nameOverride: gateway global: domainName: apilab.us defaultRegistry: docker.repository.axway.com/apigateway-docker-prod/7.7 imagePullPolicy: Always imagePullSecrets: - name: regcred storage: provisioningType: "dynamic" storageClassName: "nfs" volumes: - name: events enabled: true usedBy: - anm - apimgr - traffic accessModes: - ReadWriteMany capacity: 1Gi volumeName: apim-events storageClassName: nfs-csi - name: payloads enabled: true usedBy: - traffic storageClassName: nfs-csi accessModes: - ReadWriteOnce capacity: 16Gi volumeName: apim-payloads - name: audit enabled: true usedBy: - anm - apimgr - traffic storageClassName: nfs-csi accessModes: - ReadWriteMany capacity: 1Gi volumeName: apim-audit - name: anm-external-config enabled: true usedBy: - anm accessModes: - ReadWriteOnce capacity: 8Mi - name: apimgr-external-config enabled: true usedBy: - apimgr accessModes: - ReadWriteOnce capacity: 8Mi - name: apitraffic-external-config enabled: true usedBy: - traffic accessModes: - ReadWriteOnce capacity: 8Mi - name: aga-external-config enabled: true usedBy: - traffic accessModes: - ReadWriteOnce capacity: 8Mi - name: opentraffic enabled: true usedBy: - traffic - anm - apimgr storageClassName: nfs-csi accessModes: - ReadWriteOnce capacity: 8Gi volumeName: apim-opentraffic initContainers: securityContext: # runAsNonRoot: true database: host: mariadb-internal.openshift-operators.svc.cluster.local databaseName: metrics metrics: enabled: true username: "metrics" password: "Fc8^b3*7V6gKumOX" sslMode: "NONE" url: jdbc:mysql://{{ .Values.global.database.host }}:{{ .Values.global.database.port }}/{{ .Values.global.database.metrics.databaseName }}?useSSL={{ default false .Values.global.database.metrics.useSSL }} cassandra: enabled: true hosts: - variable: CASS_HOST hostname: cassandra-dc1-service.cassandra.svc.cluster.local username: cassandra password: cassandra keyspace: ks tkeyspace: tks anm: image: repository: "admin-nodemanager" tag: "7.7.0.20250830-3-BN0276-ubi9" generalConditions: accept: "yes" resources: limits: memory: "2048Mi" #cpu: "1000m" requests: memory: "1Gi" cpu: "250m" securityContext: #runAsNonRoot: true route: enabled: true targetPort: "{{ .Values.anm.service.ports.traffic.port }}" host: apimgr.apilab.us annotations: cert-manager.io/issuer-kind: ClusterIssuer cert-manager.io/issuer-name: letsencrypt-dns01-cloudflare kubernetes.io/tls-acme: "true" tls: termination: reencrypt insecureEdgeTerminationPolicy: Redirect key: destinationCACertificate: | -----BEGIN CERTIFICATE----- MIIC0jCCAbqgAwIBAgIGAZnKuRjxMA0GCSqGSIb3DQEBCwUAMBgxFjAUBgNVBAMM DURlZmF1bHREb21haW4wIBcNMjUxMDAyMjA0NTUyWhgPMjEyNTA5MTUyMDQ1NTJa MBgxFjAUBgNVBAMMDURlZmF1bHREb21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlpLz2niUTMnLxf0n0EHRmXOYJahhKsCvyq6mUHwyQKgG893RB KwY7tfoHDAsx8WAF1UFLKAXgBDlo2wXrKC0xCEZknM5UfzCHDz7ajGG0CEFPtWXw Z1/0Q0t9Zjc+VKP5oVM/X7kM7mPVFabbCJ6hieAUadguKTtd19CIECu9my41xcYS cj3Bd7LAIW1DepniK/mnRfzOGWYdzv5iiWo6aR8I3ZAvLXB8BgpAd2ym927kFG8f C6xR8xLnSaXdZ7QMDi3zO2TN7AxdKYPi/5Yh7UHm0RqSa9gbuIbQq/Pxb7QZHzWP U4Y44TX0BNUTkDB2Gv9Yu+rtghdEgPbwp+CxAgMBAAGjIDAeMA8GA1UdEwQIMAYB Af8CAQAwCwYDVR0PBAQDAgK8MA0GCSqGSIb3DQEBCwUAA4IBAQCljlVdbRf/cQh+ pXH8hJiImTWU7xZTDm8PnOEk6h6ORrrqNh42vF1lugwgV13itO24vtleurB6tw95 9YeypwTPfWdFdKiKcDbQ6JZy+dnEfIp4vtgN4bHtKGqkOtigpZiZA/IJ2Xwi/YGB QPLg6MGWm+eyvBvIIXRI3LT59UZ2PPtzCs9FehbzNCJ4sxyzSQKrszatar/bD4SO kNjZ+33KD6PJ3EnzTUAR4D7BRdcnRXQNR/1EwqF3uOoL7MBJFxna9tjeTPvyZ9Zl TmWZ1GKi2rAtXyJiFXDbBJg5gfUngMENldHGxCSyFvIbtivefw6nZiCHMaiAuV5a 2XdVfapG -----END CERTIFICATE----- caCertificate: certificate: service: type: ClusterIP ports: traffic: port: 8090 protocol: TCP ui: port: 8091 protocol: TCP extraVolumeMounts: - name: anm-external-config mountPath: /merge - name: events mountPath: /opt/Axway/apigateway/events - name: audit mountPath: /opt/Axway/apigateway/logs extraVolumes: - persistentVolumeClaim: claimName: anm-external-config name: anm-external-config - persistentVolumeClaim: claimName: events name: events - persistentVolumeClaim: claimName: audit name: audit extraEnvVars: - name: EMT_DEPLOYMENT_ENABLED value: "true" #- name: ACCEPT_GENERAL_CONDITIONS # value: "yes" #- name: APIGW_LOG_OPENTRAFFIC_OUTPUT # value: "file" - name: API_BUILDER_URL value: "https://axway-elk-apim4elastic-apibuilder4elastic.apim4elastic:8443" apimgr: name: apimgr image: repository: "gateway" tag: "7.7.0.20250830-3-BN0276-ubi9" generalConditions: accept: "yes" groupId: Group1 resources: limits: memory: "2Gi" #cpu: 2 requests: memory: "0.5Gi" cpu: 0.5 securityContext: # runAsNonRoot: true route: enabled: true annotations: cert-manager.io/issuer-kind: ClusterIssuer cert-manager.io/issuer-name: letsencrypt-dns01-cloudflare kubernetes.io/tls-acme: "true" tls: termination: reencrypt insecureEdgeTerminationPolicy: Redirect key: certificate: destinationCACertificate: | -----BEGIN CERTIFICATE----- MIICwzCCAasCBgE6HBsdpzANBgkqhkiG9w0BAQUFADAlMSMwIQYDVQQDExpDaGFu Z2UgdGhpcyBmb3IgcHJvZHVjdGlvbjAeFw0xMjEwMDExMTMyMDBaFw0zNzEwMDEx MTMyMDBaMCUxIzAhBgNVBAMTGkNoYW5nZSB0aGlzIGZvciBwcm9kdWN0aW9uMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2I2+GHcXXzwyjqMP6E4shjx fpAfgqbCY/nF5oTq0SkcRKvsdJzuLbmufkqx1rQqxwF/aZnbZppcVtR4TAhExmo2 NnV7WjSwdd+EynQJrkWlsuK1UQ3JHMo5iAAEQ11xoMBIsUwfg5HYKCELmjnWetwh m5aUJ9Gq45v9kzeZki2oCoVe5LQfVVHEYssr+SfVrhi6+OffeefgCRse6vv5T4zl h4xXKDNUsBxYYB3Vg97tDcdgpfx8BudpBx+1ITk9Dazu8eegXN5KdRqJGgM5LSRI WjK+OumR1a2ReUcXlglWTVfsG43UUUby2bql3E3uc7XpxzQaPpt4aDqfOYMUxwID AQABMA0GCSqGSIb3DQEBBQUAA4IBAQAl+yHca9jCZ/zVgtITGWGKQiNb8UqFJE+Q xmLt+j2lEWpG3Fd1M40faRrDujbk8WvG4Iz/NamlvvkbpbMSRY67lPpjsZOKlezT TE2YQTtyuFT7QQTYHYPZWK4Dg8QisMI5vHnrzsPc9ZAHm+IZrxbuVXsZQoU7qyaM dG27WWVa6vJ4nXjuMO6sOtl+UnEXpn3vCpNzkkbJW2LvFCs0Ymnx7Wet3inskOKg //AGuv+m3rD/Byphd8Iblt3jSNDwMcG+Yhpi/Wd50iMFFkTnrkEmosvqWL5j6N7e JZszgdL7Zz9ztASutzU4a0YFpv111NxpBdNpphOVED85IbRHxTjL -----END CERTIFICATE----- extraVolumeMounts: - name: events mountPath: /opt/Axway/apigateway/events - name: apimgr-external-config mountPath: /merge - name: opentraffic mountPath: /opt/Axway/apigateway/logs/opentraffic - name: audit mountPath: /opt/Axway/apigateway/logs/transaction extraVolumes: - persistentVolumeClaim: claimName: events name: events - persistentVolumeClaim: claimName: apimgr-external-config name: apimgr-external-config - persistentVolumeClaim: claimName: opentraffic name: opentraffic - persistentVolumeClaim: claimName: audit name: audit extraEnvVars: - name: EMT_HEALTHCHECK_PORT value: "8065" - name: EMT_HEALTHCHECK_PATH value: /healthcheck - name: GW_DIR value: /opt/Axway/apigateway - name: GW_TRACE_DIR value: /opt/Axway/apigateway/groups/topologylinks/emt-group-emt-service/trace - name: EMT_TOPOLOGY_TTL value: "10" - name: EMT_DEPLOYMENT_ENABLED value: "true" #- name: ACCEPT_GENERAL_CONDITIONS # value: "yes" #- name: APIGW_LOG_OPENTRAFFIC_OUTPUT # value: "file" license: license.lic: | FIPS=1 SalesForce Connector=1 ServiceNow Connector=1 analytics=1 api_visual_mapper=1 apiportal=1 company=Axway deployment_type=docker expires=Wed, 31 Dec 2025 18:59:06 GMT license_id=TEMP mcafee=1 name=Axway sdkgenerator=1 unrestricted=1 version=7.7 # SIGNATURE: e356dd65a0cd82e79f1a067dbdcddbd1f4fce555f5f8e8fd014e90f65a150850 # SIGNATURE: a9c0bed3afe63798207753f95992e866762d2695bc0597fe16ebd49dadee2d31 # SIGNATURE: 37852420fe99d73ab948753ddabfaf45fd2c4a9fb0ee11bd0f28fd275b8efd9c # SIGNATURE: 84e57da2168781571972694ffe1d0a5394f41f64ef1a7a369cc43627d58e516d # SIGNATURE: 75dc4d824cb5c1efd2d35d4ab41a2885e15da53eaccf38174934456d02a7dd92 # SIGNATURE: 20a605222c908f45736192cd274c33a615426369909de31d572956cdaf8e897f # SIGNATURE: c102bed009eb1fdd8aa9de2d0679072d95231c0c90e2f2e0dbaedcb4cd7962f6 # SIGNATURE: 9fa95af055e9854d8a5aefd928b53498bdc8272efb32542daa26e9e59c2a2d09 apitraffic: image: repository: "gateway" tag: "7.7.0.20250830-3-BN0276-ubi9" generalConditions: accept: "yes" groupId: Group1 resources: limits: memory: "2Gi" # cpu: 2 requests: memory: "0.5Gi" cpu: 0.5 autoscaling: enabled: false minReplicas: 2 maxReplicas: 6 targetCPUUtilizationPercentage: 80 replicaCount: 1 securityContext: #runAsNonRoot: true oauth: enabled: true type: ClusterIP port: 8089 protocol: TCP route: enabled: true annotations: cert-manager.io/issuer-kind: ClusterIssuer cert-manager.io/issuer-name: letsencrypt-dns01-cloudflare kubernetes.io/tls-acme: "true" tls: termination: reencrypt insecureEdgeTerminationPolicy: Redirect key: certificate: destinationCACertificate: | -----BEGIN CERTIFICATE----- MIICwzCCAasCBgE6HBsdpzANBgkqhkiG9w0BAQUFADAlMSMwIQYDVQQDExpDaGFu Z2UgdGhpcyBmb3IgcHJvZHVjdGlvbjAeFw0xMjEwMDExMTMyMDBaFw0zNzEwMDEx MTMyMDBaMCUxIzAhBgNVBAMTGkNoYW5nZSB0aGlzIGZvciBwcm9kdWN0aW9uMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2I2+GHcXXzwyjqMP6E4shjx fpAfgqbCY/nF5oTq0SkcRKvsdJzuLbmufkqx1rQqxwF/aZnbZppcVtR4TAhExmo2 NnV7WjSwdd+EynQJrkWlsuK1UQ3JHMo5iAAEQ11xoMBIsUwfg5HYKCELmjnWetwh m5aUJ9Gq45v9kzeZki2oCoVe5LQfVVHEYssr+SfVrhi6+OffeefgCRse6vv5T4zl h4xXKDNUsBxYYB3Vg97tDcdgpfx8BudpBx+1ITk9Dazu8eegXN5KdRqJGgM5LSRI WjK+OumR1a2ReUcXlglWTVfsG43UUUby2bql3E3uc7XpxzQaPpt4aDqfOYMUxwID AQABMA0GCSqGSIb3DQEBBQUAA4IBAQAl+yHca9jCZ/zVgtITGWGKQiNb8UqFJE+Q xmLt+j2lEWpG3Fd1M40faRrDujbk8WvG4Iz/NamlvvkbpbMSRY67lPpjsZOKlezT TE2YQTtyuFT7QQTYHYPZWK4Dg8QisMI5vHnrzsPc9ZAHm+IZrxbuVXsZQoU7qyaM dG27WWVa6vJ4nXjuMO6sOtl+UnEXpn3vCpNzkkbJW2LvFCs0Ymnx7Wet3inskOKg //AGuv+m3rD/Byphd8Iblt3jSNDwMcG+Yhpi/Wd50iMFFkTnrkEmosvqWL5j6N7e JZszgdL7Zz9ztASutzU4a0YFpv111NxpBdNpphOVED85IbRHxTjL -----END CERTIFICATE----- route: enabled: true annotations: cert-manager.io/issuer-kind: ClusterIssuer cert-manager.io/issuer-name: letsencrypt-dns01-cloudflare kubernetes.io/tls-acme: "true" tls: termination: reencrypt insecureEdgeTerminationPolicy: Redirect key: destinationCACertificate: | -----BEGIN CERTIFICATE----- MIICwzCCAasCBgE6HBsdpzANBgkqhkiG9w0BAQUFADAlMSMwIQYDVQQDExpDaGFu Z2UgdGhpcyBmb3IgcHJvZHVjdGlvbjAeFw0xMjEwMDExMTMyMDBaFw0zNzEwMDEx MTMyMDBaMCUxIzAhBgNVBAMTGkNoYW5nZSB0aGlzIGZvciBwcm9kdWN0aW9uMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2I2+GHcXXzwyjqMP6E4shjx fpAfgqbCY/nF5oTq0SkcRKvsdJzuLbmufkqx1rQqxwF/aZnbZppcVtR4TAhExmo2 NnV7WjSwdd+EynQJrkWlsuK1UQ3JHMo5iAAEQ11xoMBIsUwfg5HYKCELmjnWetwh m5aUJ9Gq45v9kzeZki2oCoVe5LQfVVHEYssr+SfVrhi6+OffeefgCRse6vv5T4zl h4xXKDNUsBxYYB3Vg97tDcdgpfx8BudpBx+1ITk9Dazu8eegXN5KdRqJGgM5LSRI WjK+OumR1a2ReUcXlglWTVfsG43UUUby2bql3E3uc7XpxzQaPpt4aDqfOYMUxwID AQABMA0GCSqGSIb3DQEBBQUAA4IBAQAl+yHca9jCZ/zVgtITGWGKQiNb8UqFJE+Q xmLt+j2lEWpG3Fd1M40faRrDujbk8WvG4Iz/NamlvvkbpbMSRY67lPpjsZOKlezT TE2YQTtyuFT7QQTYHYPZWK4Dg8QisMI5vHnrzsPc9ZAHm+IZrxbuVXsZQoU7qyaM dG27WWVa6vJ4nXjuMO6sOtl+UnEXpn3vCpNzkkbJW2LvFCs0Ymnx7Wet3inskOKg //AGuv+m3rD/Byphd8Iblt3jSNDwMcG+Yhpi/Wd50iMFFkTnrkEmosvqWL5j6N7e JZszgdL7Zz9ztASutzU4a0YFpv111NxpBdNpphOVED85IbRHxTjL -----END CERTIFICATE----- caCertificate: certificate: # ingress: # enabled: false # className: "openshift-default" # annotations: # nginx.ingress.kubernetes.io/backend-protocol: HTTPS # nginx.ingress.kubernetes.io/ssl-passthrough: "true" # nginx.ingress.kubernetes.io/ssl-redirect: "true" # nginx.ingress.kubernetes.io/secure-backends: "true" # nginx.ingress.kubernetes.io/ingress.class: "nginx" # kubernetes.io/tls-acme: "true" # cert-manager.io/cluster-issuer: "letsencrypt-dns01-cloudflare" # hosts: # - host: apitraffic.apilab.us # paths: # - path: / # pathType: ImplementationSpecific # tls: # - secretName: apitraffic-tls # hosts: # - apitraffic.apilab.us service: type: LoadBalancer port: 8065 extraVolumeMounts: - name: events mountPath: /opt/Axway/apigateway/events - name: apitraffic-external-config mountPath: /merge - name: opentraffic mountPath: /opt/Axway/apigateway/logs/opentraffic - name: payloads mountPath: /opt/Axway/apigateway/logs/payloads - name: audit mountPath: /opt/Axway/apigateway/logs/transaction extraVolumes: - persistentVolumeClaim: claimName: events name: events - persistentVolumeClaim: claimName: apitraffic-external-config name: apitraffic-external-config - persistentVolumeClaim: claimName: payloads name: payloads - persistentVolumeClaim: claimName: opentraffic name: opentraffic - persistentVolumeClaim: claimName: audit name: audit extraEnvVars: - name: EMT_HEALTHCHECK_PORT value: "8065" - name: EMT_HEALTHCHECK_PATH value: /healthcheck - name: GW_DIR value: /opt/Axway/apigateway - name: GW_TRACE_DIR value: /opt/Axway/apigateway/groups/topologylinks/emt-group-emt-service/trace - name: EMT_TOPOLOGY_TTL value: "10" #- name: APIGW_LOG_OPENTRAFFIC_OUTPUT # value: "file" - name: EMT_DEPLOYMENT_ENABLED value: "true" - name: ENV_SECRET_EXAMPLE valueFrom: secretKeyRef: name: apim-gateway-cassandra key: username #- name: ACCEPT_GENERAL_CONDITIONS # value: "yes" license: license.lic: | FIPS=1 SalesForce Connector=1 ServiceNow Connector=1 analytics=1 api_visual_mapper=1 apiportal=1 company=Axway deployment_type=docker expires=Wed, 31 Dec 2025 18:59:06 GMT license_id=TEMP mcafee=1 name=Axway sdkgenerator=1 unrestricted=1 version=7.7 # SIGNATURE: e356dd65a0cd82e79f1a067dbdcddbd1f4fce555f5f8e8fd014e90f65a150850 # SIGNATURE: a9c0bed3afe63798207753f95992e866762d2695bc0597fe16ebd49dadee2d31 # SIGNATURE: 37852420fe99d73ab948753ddabfaf45fd2c4a9fb0ee11bd0f28fd275b8efd9c # SIGNATURE: 84e57da2168781571972694ffe1d0a5394f41f64ef1a7a369cc43627d58e516d # SIGNATURE: 75dc4d824cb5c1efd2d35d4ab41a2885e15da53eaccf38174934456d02a7dd92 # SIGNATURE: 20a605222c908f45736192cd274c33a615426369909de31d572956cdaf8e897f # SIGNATURE: c102bed009eb1fdd8aa9de2d0679072d95231c0c90e2f2e0dbaedcb4cd7962f6 # SIGNATURE: 9fa95af055e9854d8a5aefd928b53498bdc8272efb32542daa26e9e59c2a2d09 apiportal: enabled: false replicaCount: 1 image: # an image reference is specified by registry/repository:tag, # for instance registry=docker.io, repository=library/alpine, tag=3.15 # if registry is left empty, global.defaultRegistry will be used registry: docker.repository.axway.com/apiportal-docker-prod/7.7 repository: "apiportal" tag: "7.7.0.20250830-3-BN0276-ubi9" generalConditions: accept: "yes" serviceAccount: # Specifies whether a service account should be created create: true # Annotations to add to the service account annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" service: type: ClusterIP ports: # target: # port: 8443 # https: # port: 8443 # protocol: TCP http: port: 8080 protocol: TCP force: port: 8080 protocol: TCP # OpenShift configuration route: enabled: false annotations: cert-manager.io/issuer-kind: ClusterIssuer cert-manager.io/issuer-name: letsencrypt-dns01-cloudflare #ingress: # enabled: true # className: "openshift-default" #annotations: # nginx.ingress.kubernetes.io/ssl-passthrough: "true" # nginx.ingress.kubernetes.io/ssl-redirect: "true" # nginx.ingress.kubernetes.io/secure-backends: "true" # nginx.ingress.kubernetes.io/ingress.class: "nginx" # kubernetes.io/tls-acme: "true" # cert-manager.io/cluster-issuer: "letsencrypt-dns01-cloudflare" #hosts: # - host: portal.apilab.us # paths: # - path: / # pathType: ImplementationSpecific #tls: # - secretName: apiportal-tls # hosts: # - portal.apilab.us apiManager: configured: 1 name: Main host: "apimgr.apilab.us" port: 443 # database settings for API Portal, also check the instance settings in global section mysql: enabled: false # if the credentials are already available in a secret, set existingSecret existingSecret: {} # name: "mysql-credentials" # keyMapping: # password: password # username: root # else, set username and password, this will create a new secret username: "root" password: "password" # if it doesn't exist, a database with this name will be created by the app databaseName: "portal" sslOn: 0 sslVerifyCert: 0 redis: enabled: false host: "" port: 6379 cacheTimeout: 600 apache: sslOn: 0 extraEnvVars: [] # podSecurityContext: # runAsUser: 1048 # runAsGroup: 1048 # fsGroup: 1048 securityContext: allowPrivilegeEscalation: false #runAsNonRoot: true aga: enabled: false license: license.lic: | FIPS=1 SalesForce Connector=1 ServiceNow Connector=1 analytics=1 api_visual_mapper=1 apiportal=1 company=Axway deployment_type=docker expires=Wed, 31 Dec 2025 18:59:06 GMT license_id=TEMP mcafee=1 name=Axway sdkgenerator=1 unrestricted=1 version=7.7 # SIGNATURE: e356dd65a0cd82e79f1a067dbdcddbd1f4fce555f5f8e8fd014e90f65a150850 # SIGNATURE: a9c0bed3afe63798207753f95992e866762d2695bc0597fe16ebd49dadee2d31 # SIGNATURE: 37852420fe99d73ab948753ddabfaf45fd2c4a9fb0ee11bd0f28fd275b8efd9c # SIGNATURE: 84e57da2168781571972694ffe1d0a5394f41f64ef1a7a369cc43627d58e516d # SIGNATURE: 75dc4d824cb5c1efd2d35d4ab41a2885e15da53eaccf38174934456d02a7dd92 # SIGNATURE: 20a605222c908f45736192cd274c33a615426369909de31d572956cdaf8e897f # SIGNATURE: c102bed009eb1fdd8aa9de2d0679072d95231c0c90e2f2e0dbaedcb4cd7962f6 # SIGNATURE: 9fa95af055e9854d8a5aefd928b53498bdc8272efb32542daa26e9e59c2a2d09 replicaCount: 1 image: # an image reference is specified by registry/repository:tag, # for instance registry=docker.io, repository=library/alpine, tag=3.15 # if registry is left empty, global.defaultRegistry will be used repository: "analytics" tag: "7.7.0.20250830-3-BN0276-ubi9" # Overrides the image tag whose default is the chart appVersion. generalConditions: accept: "yes" serviceAccount: # Specifies whether a service account should be created create: true # Annotations to add to the service account annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" extraEnvVars: {} # - name: ACCEPT_GENERAL_CONDITIONS # value: "yes" podAnnotations: {} podSecurityContext: {} securityContext: allowPrivilegeEscalation: false #NOTE readOnlyRootFilesystem should be left to false # readOnlyRootFilesystem: false #runAsNonRoot: true service: type: ClusterIP ports: ui: port: 8040 protocol: TCP #ingress: # enabled: true #className: "openshift-default" #annotations: # nginx.ingress.kubernetes.io/backend-protocol: HTTPS #nginx.ingress.kubernetes.io/ssl-passthrough: "true" #nginx.ingress.kubernetes.io/ssl-redirect: "true" #nginx.ingress.kubernetes.io/secure-backends: "true" #nginx.ingress.kubernetes.io/ingress.class: "nginx" #kubernetes.io/tls-acme: "true" #cert-manager.io/cluster-issuer: "letsencrypt-dns01-cloudflare" # kubernetes.io/i:ngress.class: nginx #kubernetes.io/tls-acme: "true" #hosts: # - host: analytics.apilab.us # paths: # - path: / # pathType: ImplementationSpecific #tls: # - secretName: analytics-tls # hosts: # - analytics.apilab.us # OpenShift configuration route: enabled: false annotations: cert-manager.io/issuer-kind: ClusterIssuer cert-manager.io/issuer-name: letsencrypt-dns01-cloudflare # targetPort: "{{ .Values.aga.ports.ui.port }}" ## More information: https://docs.openshift.com/container-platform/4.9/networking/routes/secured-routes.html tls: enabled: true termination: edge # insecureEdgeTerminationPolicy: Redirect # key: # caCertificate: # certificate: # destinationCACertificate: # ref: https://kubernetes.io/docs/user-guide/compute-resources/ resources: {} # limits: # memory: "2048Mi" # cpu: "1000m" # requests: # memory: "1Gi" # cpu: "250m" autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 #targetMemoryUtilizationPercentage: 80 nodeSelector: {} tolerations: [] affinity: {} livenessProbe: httpGet: httpHeaders: - name: k8sprobe value: liveness.apimgr path: /healthcheck port: 8040 scheme: HTTPS initialDelaySeconds: 40 periodSeconds: 30 failureThreshold: 5 readinessProbe: httpGet: httpHeaders: - name: k8sprobe value: readiness.apimgr path: /healthcheck port: 8040 scheme: HTTPS initialDelaySeconds: 30 periodSeconds: 10 failureThreshold: 6