policies + cilium: + operator: + extraEgressRules: [] + +operator: + # -- Name of the KEDA operator + name: keda-operator + # -- ReplicaSets for this Deployment you want to retain (Default: 10) + revisionHistoryLimit: 10 + # -- Capability to configure the number of replicas for KEDA operator. + # While you can run more replicas of our operator, only one operator instance will be the leader and serving traffic. + # You can run multiple replicas, but they will not improve the performance of KEDA, it could only reduce downtime during a failover. + # Learn more in [our documentation](https://keda.sh/docs/latest/operate/cluster/#high-availability). + replicaCount: 1 + # --Disable response compression for k8s restAPI in client-go. + # Disabling compression simply means that turns off the process of making data smaller for K8s restAPI in client-go for faster transmission. + disableCompression: true + # -- [Affinity] for pod scheduling for KEDA operator. Takes precedence over the `affinity` field + affinity: {} + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app + # operator: In + # values: + # - keda-operator + # topologyKey: "kubernetes.io/hostname" + # -- Additional containers to run as part of the operator deployment + extraContainers: [] + # - name: hello-many + # args: + # - -c + # - "while true; do echo hi; sleep 300; done" + # command: + # - /bin/sh + # image: 'busybox:glibc' + # -- Additional init containers to run as part of the operator deployment + extraInitContainers: [] + # - name: hello-once + # args: + # - -c + # - "echo 'Hello World!'" + # command: + # - /bin/sh + # image: 'busybox:glibc' + # -- Liveness probes for operator ([docs](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)) + livenessProbe: + initialDelaySeconds: 25 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + successThreshold: 1 + # -- Readiness probes for operator ([docs](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-readiness-probes)) + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 3 + timeoutSeconds: 1 + failureThreshold: 3 + successThreshold: 1 + +metricsServer: + # -- ReplicaSets for this Deployment you want to retain (Default: 10) + revisionHistoryLimit: 10 + # -- Capability to configure the number of replicas for KEDA metric server. + # While you can run more replicas of our metric server, only one instance will used and serve traffic. + # You can run multiple replicas, but they will not improve the performance of KEDA, it could only reduce downtime during a failover. + # Learn more in [our documentation](https://keda.sh/docs/latest/operate/cluster/#high-availability). + replicaCount: 1 + # --Disable response compression for k8s restAPI in client-go. + # Disabling compression simply means that turns off the process of making data smaller for K8s restAPI in client-go for faster transmission. + disableCompression: true + # use ClusterFirstWithHostNet if `useHostNetwork: true` https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy + # -- Defined the DNS policy for the metric server + dnsPolicy: ClusterFirst + # -- Enable metric server to use host network + useHostNetwork: false + # -- [Affinity] for pod scheduling for Metrics API Server. Takes precedence over the `affinity` field + affinity: {} + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app + # operator: In + # values: + # - keda-operator-metrics-apiserver + # topologyKey: "kubernetes.io/hostname" + # -- Liveness probes for Metrics API Server ([docs](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)) + livenessProbe: + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + successThreshold: 1 + # -- Readiness probes for Metrics API Server ([docs](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-readiness-probes)) + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 3 + timeoutSeconds: 1 + failureThreshold: 3 + successThreshold: 1 + +webhooks: + # -- Enable admission webhooks (this feature option will be removed in v2.12) + enabled: true + # -- Port number to use for KEDA admission webhooks. Default is 9443. + port: "" + # -- Port number to use for KEDA admission webhooks health probe + healthProbePort: 8081 + # -- Liveness probes for admission webhooks ([docs](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)) + livenessProbe: + initialDelaySeconds: 25 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + successThreshold: 1 + # -- Readiness probes for admission webhooks ([docs](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-readiness-probes)) + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 3 + timeoutSeconds: 1 + failureThreshold: 3 + successThreshold: 1 + # -- Enable webhook to use host network, this is required on EKS with custom CNI + useHostNetwork: false + # -- Name of the KEDA admission webhooks + name: keda-admission-webhooks + # -- ReplicaSets for this Deployment you want to retain (Default: 10) + revisionHistoryLimit: 10 + # -- Capability to configure the number of replicas for KEDA admission webhooks + replicaCount: 1 + # -- [Affinity] for pod scheduling for KEDA admission webhooks. Takes precedence over the `affinity` field + affinity: {} + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app + # operator: In + # values: + # - keda-admission-webhooks + # topologyKey: "kubernetes.io/hostname" + + # -- [Failure policy](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#failure-policy) to use with KEDA admission webhooks + failurePolicy: Ignore + +upgradeStrategy: + # -- Capability to configure [Deployment upgrade strategy] for operator + operator: {} + # type: RollingUpdate + # rollingUpdate: + # maxUnavailable: 1 + # maxSurge: 1 + + # -- Capability to configure [Deployment upgrade strategy] for Metrics Api Server + metricsApiServer: {} + # type: RollingUpdate + # rollingUpdate: + # maxUnavailable: 1 + # maxSurge: 1 + + # -- Capability to configure [Deployment upgrade strategy] for Admission webhooks + webhooks: {} + # type: RollingUpdate + # rollingUpdate: + # maxUnavailable: 1 + # maxSurge: 1 + +podDisruptionBudget: + # -- Capability to configure [Pod Disruption Budget] + operator: {} + # minAvailable: 1 + # maxUnavailable: 1 + + # -- Capability to configure [Pod Disruption Budget] + metricServer: {} + # minAvailable: 1 + # maxUnavailable: 1 + + # -- Capability to configure [Pod Disruption Budget] + webhooks: {} + # minAvailable: 1 + # maxUnavailable: 1 + +# -- Custom labels to add into metadata +additionalLabels: + {} + # foo: bar + +# -- Custom annotations to add into metadata +additionalAnnotations: + {} + # foo: bar + +podAnnotations: + # -- Pod annotations for KEDA operator + keda: {} + # -- Pod annotations for KEDA Metrics Adapter + metricsAdapter: {} + # -- Pod annotations for KEDA Admission webhooks + webhooks: {} +podLabels: + # -- Pod labels for KEDA operator + keda: {} + # -- Pod labels for KEDA Metrics Adapter + metricsAdapter: {} + # -- Pod labels for KEDA Admission webhooks + webhooks: {} + +rbac: + # -- Specifies whether RBAC should be used + create: true + # -- Specifies whether RBAC for CRDs should be [aggregated](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles) to default roles (view, edit, admin) + aggregateToDefaultRoles: false + + # -- Whether RBAC for configured CRDs that can have a `scale` subresource should be created + enabledCustomScaledRefKinds: true + # -- List of custom resources that support the `scale` subresource and can be referenced by `scaledobject.spec.scaleTargetRef`. + # The feature needs to be also enabled by `enabledCustomScaledRefKinds`. + # If left empty, RBAC for `apiGroups: *` and `resources: *, */scale` will be created + # note: Deployments and StatefulSets are supported out of the box + scaledRefKinds: + - apiGroup: "*" + kind: "*" + # - apiGroup: argoproj.io + # kind: Rollout + +serviceAccount: + operator: + # -- Specifies whether a service account should be created + create: true + # -- The name of the service account to use. + name: keda-operator + # -- Specifies whether a service account should automount API-Credentials + automountServiceAccountToken: true + # -- Annotations to add to the service account + annotations: {} + metricServer: + # -- Specifies whether a service account should be created + create: true + # -- The name of the service account to use. + name: keda-metrics-server + # -- Specifies whether a service account should automount API-Credentials + automountServiceAccountToken: true + # -- Annotations to add to the service account + annotations: {} + webhooks: + # -- Specifies whether a service account should be created + create: true + # -- The name of the service account to use. + name: keda-webhook + # -- Specifies whether a service account should automount API-Credentials + automountServiceAccountToken: true + # -- Annotations to add to the service account + annotations: {} + +podIdentity: + azureWorkload: + # -- Set to true to enable Azure Workload Identity usage. + # See https://keda.sh/docs/concepts/authentication/#azure-workload-identity + # This will be set as a label on the KEDA service account. + enabled: false + # Set to the value of the Azure Active Directory Client and Tenant Ids + # respectively. These will be set as annotations on the KEDA service account. + # -- Id of Azure Active Directory Client to use for authentication with Azure Workload Identity. ([docs](https://keda.sh/docs/concepts/authentication/#azure-workload-identity)) + clientId: "" + # -- Id Azure Active Directory Tenant to use for authentication with for Azure Workload Identity. ([docs](https://keda.sh/docs/concepts/authentication/#azure-workload-identity)) + tenantId: "" + # Set to the value of the service account token expiration duration. + # This will be set as an annotation on the KEDA service account. + # -- Duration in seconds to automatically expire tokens for the service account. ([docs](https://keda.sh/docs/concepts/authentication/#azure-workload-identity)) + tokenExpiration: 3600 + aws: + irsa: + # -- Specifies whether [AWS IAM Roles for Service Accounts (IRSA)](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) is to be enabled or not. + enabled: false + # -- Sets the token audience for IRSA. + # This will be set as an annotation on the KEDA service account. + audience: "sts.amazonaws.com" + # -- Set to the value of the ARN of an IAM role with a web identity provider. + # This will be set as an annotation on the KEDA service account. + roleArn: "" + # -- Sets the use of an STS regional endpoint instead of global. + # Recommended to use regional endpoint in almost all cases. + # This will be set as an annotation on the KEDA service account. + stsRegionalEndpoints: "true" + # -- Set to the value of the service account token expiration duration. + # This will be set as an annotation on the KEDA service account. + tokenExpiration: 86400 + gcp: + # -- Set to true to enable GCP Workload Identity. + # See https://keda.sh/docs/2.10/authentication-providers/gcp-workload-identity/ + # This will be set as a annotation on the KEDA service account. + enabled: false + # -- GCP IAM Service Account Email which you would like to use for workload identity. + gcpIAMServiceAccount: "" + +# -- Set this if you are using an external scaler and want to communicate +# over TLS (recommended). This variable holds the name of the secret that +# will be mounted to the /grpccerts path on the Pod +grpcTLSCertsSecret: "" + +# -- Set this if you are using HashiCorp Vault and want to communicate +# over TLS (recommended). This variable holds the name of the secret that +# will be mounted to the /vault path on the Pod +hashiCorpVaultTLS: "" + +logging: + operator: + # -- Logging level for KEDA Operator. + # allowed values: `debug`, `info`, `error`, or an integer value greater than 0, specified as string + level: info + # -- Logging format for KEDA Operator. + # allowed values: `json` or `console` + format: console + # -- Logging time encoding for KEDA Operator. + # allowed values are `epoch`, `millis`, `nano`, `iso8601`, `rfc3339` or `rfc3339nano` + timeEncoding: rfc3339 + # -- If enabled, the stack traces will be also printed + stackTracesEnabled: false + metricServer: + # -- Logging level for Metrics Server. + # allowed values: `0` for info, `4` for debug, or an integer value greater than 0, specified as string + level: 0 + # -- Logging stderrthreshold for Metrics Server + # allowed values: 'DEBUG','INFO','WARN','ERROR','ALERT','EMERG' + stderrthreshold: ERROR + webhooks: + # -- Logging level for KEDA Operator. + # allowed values: `debug`, `info`, `error`, or an integer value greater than 0, specified as string + level: info + # -- Logging format for KEDA Admission webhooks. + # allowed values: `json` or `console` + format: console + # -- Logging time encoding for KEDA Operator. + # allowed values are `epoch`, `millis`, `nano`, `iso8601`, `rfc3339` or `rfc3339nano` + timeEncoding: rfc3339 + +# -- [Security context] for all containers +# @default -- [See below](#KEDA-is-secure-by-default) +securityContext: + # -- [Security context] of the operator container + # @default -- [See below](#KEDA-is-secure-by-default) + operator: + capabilities: + drop: + - ALL + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + # -- [Security context] of the metricServer container + # @default -- [See below](#KEDA-is-secure-by-default) + metricServer: + capabilities: + drop: + - ALL + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + # -- [Security context] of the admission webhooks container + # @default -- [See below](#KEDA-is-secure-by-default) + webhooks: + capabilities: + drop: + - ALL + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + +# -- [Pod security context] for all pods +# @default -- [See below](#KEDA-is-secure-by-default) +podSecurityContext: + # -- [Pod security context] of the KEDA operator pod + # @default -- [See below](#KEDA-is-secure-by-default) + operator: + runAsNonRoot: true + # runAsUser: 1000 + # runAsGroup: 1000 + # fsGroup: 1000 + + # -- [Pod security context] of the KEDA metrics apiserver pod + # @default -- [See below](#KEDA-is-secure-by-default) + metricServer: + runAsNonRoot: true + # runAsUser: 1000 + # runAsGroup: 1000 + # fsGroup: 1000 + + # -- [Pod security context] of the KEDA admission webhooks + # @default -- [See below](#KEDA-is-secure-by-default) + webhooks: + runAsNonRoot: true + # runAsUser: 1000 + # runAsGroup: 1000 + # fsGroup: 1000 + +service: + # -- KEDA Metric Server service type + type: ClusterIP + # -- HTTPS port for KEDA Metric Server service + portHttps: 443 + # -- HTTPS port for KEDA Metric Server container + portHttpsTarget: 6443 + # -- Annotations to add the KEDA Metric Server service + annotations: {} + +# We provides the default values that we describe in our docs: +# https://keda.sh/docs/latest/operate/cluster/ +# If you want to specify the resources (or totally remove the defaults), change or comment the following +# lines, adjust them as necessary, or simply add the curly braces after 'operator' and/or 'metricServer' +# and remove/comment the default values +resources: + # -- Manage [resource request & limits] of KEDA operator pod + operator: + limits: + cpu: 1 + memory: 1000Mi + requests: + cpu: 100m + memory: 100Mi + # -- Manage [resource request & limits] of KEDA metrics apiserver pod + metricServer: + limits: + cpu: 1 + memory: 1000Mi + requests: + cpu: 100m + memory: 100Mi + # -- Manage [resource request & limits] of KEDA admission webhooks pod + webhooks: + limits: + cpu: 1 + memory: 1000Mi + requests: + cpu: 100m + memory: 100Mi +# -- Node selector for pod scheduling ([docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/)) +nodeSelector: {} +# -- Tolerations for pod scheduling ([docs](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/)) +tolerations: [] + +topologySpreadConstraints: + # -- [Pod Topology Constraints] of KEDA operator pod + operator: [] + # -- [Pod Topology Constraints] of KEDA metrics apiserver pod + metricsServer: [] + # -- [Pod Topology Constraints] of KEDA admission webhooks pod + webhooks: [] + +# -- [Affinity] for pod scheduling for KEDA operator, Metrics API Server and KEDA admission webhooks. +affinity: {} + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app + # operator: In + # values: + # - keda-operator + # - keda-operator-metrics-apiserver + # - keda-admission-webhooks + # topologyKey: "kubernetes.io/hostname" + +# -- priorityClassName for all KEDA components +priorityClassName: "" + +## The default HTTP timeout in milliseconds that KEDA should use +## when making requests to external services. Removing this defaults to a +## reasonable default +http: + # -- The default HTTP timeout to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and the timeout does not necessarily apply to them) + timeout: 3000 + keepAlive: + # -- Enable HTTP connection keep alive + enabled: true + # -- The minimum TLS version to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and this value does not necessarily apply to them) + minTlsVersion: TLS12 + +## This setting lets you enable profiling for all of the components of KEDA and in the specific port you choose +## This can be useful when trying to investigate errors like memory leaks or CPU or even look at goroutines to understand better +## This setting is disabled by default +profiling: + operator: + # -- Enable profiling for KEDA operator + enabled: false + # -- Expose profiling on a specific port + port: 8082 + metricsServer: + # -- Enable profiling for KEDA metrics server + enabled: false + # -- Expose profiling on a specific port + port: 8083 + webhooks: + # -- Enable profiling for KEDA admission webhook + enabled: false + # -- Expose profiling on a specific port + port: 8084 + + +## Extra KEDA Operator and Metrics Adapter container arguments +extraArgs: + # -- Additional KEDA Operator container arguments + keda: {} + # -- Additional Metrics Adapter container arguments + metricsAdapter: {} + +# -- Additional environment variables that will be passed onto all KEDA components +env: [] +# - name: ENV_NAME +# value: 'ENV-VALUE' + +# Extra volumes and volume mounts for the deployment. Optional. +volumes: + keda: + # -- Extra volumes for KEDA deployment + extraVolumes: [] + # -- Extra volume mounts for KEDA deployment + extraVolumeMounts: [] + + metricsApiServer: + # -- Extra volumes for metric server deployment + extraVolumes: [] + # -- Extra volume mounts for metric server deployment + extraVolumeMounts: [] + + webhooks: + # -- Extra volumes for admission webhooks deployment + extraVolumes: [] + # -- Extra volume mounts for admission webhooks deployment + extraVolumeMounts: [] + +prometheus: + metricServer: + # -- Enable metric server Prometheus metrics expose + enabled: false + # -- HTTP port used for exposing metrics server prometheus metrics + port: 8080 + # -- HTTP port name for exposing metrics server prometheus metrics + portName: metrics + serviceMonitor: + # -- Enables ServiceMonitor creation for the Prometheus Operator + enabled: false + # -- JobLabel selects the label from the associated Kubernetes service which will be used as the job label for all metrics. [ServiceMonitor Spec] + jobLabel: "" + # -- TargetLabels transfers labels from the Kubernetes `Service` onto the created metrics + targetLabels: [] + # -- PodTargetLabels transfers labels on the Kubernetes `Pod` onto the created metrics + podTargetLabels: [] + # -- Name of the service port this endpoint refers to. Mutually exclusive with targetPort + port: metrics + # -- Name or number of the target port of the Pod behind the Service, the port must be specified with container port property. Mutually exclusive with port + targetPort: "" + # -- Interval at which metrics should be scraped If not specified Prometheus’ global scrape interval is used. + interval: "" + # -- Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than Interval in which the latter is used + scrapeTimeout: "" + # -- DEPRECATED. List of expressions that define custom relabeling rules for metric server ServiceMonitor crd (prometheus operator). [RelabelConfig Spec] + relabellings: [] + # -- List of expressions that define custom relabeling rules for metric server ServiceMonitor crd (prometheus operator). [RelabelConfig Spec] + relabelings: [] + # -- List of expressions that define custom metric relabeling rules for metric server ServiceMonitor crd after scrape has happened (prometheus operator). [RelabelConfig Spec] + metricRelabelings: [] + # -- Additional labels to add for metric server using ServiceMonitor crd (prometheus operator) + additionalLabels: {} + # -- HTTP scheme used for scraping. Defaults to `http` + scheme: http + # -- TLS configuration for scraping metrics + tlsConfig: {} + # caFile: /etc/prom-certs/root-cert.pem + # certFile: /etc/prom-certs/cert-chain.pem + # insecureSkipVerify: true + # keyFile: /etc/prom-certs/key.pem + podMonitor: + # -- Enables PodMonitor creation for the Prometheus Operator + enabled: false + # -- Scraping interval for metric server using podMonitor crd (prometheus operator) + interval: "" + # -- Scraping timeout for metric server using podMonitor crd (prometheus operator) + scrapeTimeout: "" + # -- Scraping namespace for metric server using podMonitor crd (prometheus operator) + namespace: "" + # -- Additional labels to add for metric server using podMonitor crd (prometheus operator) + additionalLabels: {} + # -- List of expressions that define custom relabeling rules for metric server podMonitor crd (prometheus operator) + relabelings: [] + # -- List of expressions that define custom metric relabeling rules for metric server PodMonitor crd after scrape has happened (prometheus operator). [RelabelConfig Spec] + metricRelabelings: [] + operator: + # -- Enable KEDA Operator prometheus metrics expose + enabled: false + # -- Port used for exposing KEDA Operator prometheus metrics + port: 8080 + serviceMonitor: + # -- Enables ServiceMonitor creation for the Prometheus Operator + enabled: false + # -- JobLabel selects the label from the associated Kubernetes service which will be used as the job label for all metrics. [ServiceMonitor Spec] + jobLabel: "" + # -- TargetLabels transfers labels from the Kubernetes `Service` onto the created metrics + targetLabels: [] + # -- PodTargetLabels transfers labels on the Kubernetes `Pod` onto the created metrics + podTargetLabels: [] + # -- Name of the service port this endpoint refers to. Mutually exclusive with targetPort + port: metrics + # -- Name or number of the target port of the Pod behind the Service, + # the port must be specified with container port property. Mutually exclusive with port + targetPort: "" + # -- Interval at which metrics should be scraped If not specified Prometheus’ global scrape interval is used. + interval: "" + # -- Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than Interval in which the latter is used + scrapeTimeout: "" + # -- DEPRECATED. List of expressions that define custom relabeling rules for metric server ServiceMonitor crd (prometheus operator). [RelabelConfig Spec] + relabellings: [] + # -- List of expressions that define custom relabeling rules for metric server ServiceMonitor crd (prometheus operator). [RelabelConfig Spec] + relabelings: [] + # -- List of expressions that define custom metric relabeling rules for metric server ServiceMonitor crd after scrape has happened (prometheus operator). [RelabelConfig Spec] + metricRelabelings: [] + # -- Additional labels to add for metric server using ServiceMonitor crd (prometheus operator) + additionalLabels: {} + # -- HTTP scheme used for scraping. Defaults to `http` + scheme: http + # -- TLS configuration for scraping metrics + tlsConfig: {} + # caFile: /etc/prom-certs/root-cert.pem + # certFile: /etc/prom-certs/cert-chain.pem + # insecureSkipVerify: true + # keyFile: /etc/prom-certs/key.pem + podMonitor: + # -- Enables PodMonitor creation for the Prometheus Operator + enabled: false + # -- Scraping interval for KEDA Operator using podMonitor crd (prometheus operator) + interval: "" + # -- Scraping timeout for KEDA Operator using podMonitor crd (prometheus operator) + scrapeTimeout: "" + # -- Scraping namespace for KEDA Operator using podMonitor crd (prometheus operator) + namespace: "" + # -- Additional labels to add for KEDA Operator using podMonitor crd (prometheus operator) + additionalLabels: {} + # -- List of expressions that define custom relabeling rules for KEDA Operator podMonitor crd (prometheus operator) + relabelings: [] + # -- List of expressions that define custom metric relabeling rules for metric server PodMonitor crd after scrape has happened (prometheus operator). [RelabelConfig Spec] + metricRelabelings: [] + prometheusRules: + # -- Enables PrometheusRules creation for the Prometheus Operator + enabled: false + # -- Scraping namespace for KEDA Operator using prometheusRules crd (prometheus operator) + namespace: "" + # -- Additional labels to add for KEDA Operator using prometheusRules crd (prometheus operator) + additionalLabels: {} + # -- Additional alerts to add for KEDA Operator using prometheusRules crd (prometheus operator) + alerts: + [] + # - alert: KedaScalerErrors + # annotations: + # description: Keda scaledObject {{ $labels.scaledObject }} is experiencing errors with {{ $labels.scaler }} scaler + # summary: Keda Scaler {{ $labels.scaler }} Errors + # expr: sum by ( scaledObject , scaler) (rate(keda_metrics_adapter_scaler_errors[2m])) > 0 + # for: 2m + # labels: + webhooks: + # -- Enable KEDA admission webhooks prometheus metrics expose + enabled: false + # -- Port used for exposing KEDA admission webhooks prometheus metrics + port: 8080 + serviceMonitor: + # -- Enables ServiceMonitor creation for the Prometheus webhooks + enabled: false + # -- jobLabel selects the label from the associated Kubernetes service which will be used as the job label for all metrics. [ServiceMonitor Spec] + jobLabel: "" + # -- TargetLabels transfers labels from the Kubernetes `Service` onto the created metrics + targetLabels: [] + # -- PodTargetLabels transfers labels on the Kubernetes `Pod` onto the created metrics + podTargetLabels: [] + # -- Name of the service port this endpoint refers to. Mutually exclusive with targetPort + port: metrics + # -- Name or number of the target port of the Pod behind the Service, the port must be specified with container port property. Mutually exclusive with port + targetPort: "" + # -- Interval at which metrics should be scraped If not specified Prometheus’ global scrape interval is used. + interval: "" + # -- Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than Interval in which the latter is used + scrapeTimeout: "" + # -- DEPRECATED. List of expressions that define custom relabeling rules for metric server ServiceMonitor crd (prometheus operator). [RelabelConfig Spec] + relabellings: [] + # -- List of expressions that define custom relabeling rules for metric server ServiceMonitor crd (prometheus operator). [RelabelConfig Spec] + relabelings: [] + # -- List of expressions that define custom metric relabeling rules for metric server ServiceMonitor crd after scrape has happened (prometheus operator). [RelabelConfig Spec] + metricRelabelings: [] + # -- Additional labels to add for metric server using ServiceMonitor crd (prometheus operator) + additionalLabels: {} + # -- HTTP scheme used for scraping. Defaults to `http` + scheme: http + # -- TLS configuration for scraping metrics + tlsConfig: {} + # caFile: /etc/prom-certs/root-cert.pem + # certFile: /etc/prom-certs/cert-chain.pem + # insecureSkipVerify: true + # keyFile: /etc/prom-certs/key.pem + prometheusRules: + # -- Enables PrometheusRules creation for the Prometheus Operator + enabled: false + # -- Scraping namespace for KEDA admission webhooks using prometheusRules crd (prometheus operator) + namespace: "" + # -- Additional labels to add for KEDA admission webhooks using prometheusRules crd (prometheus operator) + additionalLabels: {} + # -- Additional alerts to add for KEDA admission webhooks using prometheusRules crd (prometheus operator) + alerts: [] + +opentelemetry: + collector: + # -- Uri of OpenTelemetry Collector to push telemetry to + uri: "" + operator: + # -- Enable pushing metrics to an OpenTelemetry Collector for operator + enabled: false + +certificates: + # -- Enables the self generation for KEDA TLS certificates inside KEDA operator + autoGenerated: true + # -- Secret name to be mounted with KEDA TLS certificates + secretName: kedaorg-certs + # -- Path where KEDA TLS certificates are mounted + mountPath: /certs + certManager: + # -- Enables Cert-manager for certificate management + enabled: false + # -- Certificate duration + duration: 8760h0m0s # 1 year + # -- Certificate renewal time before expiration + renewBefore: 5840h0m0s # 8 months + # -- Generates a self-signed CA with Cert-manager. + # If generateCA is false, the secret with the CA + # has to be annotated with `cert-manager.io/allow-direct-injection: "true"` + generateCA: true + # -- Secret name where the CA is stored (generatedby cert-manager or user given) + caSecretName: "kedaorg-ca" + # -- Add labels/annotations to secrets created by Certificate resources + # [docs](https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources) + secretTemplate: {} + # annotations: + # my-secret-annotation-1: "foo" + # my-secret-annotation-2: "bar" + # labels: + # my-secret-label: foo + # -- Reference to custom Issuer. If issuer.generate is false, then issuer.group, issuer.kind and issuer.name are required + issuer: + # -- Generates an Issuer resource with Cert-manager + generate: true + # -- Custom Issuer name. Required when generate: false + name: foo-org-ca + # -- Custom Issuer kind. Required when generate: false + kind: ClusterIssuer + # -- Custom Issuer group. Required when generate: false + group: cert-manager.io + operator: + # -- Location(s) of CA files for authentication of external TLS connections such as TLS-enabled metrics sources + # caDirs: + # - /custom/ca + +permissions: + metricServer: + restrict: + # -- Restrict Secret Access for Metrics Server + secret: false + operator: + restrict: + # -- Restrict Secret Access for KEDA operator + # if true, KEDA operator will be able to read only secrets in {{ .Release.Namespace }} namespace + secret: false + # -- Array of strings denoting what secrets the KEDA operator will be able to read, this takes into account + # also the configured `watchNamespace`. + # the default is an empty array -> no restriction on the secret name + namesAllowList: [] + +# -- Array of extra K8s manifests to deploy +extraObjects: [] + # - apiVersion: keda.sh/v1alpha1 + # kind: ClusterTriggerAuthentication + # metadata: + # name: aws-credentials + # namespace: keda + # spec: + # podIdentity: + # provider: aws-eks + +# -- Capability to turn on/off ASCII art in Helm installation notes +asciiArt: true + +# -- When specified, each rendered resource will have `app.kubernetes.io/managed-by: ${this}` label on it. Useful, when using only helm template with some other solution. +customManagedBy: ""