# Available parameters and their default values for the SeaweedFS chart. global: createClusterRole: true registry: "" repository: "" imageName: chrislusf/seaweedfs imagePullPolicy: IfNotPresent imagePullSecrets: "" restartPolicy: Always loggingLevel: 1 enableSecurity: false masterServer: null securityConfig: jwtSigning: volumeWrite: true volumeRead: false filerWrite: false filerRead: false # we will use this serviceAccountName for all ClusterRoles/ClusterRoleBindings serviceAccountName: "seaweedfs" certificates: alphacrds: false monitoring: enabled: false gatewayHost: null gatewayPort: null additionalLabels: {} # if enabled will use global.replicationPlacment and override master & filer defaultReplicaPlacement config enableReplication: false # replication type is XYZ: # X number of replica in other data centers # Y number of replica in other racks in the same data center # Z number of replica in other servers in the same rack replicationPlacment: "001" extraEnvironmentVars: WEED_CLUSTER_DEFAULT: "sw" WEED_CLUSTER_SW_MASTER: "seaweedfs-master.seaweedfs:9333" WEED_CLUSTER_SW_FILER: "seaweedfs-filer-client.seaweedfs:8888" # WEED_JWT_SIGNING_KEY: # secretKeyRef: # name: seaweedfs-signing-key # key: signingKey image: registry: "" repository: "" master: enabled: true repository: null imageName: null imageTag: null imageOverride: null restartPolicy: null replicas: 1 port: 9333 grpcPort: 19333 metricsPort: 9327 ipBind: "" volumePreallocate: false volumeSizeLimitMB: 1000 loggingOverrideLevel: null # number of seconds between heartbeats, default 5 pulseSeconds: null # threshold to vacuum and reclaim spaces, default 0.3 (30%) garbageThreshold: null # Prometheus push interval in seconds, default 15 metricsIntervalSec: 15 # replication type is XYZ: # X number of replica in other data centers # Y number of replica in other racks in the same data center # Z number of replica in other servers in the same rack defaultReplication: "000" # Disable http request, only gRpc operations are allowed disableHttp: false config: |- # Enter any extra configuration for master.toml here. # It may be a multi-line string. # You may use ANY storage-class, example with local-path-provisioner # Annotations are optional. # data: # type: "persistentVolumeClaim" # size: "24Ti" # storageClass: "local-path-provisioner" # annotations: # "key": "value" # # You may also spacify an existing claim: # data: # type: "existingClaim" # claimName: "my-pvc" # # You can also use emptyDir storage: # data: # type: "emptyDir" data: type: "hostPath" storageClass: "" hostPathPrefix: /ssd # You can also use emptyDir storage: # logs: # type: "emptyDir" logs: type: "hostPath" size: "" storageClass: "" hostPathPrefix: /storage ## @param master.sidecars Add additional sidecar containers to the master pod(s) ## e.g: ## sidecars: ## - name: your-image-name ## image: your-image ## imagePullPolicy: Always ## ports: ## - name: portname ## containerPort: 1234 ## sidecars: [] initContainers: "" extraVolumes: "" extraVolumeMounts: "" # Labels to be added to the master pods podLabels: {} # Annotations to be added to the master pods podAnnotations: {} ## Set podManagementPolicy podManagementPolicy: Parallel # Resource requests, limits, etc. for the master cluster placement. This # should map directly to the value of the resources field for a PodSpec, # formatted as a multi-line string. By default no direct resource request # is made. resources: {} # updatePartition is used to control a careful rolling update of SeaweedFS # masters. updatePartition: 0 # Affinity Settings # Commenting out or setting as empty the affinity variable, will allow # deployment to single node services such as Minikube affinity: | podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app.kubernetes.io/name: {{ template "seaweedfs.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: master topologyKey: kubernetes.io/hostname # Toleration Settings for master pods # This should be a multi-line string matching the Toleration array # in a PodSpec. tolerations: "" # nodeSelector labels for master pod assignment, formatted as a muli-line string. # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector # Example: nodeSelector: | kubernetes.io/arch: amd64 # nodeSelector: | # sw-backend: "true" # used to assign priority to master pods # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" # used to assign a service account. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ serviceAccountName: "" # Configure security context for Pod # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # podSecurityContext: # enabled: true # runAsUser: 1000 # runAsGroup: 3000 # fsGroup: 2000 podSecurityContext: {} # Configure security context for Container # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # containerSecurityContext: # enabled: true # runAsUser: 2000 # allowPrivilegeEscalation: false containerSecurityContext: {} ingress: enabled: false className: "nginx" # host: false for "*" hostname host: "master.seaweedfs.local" annotations: nginx.ingress.kubernetes.io/auth-type: "basic" nginx.ingress.kubernetes.io/auth-secret: "default/ingress-basic-auth-secret" nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - SW-Master' nginx.ingress.kubernetes.io/service-upstream: "true" nginx.ingress.kubernetes.io/rewrite-target: /$1 nginx.ingress.kubernetes.io/use-regex: "true" nginx.ingress.kubernetes.io/enable-rewrite-log: "true" nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/force-ssl-redirect: "false" nginx.ingress.kubernetes.io/configuration-snippet: | sub_filter '' ' '; #add base url sub_filter '="/' '="./'; #make absolute paths to relative sub_filter '=/' '=./'; sub_filter '/seaweedfsstatic' './seaweedfsstatic'; sub_filter_once off; tls: [] extraEnvironmentVars: WEED_MASTER_VOLUME_GROWTH_COPY_1: '7' WEED_MASTER_VOLUME_GROWTH_COPY_2: '6' WEED_MASTER_VOLUME_GROWTH_COPY_3: '3' WEED_MASTER_VOLUME_GROWTH_COPY_OTHER: '1' # used to configure livenessProbe on master-server containers # livenessProbe: enabled: true httpGet: path: /cluster/status scheme: HTTP initialDelaySeconds: 20 periodSeconds: 30 successThreshold: 1 failureThreshold: 4 timeoutSeconds: 10 # used to configure readinessProbe on master-server containers # readinessProbe: enabled: true httpGet: path: /cluster/status scheme: HTTP initialDelaySeconds: 10 periodSeconds: 45 successThreshold: 2 failureThreshold: 100 timeoutSeconds: 10 volume: enabled: true repository: null imageName: null imageTag: null imageOverride: null restartPolicy: null port: 8080 grpcPort: 18080 metricsPort: 9327 ipBind: "" replicas: 1 loggingOverrideLevel: null # number of seconds between heartbeats, must be smaller than or equal to the master's setting pulseSeconds: null # Choose [memory|leveldb|leveldbMedium|leveldbLarge] mode for memory~performance balance., default memory index: null # limit file size to avoid out of memory, default 256mb fileSizeLimitMB: null # minimum free disk space(in percents). If free disk space lower this value - all volumes marks as ReadOnly minFreeSpacePercent: 7 # For each data disk you may use ANY storage-class, example with local-path-provisioner # Annotations are optional. # dataDirs: # - name: data: # type: "persistentVolumeClaim" # size: "24Ti" # storageClass: "local-path-provisioner" # annotations: # "key": "value" # maxVolumes: 0 # If set to zero on non-windows OS, the limit will be auto configured. (default "7") # # You may also spacify an existing claim: # - name: data # type: "existingClaim" # claimName: "my-pvc" # maxVolumes: 0 # If set to zero on non-windows OS, the limit will be auto configured. (default "7") # # You can also use emptyDir storage: # - name: data # type: "emptyDir" # maxVolumes: 0 # If set to zero on non-windows OS, the limit will be auto configured. (default "7") dataDirs: - name: data1 type: "hostPath" hostPathPrefix: /ssd maxVolumes: 0 # - name: data2 # type: "persistentVolumeClaim" # storageClass: "yourClassNameOfChoice" # size: "800Gi" # maxVolumes: 0 # idx can be defined by: # # idx: # type: "hostPath" # hostPathPrefix: /ssd # # or # # idx: # type: "persistentVolumeClaim" # size: "20Gi" # storageClass: "local-path-provisioner" # # or # # idx: # type: "existingClaim" # claimName: "myClaim" # # or # # idx: # type: "emptyDir" # same applies to "logs" idx: {} logs: {} # limit background compaction or copying speed in mega bytes per second compactionMBps: "50" # Volume server's rack name rack: null # Volume server's data center name dataCenter: null # Redirect moved or non-local volumes. (default proxy) readMode: proxy # Comma separated Ip addresses having write permission. No limit if empty. whiteList: null # Adjust jpg orientation when uploading. imagesFixOrientation: false ## @param volume.sidecars Add additional sidecar containers to the volume pod(s) ## e.g: ## sidecars: ## - name: your-image-name ## image: your-image ## imagePullPolicy: Always ## ports: ## - name: portname ## containerPort: 1234 ## sidecars: [] initContainers: "" extraVolumes: "" extraVolumeMounts: "" # Labels to be added to the volume pods podLabels: {} # Annotations to be added to the volume pods podAnnotations: {} ## Set podManagementPolicy podManagementPolicy: Parallel # Affinity Settings # Commenting out or setting as empty the affinity variable, will allow # deployment to single node services such as Minikube affinity: | podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app.kubernetes.io/name: {{ template "seaweedfs.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: volume topologyKey: kubernetes.io/hostname # Resource requests, limits, etc. for the server cluster placement. This # should map directly to the value of the resources field for a PodSpec, # formatted as a multi-line string. By default no direct resource request # is made. resources: {} # Toleration Settings for server pods # This should be a multi-line string matching the Toleration array # in a PodSpec. tolerations: "" # nodeSelector labels for server pod assignment, formatted as a muli-line string. # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector # Example: nodeSelector: | kubernetes.io/arch: amd64 # nodeSelector: | # sw-volume: "true" # used to assign priority to server pods # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" # used to assign a service account. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ serviceAccountName: "" extraEnvironmentVars: # Configure security context for Pod # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # podSecurityContext: # enabled: true # runAsUser: 1000 # runAsGroup: 3000 # fsGroup: 2000 podSecurityContext: {} # Configure security context for Container # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # containerSecurityContext: # enabled: true # runAsUser: 2000 # allowPrivilegeEscalation: false containerSecurityContext: {} # used to configure livenessProbe on volume-server containers # livenessProbe: enabled: true httpGet: path: /status scheme: HTTP initialDelaySeconds: 20 periodSeconds: 90 successThreshold: 1 failureThreshold: 4 timeoutSeconds: 30 # used to configure readinessProbe on volume-server containers # readinessProbe: enabled: true httpGet: path: /status scheme: HTTP initialDelaySeconds: 15 periodSeconds: 15 successThreshold: 1 failureThreshold: 100 timeoutSeconds: 30 filer: enabled: true repository: null imageName: null imageTag: null imageOverride: null restartPolicy: null replicas: 1 port: 8888 grpcPort: 18888 metricsPort: 9327 loggingOverrideLevel: null filerGroup: "" # replication type is XYZ: # X number of replica in other data centers # Y number of replica in other racks in the same data center # Z number of replica in other servers in the same rack defaultReplicaPlacement: "000" # turn off directory listing disableDirListing: false # split files larger than the limit, default 32 maxMB: null # encrypt data on volume servers encryptVolumeData: false # Whether proxy or redirect to volume server during file GET request redirectOnRead: false # Limit sub dir listing size (default 100000) dirListLimit: 100000 # Disable http request, only gRpc operations are allowed disableHttp: false # DEPRECATE: enablePVC, storage, storageClass # Consider replacing with filer.data section below instead. # Settings for configuring stateful storage of filer pods. # enablePVC will create a pvc for filer for data persistence. enablePVC: false # storage should be set to the disk size of the attached volume. storage: 25Gi # storageClass is the class of storage which defaults to null (the Kube cluster will pick the default). storageClass: null # You may use ANY storage-class, example with local-path-provisioner # Annotations are optional. # data: # type: "persistentVolumeClaim" # size: "24Ti" # storageClass: "local-path-provisioner" # annotations: # "key": "value" # # You may also specify an existing claim: # data: # type: "existingClaim" # claimName: "my-pvc" # # You can also use emptyDir storage: # data: # type: "emptyDir" data: type: "hostPath" size: "" storageClass: "" hostPathPrefix: /storage # You can also use emptyDir storage: # logs: # type: "emptyDir" logs: type: "hostPath" size: "" storageClass: "" hostPathPrefix: /storage ## @param filer.sidecars Add additional sidecar containers to the filer pod(s) ## e.g: ## sidecars: ## - name: your-image-name ## image: your-image ## imagePullPolicy: Always ## ports: ## - name: portname ## containerPort: 1234 ## sidecars: [] initContainers: "" extraVolumes: "" extraVolumeMounts: "" # Labels to be added to the filer pods podLabels: {} # Annotations to be added to the filer pods podAnnotations: {} ## Set podManagementPolicy podManagementPolicy: Parallel # Affinity Settings # Commenting out or setting as empty the affinity variable, will allow # deployment to single node services such as Minikube affinity: | podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app.kubernetes.io/name: {{ template "seaweedfs.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: filer topologyKey: kubernetes.io/hostname # updatePartition is used to control a careful rolling update of SeaweedFS # masters. updatePartition: 0 # Resource requests, limits, etc. for the server cluster placement. This # should map directly to the value of the resources field for a PodSpec, # formatted as a multi-line string. By default no direct resource request # is made. resources: {} # Toleration Settings for server pods # This should be a multi-line string matching the Toleration array # in a PodSpec. tolerations: "" # nodeSelector labels for server pod assignment, formatted as a muli-line string. # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector # Example: nodeSelector: | kubernetes.io/arch: amd64 # nodeSelector: | # sw-backend: "true" # used to assign priority to server pods # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" # used to assign a service account. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ serviceAccountName: "" # Configure security context for Pod # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # podSecurityContext: # enabled: true # runAsUser: 1000 # runAsGroup: 3000 # fsGroup: 2000 podSecurityContext: {} # Configure security context for Container # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # containerSecurityContext: # enabled: true # runAsUser: 2000 # allowPrivilegeEscalation: false containerSecurityContext: {} ingress: enabled: false className: "nginx" # host: false for "*" hostname host: "seaweedfs.cluster.local" annotations: nginx.ingress.kubernetes.io/backend-protocol: GRPC nginx.ingress.kubernetes.io/auth-type: "basic" nginx.ingress.kubernetes.io/auth-secret: "default/ingress-basic-auth-secret" nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - SW-Filer' nginx.ingress.kubernetes.io/service-upstream: "true" nginx.ingress.kubernetes.io/rewrite-target: /$1 nginx.ingress.kubernetes.io/use-regex: "true" nginx.ingress.kubernetes.io/enable-rewrite-log: "true" nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/force-ssl-redirect: "false" nginx.ingress.kubernetes.io/configuration-snippet: | sub_filter '' ' '; #add base url sub_filter '="/' '="./'; #make absolute paths to relative sub_filter '=/' '=./'; sub_filter '/seaweedfsstatic' './seaweedfsstatic'; sub_filter_once off; # extraEnvVars is a list of extra enviroment variables to set with the stateful set. extraEnvironmentVars: WEED_MYSQL_ENABLED: "false" WEED_MYSQL_HOSTNAME: "mysql-db-host" WEED_MYSQL_PORT: "3306" WEED_MYSQL_DATABASE: "sw_database" WEED_MYSQL_CONNECTION_MAX_IDLE: "5" WEED_MYSQL_CONNECTION_MAX_OPEN: "75" # "refresh" connection every 10 minutes, eliminating mysql closing "old" connections WEED_MYSQL_CONNECTION_MAX_LIFETIME_SECONDS: "600" # enable usage of memsql as filer backend WEED_MYSQL_INTERPOLATEPARAMS: "true" # if you want to use leveldb2, then should enable "enablePVC". or you may lose your data. WEED_LEVELDB2_ENABLED: "true" # with http DELETE, by default the filer would check whether a folder is empty. # recursive_delete will delete all sub folders and files, similar to "rm -Rf" WEED_FILER_OPTIONS_RECURSIVE_DELETE: "false" # directories under this folder will be automatically creating a separate bucket WEED_FILER_BUCKETS_FOLDER: "/buckets" # used to configure livenessProbe on filer containers # livenessProbe: enabled: true httpGet: path: / scheme: HTTP initialDelaySeconds: 20 periodSeconds: 30 successThreshold: 1 failureThreshold: 5 timeoutSeconds: 10 # used to configure readinessProbe on filer containers # readinessProbe: enabled: true httpGet: path: / scheme: HTTP initialDelaySeconds: 10 periodSeconds: 15 successThreshold: 1 failureThreshold: 100 timeoutSeconds: 10 # secret env variables secretExtraEnvironmentVars: {} # WEED_POSTGRES_USERNAME: # secretKeyRef: # name: postgres-credentials # key: username # WEED_POSTGRES_PASSWORD: # secretKeyRef: # name: postgres-credentials # key: password s3: enabled: false port: 8333 # add additional https port httpsPort: 0 # allow empty folders allowEmptyFolder: false # Suffix of the host name, {bucket}.{domainName} domainName: "" # enable user & permission to s3 (need to inject to all services) enableAuth: false # set to the name of an existing kubernetes Secret with the s3 json config file # should have a secret key called seaweedfs_s3_config with an inline json configure existingConfigSecret: null auditLogConfig: {} # You may specify buckets to be created during the install process. # Buckets may be exposed publicly by setting `anonymousRead` to `true` # createBuckets: # - name: bucket-a # anonymousRead: true # - name: bucket-b # anonymousRead: false s3: enabled: false repository: null imageName: null imageTag: null restartPolicy: null replicas: 1 bindAddress: port: 8333 # add additional https port httpsPort: 0 metricsPort: 9327 loggingOverrideLevel: null # allow empty folders allowEmptyFolder: true # enable user & permission to s3 (need to inject to all services) enableAuth: false # set to the name of an existing kubernetes Secret with the s3 json config file # should have a secret key called seaweedfs_s3_config with an inline json config existingConfigSecret: null auditLogConfig: {} # Suffix of the host name, {bucket}.{domainName} domainName: "" ## @param s3.sidecars Add additional sidecar containers to the s3 pod(s) ## e.g: ## sidecars: ## - name: your-image-name ## image: your-image ## imagePullPolicy: Always ## ports: ## - name: portname ## containerPort: 1234 ## sidecars: [] initContainers: "" extraVolumes: "" extraVolumeMounts: "" # Labels to be added to the s3 pods podLabels: {} # Annotations to be added to the s3 pods podAnnotations: {} # Resource requests, limits, etc. for the server cluster placement. This # should map directly to the value of the resources field for a PodSpec, # formatted as a multi-line string. By default no direct resource request # is made. resources: {} # Toleration Settings for server pods # This should be a multi-line string matching the Toleration array # in a PodSpec. tolerations: "" # nodeSelector labels for server pod assignment, formatted as a muli-line string. # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector # Example: nodeSelector: | kubernetes.io/arch: amd64 # nodeSelector: | # sw-backend: "true" # used to assign priority to server pods # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" # used to assign a service account. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ serviceAccountName: "" # Configure security context for Pod # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # podSecurityContext: # enabled: true # runAsUser: 1000 # runAsGroup: 3000 # fsGroup: 2000 podSecurityContext: {} # Configure security context for Container # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ # Example: # containerSecurityContext: # enabled: true # runAsUser: 2000 # allowPrivilegeEscalation: false containerSecurityContext: {} # You can also use emptyDir storage: # logs: # type: "emptyDir" logs: type: "hostPath" size: "" storageClass: "" hostPathPrefix: /storage extraEnvironmentVars: # used to configure livenessProbe on s3 containers # livenessProbe: enabled: true httpGet: path: /status scheme: HTTP initialDelaySeconds: 20 periodSeconds: 60 successThreshold: 1 failureThreshold: 20 timeoutSeconds: 10 # used to configure readinessProbe on s3 containers # readinessProbe: enabled: true httpGet: path: /status scheme: HTTP initialDelaySeconds: 15 periodSeconds: 15 successThreshold: 1 failureThreshold: 100 timeoutSeconds: 10 ingress: enabled: false className: "nginx" # host: false for "*" hostname host: "seaweedfs.cluster.local" # additional ingress annotations for the s3 endpoint annotations: {} tls: [] certificates: commonName: "SeaweedFS CA" ipAddresses: [] keyAlgorithm: rsa keySize: 2048 duration: 2160h # 90d renewBefore: 360h # 15d externalCertificates: # This will avoid the need to use cert-manager and will rely on providing your own external certificates and CA # you will need to store your provided certificates in the secret read by the different services: # seaweedfs-master-cert, seaweedfs-filer-cert, etc. Can see any statefulset definition to see secret names enabled: false # Labels to be added to all the created pods podLabels: {} # Annotations to be added to all the created pods podAnnotations: {}