1 # Copyright VMware, Inc.
2 # SPDX-License-Identifier: APACHE-2.0
4 ## @section Global parameters
5 ## Global Docker image parameters
6 ## Please, note that this will override the image parameters, including dependencies, configured to use the global value
7 ## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
10 ## @param global.imageRegistry Global Docker image registry
11 ## @param global.imagePullSecrets Global Docker registry secret names as an array
12 ## @param global.storageClass Global StorageClass for Persistent Volume(s)
13 ## @param global.namespaceOverride Override the namespace for resource deployed by the chart, but can itself be overridden by the local namespaceOverride
19 ## - myRegistryKeySecretName
24 ## @section Common parameters
27 ## @param nameOverride String to partially override mongodb.fullname template (will maintain the release name)
30 ## @param fullnameOverride String to fully override mongodb.fullname template
33 ## @param namespaceOverride String to fully override common.names.namespace
36 ## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set)
39 ## @param clusterDomain Default Kubernetes cluster domain
41 clusterDomain: cluster.local
42 ## @param extraDeploy Array of extra objects to deploy with the release
44 ## This needs to be uncommented and added to 'extraDeploy' in order to use the replicaset 'mongo-labeler' sidecar
45 ## for dynamically discovering the mongodb primary pod
46 ## suggestion is to use a hard-coded and predictable TCP port for the primary mongodb pod (here is 30001, choose your own)
50 ## name: mongodb-primary
51 ## namespace: the-mongodb-namespace
53 ## app.kubernetes.io/component: mongodb
54 ## app.kubernetes.io/instance: mongodb
55 ## app.kubernetes.io/managed-by: Helm
56 ## app.kubernetes.io/name: mongodb
59 ## externalTrafficPolicy: Cluster
65 ## targetPort: mongodb
67 ## app.kubernetes.io/component: mongodb
68 ## app.kubernetes.io/instance: mongodb
69 ## app.kubernetes.io/name: mongodb
73 ## @param commonLabels Add labels to all the deployed resources (sub-charts are not considered). Evaluated as a template
76 ## @param commonAnnotations Common annotations to add to all Mongo resources (sub-charts are not considered). Evaluated as a template
79 ## @param topologyKey Override common lib default topology key. If empty - "kubernetes.io/hostname" is used
80 ## i.e. topologyKey: topology.kubernetes.io/zone
83 ## @param serviceBindings.enabled Create secret for service binding (Experimental)
84 ## Ref: https://servicebinding.io/service-provider/
88 ## @param enableServiceLinks Whether information about services should be injected into pod's environment variable
89 ## The environment variables injected by service links are not used, but can lead to slow boot times or slow running of the scripts when there are many services in the current namespace.
90 ## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`.
92 enableServiceLinks: true
93 ## Enable diagnostic mode in the deployment
96 ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
99 ## @param diagnosticMode.command Command to override all containers in the deployment
103 ## @param diagnosticMode.args Args to override all containers in the deployment
107 ## @section MongoDB(®) parameters
110 ## Bitnami MongoDB(®) image
111 ## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
112 ## @param image.registry [default: REGISTRY_NAME] MongoDB(®) image registry
113 ## @param image.repository [default: REPOSITORY_NAME/mongodb] MongoDB(®) image registry
114 ## @skip image.tag MongoDB(®) image tag (immutable tags are recommended)
115 ## @param image.digest MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
116 ## @param image.pullPolicy MongoDB(®) image pull policy
117 ## @param image.pullSecrets Specify docker-registry secret names as an array
118 ## @param image.debug Set to true if you would like to see extra information on logs
122 repository: bitnami/mongodb
123 tag: 7.0.5-debian-12-r5
125 ## Specify a imagePullPolicy
126 ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
128 pullPolicy: IfNotPresent
129 ## Optionally specify an array of imagePullSecrets.
130 ## Secrets must be manually created in the namespace.
131 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
134 ## - myRegistryKeySecretName
137 ## Set to true if you would like to see extra information on logs
140 ## @param schedulerName Name of the scheduler (other than default) to dispatch pods
141 ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
144 ## @param architecture MongoDB(®) architecture (`standalone` or `replicaset`)
146 architecture: standalone
147 ## @param useStatefulSet Set to true to use a StatefulSet instead of a Deployment (only when `architecture=standalone`)
149 useStatefulSet: false
150 ## MongoDB(®) Authentication parameters
153 ## @param auth.enabled Enable authentication
154 ## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
157 ## @param auth.rootUser MongoDB(®) root user
160 ## @param auth.rootPassword MongoDB(®) root password
161 ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#setting-the-root-user-and-password-on-first-run
164 ## MongoDB(®) custom users and databases
165 ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#creating-a-user-and-database-on-first-run
166 ## @param auth.usernames List of custom users to be created during the initialization
167 ## @param auth.passwords List of passwords for the custom users set at `auth.usernames`
168 ## @param auth.databases List of custom databases to be created during the initialization
173 ## @param auth.username DEPRECATED: use `auth.usernames` instead
174 ## @param auth.password DEPRECATED: use `auth.passwords` instead
175 ## @param auth.database DEPRECATED: use `auth.databases` instead
180 ## @param auth.replicaSetKey Key used for authentication in the replicaset (only when `architecture=replicaset`)
183 ## @param auth.existingSecret Existing secret with MongoDB(®) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, `mongodb-replica-set-key`)
184 ## NOTE: When it's set the previous parameters are ignored.
188 ## @param tls.enabled Enable MongoDB(®) TLS support between nodes in the cluster as well as between mongo clients and nodes
192 ## @param tls.mTLS.enabled IF TLS support is enabled, require clients to provide certificates
194 ## @param tls.autoGenerated Generate a custom CA and self-signed certificates
197 ## @param tls.existingSecret Existing secret with TLS certificates (keys: `mongodb-ca-cert`, `mongodb-ca-key`)
198 ## NOTE: When it's set it will disable secret creation.
201 ## Add Custom CA certificate
202 ## @param tls.caCert Custom CA certificated (base64 encoded)
203 ## @param tls.caKey CA certificate private key (base64 encoded)
207 ## @param tls.pemChainIncluded Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert.
208 ## Certificates must be in proper order, where the top certificate is the leaf and the bottom certificate is the top-most intermediate CA.
210 pemChainIncluded: false
212 ## @param tls.standalone.existingSecret Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.
213 ## NOTE: When it's set it will disable certificate self-generation from existing CA.
217 ## @param tls.replicaset.existingSecrets Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.
221 ## NOTE: When it's set it will disable certificate self-generation from existing CA.
225 ## @param tls.hidden.existingSecrets Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.
229 ## NOTE: When it's set it will disable certificate self-generation from existing CA.
233 ## @param tls.arbiter.existingSecret Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.
234 ## NOTE: When it's set it will disable certificate self-generation from existing CA.
237 ## Bitnami Nginx image
238 ## @param tls.image.registry [default: REGISTRY_NAME] Init container TLS certs setup image registry
239 ## @param tls.image.repository [default: REPOSITORY_NAME/nginx] Init container TLS certs setup image repository
240 ## @skip tls.image.tag Init container TLS certs setup image tag (immutable tags are recommended)
241 ## @param tls.image.digest Init container TLS certs setup image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
242 ## @param tls.image.pullPolicy Init container TLS certs setup image pull policy
243 ## @param tls.image.pullSecrets Init container TLS certs specify docker-registry secret names as an array
244 ## @param tls.extraDnsNames Add extra dns names to the CA, can solve x509 auth issue for pod clients
248 repository: bitnami/nginx
249 tag: 1.25.4-debian-12-r1
251 pullPolicy: IfNotPresent
252 ## Optionally specify an array of imagePullSecrets.
253 ## Secrets must be manually created in the namespace.
254 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
257 ## - myRegistryKeySecretName
262 ## "DNS.6": "$my_host"
266 ## @param tls.mode Allows to set the tls mode which should be used when tls is enabled (options: `allowTLS`, `preferTLS`, `requireTLS`)
269 ## Init Container resource requests and limits
270 ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
271 ## We usually recommend not to specify default resources and to leave this as a conscious
272 ## choice for the user. This also increases chances charts run on environments with little
273 ## resources, such as Minikube. If you do want to specify resources, uncomment the following
274 ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
275 ## @param tls.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if tls.resources is set (tls.resources is recommended for production).
276 ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
278 resourcesPreset: "none"
279 ## @param tls.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
290 ## Init Container securityContext
291 ## ref: https://kubernetes.io/docs/concepts/security/pod-security-policy/
292 ## @param tls.securityContext Init container generate-tls-cert Security context
296 ## allowPrivilegeEscalation: false
300 ## @param automountServiceAccountToken Mount Service Account token in pod
302 automountServiceAccountToken: false
303 ## @param hostAliases Add deployment host aliases
304 ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
307 ## @param replicaSetName Name of the replica set (only when `architecture=replicaset`)
308 ## Ignored when mongodb.architecture=standalone
311 ## @param replicaSetHostnames Enable DNS hostnames in the replicaset config (only when `architecture=replicaset`)
312 ## Ignored when mongodb.architecture=standalone
313 ## Ignored when externalAccess.enabled=true
315 replicaSetHostnames: true
316 ## @param enableIPv6 Switch to enable/disable IPv6 on MongoDB(®)
317 ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#enablingdisabling-ipv6
320 ## @param directoryPerDB Switch to enable/disable DirectoryPerDB on MongoDB(®)
321 ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#enablingdisabling-directoryperdb
323 directoryPerDB: false
324 ## MongoDB(®) System Log configuration
325 ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#configuring-system-log-verbosity-level
326 ## @param systemLogVerbosity MongoDB(®) system log verbosity level
327 ## @param disableSystemLog Switch to enable/disable MongoDB(®) system log
329 systemLogVerbosity: 0
330 disableSystemLog: false
331 ## @param disableJavascript Switch to enable/disable MongoDB(®) server-side JavaScript execution
332 ## ref: https://docs.mongodb.com/manual/core/server-side-javascript/
334 disableJavascript: false
335 ## @param enableJournal Switch to enable/disable MongoDB(®) Journaling
336 ## ref: https://docs.mongodb.com/manual/reference/configuration-options/#mongodb-setting-storage.journal.enabled
339 ## @param configuration MongoDB(®) configuration file to be used for Primary and Secondary nodes
340 ## For documentation of all options, see: http://docs.mongodb.org/manual/reference/configuration-options/
343 ## # where and how to store data.
345 ## dbPath: /bitnami/mongodb/data/db
348 ## directoryPerDB: false
349 ## # where to write logging data
355 ## path: /opt/bitnami/mongodb/logs/mongodb.log
357 ## # network interfaces
362 ## pathPrefix: /opt/bitnami/mongodb/tmp
365 ## # replica set options
367 ## #replSetName: replicaset
368 ## #enableMajorityReadConcern: true
369 ## # process management options
370 ## processManagement:
372 ## pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid
373 ## # set parameter options
375 ## enableLocalhostAuthBypass: true
376 ## # security options
378 ## authorization: disabled
379 ## #keyFile: /opt/bitnami/mongodb/conf/keyfile
382 ## @section replicaSetConfigurationSettings settings applied during runtime (not via configuration file)
383 ## If enabled, these are applied by a script which is called within setup.sh
384 ## for documentation see https://docs.mongodb.com/manual/reference/replica-configuration/#replica-set-configuration-fields
385 ## @param replicaSetConfigurationSettings.enabled Enable MongoDB(®) Switch to enable/disable configuring MongoDB(®) run time rs.conf settings
386 ## @param replicaSetConfigurationSettings.configuration run-time rs.conf settings
388 replicaSetConfigurationSettings:
391 ## Custom configurations for individual replica set members.
392 ## Use the prefix 'members[X].' to apply settings to the member X of the replica set.
393 ## Example: 'members[0].priority: 3' sets the priority of the first replica set member to 3.
394 ## The index X in 'members[X]' corresponds to the member's position in the replica set.
395 ## members[0].priority: 3
396 ## chainingAllowed : false
397 ## heartbeatTimeoutSecs : 10
398 ## heartbeatIntervalMillis : 2000
399 ## electionTimeoutMillis : 10000
400 ## catchUpTimeoutMillis : 30000
401 ## @param existingConfigmap Name of existing ConfigMap with MongoDB(®) configuration for Primary and Secondary nodes
402 ## NOTE: When it's set the arbiter.configuration parameter is ignored
404 existingConfigmap: ""
405 ## @param initdbScripts Dictionary of initdb scripts
406 ## Specify dictionary of scripts to be run at first boot
409 ## my_init_script.sh: |
411 ## echo "Do something."
414 ## @param initdbScriptsConfigMap Existing ConfigMap with custom initdb scripts
416 initdbScriptsConfigMap: ""
417 ## Command and args for running the container (set to default if not set). Use array form
418 ## @param command Override default container command (useful when using custom images)
419 ## @param args Override default container args (useful when using custom images)
423 ## @param extraFlags MongoDB(®) additional command line flags
426 ## - "--wiredTigerCacheSizeGB=2"
429 ## @param extraEnvVars Extra environment variables to add to MongoDB(®) pods
436 ## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars
439 ## @param extraEnvVarsSecret Name of existing Secret containing extra env vars (in case of sensitive data)
441 extraEnvVarsSecret: ""
442 ## @section MongoDB(®) statefulset parameters
445 ## @param annotations Additional labels to be added to the MongoDB(®) statefulset. Evaluated as a template
448 ## @param labels Annotations to be added to the MongoDB(®) statefulset. Evaluated as a template
451 ## @param replicaCount Number of MongoDB(®) nodes
452 ## When `mongodb.architecture=replicaset`, the number of replicas is taken in account
453 ## When `mongodb.architecture=standalone`, the number of replicas can only be 0 or 1 (value higher then 1 will not be taken in account)
456 ## @param updateStrategy.type Strategy to use to replace existing MongoDB(®) pods. When architecture=standalone and useStatefulSet=false,
457 ## this parameter will be applied on a deployment object. In other case it will be applied on a statefulset object
458 ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
459 ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
462 ## type: RollingUpdate
465 ## maxUnavailable: 25%
469 ## @param podManagementPolicy Pod management policy for MongoDB(®)
470 ## Should be initialized one by one when building the replicaset for the first time
472 podManagementPolicy: OrderedReady
473 ## @param podAffinityPreset MongoDB(®) Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
474 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
476 podAffinityPreset: ""
477 ## @param podAntiAffinityPreset MongoDB(®) Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
478 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
480 podAntiAffinityPreset: soft
481 ## Node affinity preset
482 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
485 ## @param nodeAffinityPreset.type MongoDB(®) Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
488 ## @param nodeAffinityPreset.key MongoDB(®) Node label key to match Ignored if `affinity` is set.
490 ## key: "kubernetes.io/e2e-az-name"
493 ## @param nodeAffinityPreset.values MongoDB(®) Node label values to match. Ignored if `affinity` is set.
500 ## @param affinity MongoDB(®) Affinity for pod assignment
501 ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
502 ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
505 ## @param nodeSelector MongoDB(®) Node labels for pod assignment
506 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
509 ## @param tolerations MongoDB(®) Tolerations for pod assignment
510 ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
513 ## @param topologySpreadConstraints MongoDB(®) Spread Constraints for Pods
514 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
516 topologySpreadConstraints: []
517 ## @param lifecycleHooks LifecycleHook for the MongoDB(®) container(s) to automate configuration before or after startup
520 ## @param terminationGracePeriodSeconds MongoDB(®) Termination Grace Period
522 terminationGracePeriodSeconds: ""
523 ## @param podLabels MongoDB(®) pod labels
524 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
527 ## @param podAnnotations MongoDB(®) Pod annotations
528 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
531 ## @param priorityClassName Name of the existing priority class to be used by MongoDB(®) pod(s)
532 ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
534 priorityClassName: ""
535 ## @param runtimeClassName Name of the runtime class to be used by MongoDB(®) pod(s)
536 ## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
539 ## MongoDB(®) pods' Security Context.
540 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
541 ## @param podSecurityContext.enabled Enable MongoDB(®) pod(s)' Security Context
542 ## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
543 ## @param podSecurityContext.supplementalGroups Set filesystem extra groups
544 ## @param podSecurityContext.fsGroup Group ID for the volumes of the MongoDB(®) pod(s)
545 ## @param podSecurityContext.sysctls sysctl settings of the MongoDB(®) pod(s)'
549 fsGroupChangePolicy: Always
550 supplementalGroups: []
555 ## - name: net.core.somaxconn
559 ## MongoDB(®) containers' Security Context (main and metrics container).
560 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
561 ## @param containerSecurityContext.enabled Enabled containers' Security Context
562 ## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
563 ## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
564 ## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
565 ## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
566 ## @param containerSecurityContext.privileged Set container's Security Context privileged
567 ## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
568 ## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
569 ## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
570 ## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
572 containerSecurityContext:
579 readOnlyRootFilesystem: false
580 allowPrivilegeEscalation: false
584 type: "RuntimeDefault"
585 ## MongoDB(®) containers' resource requests and limits.
586 ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
587 ## We usually recommend not to specify default resources and to leave this as a conscious
588 ## choice for the user. This also increases chances charts run on environments with little
589 ## resources, such as Minikube. If you do want to specify resources, uncomment the following
590 ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
591 ## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
592 ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
594 resourcesPreset: "none"
595 ## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
606 ## @param containerPorts.mongodb MongoDB(®) container port
610 ## MongoDB(®) pods' liveness probe. Evaluated as a template.
611 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
612 ## @param livenessProbe.enabled Enable livenessProbe
613 ## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
614 ## @param livenessProbe.periodSeconds Period seconds for livenessProbe
615 ## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
616 ## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
617 ## @param livenessProbe.successThreshold Success threshold for livenessProbe
621 initialDelaySeconds: 30
626 ## MongoDB(®) pods' readiness probe. Evaluated as a template.
627 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
628 ## @param readinessProbe.enabled Enable readinessProbe
629 ## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
630 ## @param readinessProbe.periodSeconds Period seconds for readinessProbe
631 ## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
632 ## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
633 ## @param readinessProbe.successThreshold Success threshold for readinessProbe
637 initialDelaySeconds: 5
642 ## Slow starting containers can be protected through startup probes
643 ## Startup probes are available in Kubernetes version 1.16 and above
644 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
645 ## @param startupProbe.enabled Enable startupProbe
646 ## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
647 ## @param startupProbe.periodSeconds Period seconds for startupProbe
648 ## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
649 ## @param startupProbe.failureThreshold Failure threshold for startupProbe
650 ## @param startupProbe.successThreshold Success threshold for startupProbe
654 initialDelaySeconds: 5
659 ## @param customLivenessProbe Override default liveness probe for MongoDB(®) containers
660 ## Ignored when livenessProbe.enabled=true
662 customLivenessProbe: {}
663 ## @param customReadinessProbe Override default readiness probe for MongoDB(®) containers
664 ## Ignored when readinessProbe.enabled=true
666 customReadinessProbe: {}
667 ## @param customStartupProbe Override default startup probe for MongoDB(®) containers
668 ## Ignored when startupProbe.enabled=true
670 customStartupProbe: {}
671 ## @param initContainers Add additional init containers for the hidden node pod(s)
674 ## - name: your-image-name
676 ## imagePullPolicy: Always
679 ## containerPort: 1234
682 ## @param sidecars Add additional sidecar containers for the MongoDB(®) pod(s)
685 ## - name: your-image-name
687 ## imagePullPolicy: Always
690 ## containerPort: 1234
691 ## This is an optional 'mongo-labeler' sidecar container that tracks replica-set for the primary mongodb pod
692 ## and labels it dynamically with ' primary: "true" ' in order for an extra-deployed service to always expose
693 ## and attach to the primary pod, this needs to be uncommented along with the suggested 'extraDeploy' example
694 ## and the suggested rbac example for the pod to be allowed adding labels to mongo replica pods
695 ## search 'mongo-labeler' through this file to find the sections that needs to be uncommented to make it work
697 ## - name: mongo-labeler
698 ## image: korenlev/k8s-mongo-labeler-sidecar
699 ## imagePullPolicy: Always
701 ## - name: LABEL_SELECTOR
702 ## value: "app.kubernetes.io/component=mongodb,app.kubernetes.io/instance=mongodb,app.kubernetes.io/name=mongodb"
704 ## value: "the-mongodb-namespace"
709 ## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for the MongoDB(®) container(s)
711 ## extraVolumeMounts:
713 ## mountPath: /usr/share/extras
716 extraVolumeMounts: []
717 ## @param extraVolumes Optionally specify extra list of additional volumes to the MongoDB(®) statefulset
723 ## MongoDB(®) Pod Disruption Budget configuration
724 ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
727 ## @param pdb.create Enable/disable a Pod Disruption Budget creation for MongoDB(®) pod(s)
730 ## @param pdb.minAvailable Minimum number/percentage of MongoDB(®) pods that must still be available after the eviction
733 ## @param pdb.maxUnavailable Maximum number/percentage of MongoDB(®) pods that may be made unavailable after the eviction
736 ## @section Traffic exposure parameters
739 ## Service parameters
742 ## @param service.nameOverride MongoDB(®) service name
745 ## @param service.type Kubernetes Service type (only for standalone architecture)
748 ## @param service.portName MongoDB(®) service port name (only for standalone architecture)
751 ## @param service.ports.mongodb MongoDB(®) service port.
755 ## @param service.nodePorts.mongodb Port to bind to for NodePort and LoadBalancer service types (only for standalone architecture)
756 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
760 ## @param service.clusterIP MongoDB(®) service cluster IP (only for standalone architecture)
765 ## @param service.externalIPs Specify the externalIP value ClusterIP service type (only for standalone architecture)
766 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
769 ## @param service.loadBalancerIP loadBalancerIP for MongoDB(®) Service (only for standalone architecture)
770 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
773 ## @param service.loadBalancerClass loadBalancerClass for MongoDB(®) Service (only for standalone architecture)
774 # ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class
775 loadBalancerClass: ""
776 ## @param service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer (only for standalone architecture)
777 ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
779 loadBalancerSourceRanges: []
780 ## @param service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer
781 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation
783 allocateLoadBalancerNodePorts: true
784 ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
787 ## @param service.annotations Provide any additional annotations that may be required
790 ## @param service.externalTrafficPolicy service external traffic policy (only for standalone architecture)
791 ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
793 externalTrafficPolicy: Local
794 ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin
795 ## Values: ClientIP or None
796 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/
798 sessionAffinity: None
799 ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
800 ## sessionAffinityConfig:
802 ## timeoutSeconds: 300
804 sessionAffinityConfig: {}
805 ## Headless service properties
808 ## @param service.headless.annotations Annotations for the headless service.
811 ## External Access to MongoDB(®) nodes configuration
814 ## @param externalAccess.enabled Enable Kubernetes external cluster access to MongoDB(®) nodes (only for replicaset architecture)
817 ## External IPs auto-discovery configuration
818 ## An init container is used to auto-detect LB IPs or node ports by querying the K8s API
819 ## Note: RBAC might be required
822 ## @param externalAccess.autoDiscovery.enabled Enable using an init container to auto-detect external IPs by querying the K8s API
825 ## Bitnami Kubectl image
826 ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/
827 ## @param externalAccess.autoDiscovery.image.registry [default: REGISTRY_NAME] Init container auto-discovery image registry
828 ## @param externalAccess.autoDiscovery.image.repository [default: REPOSITORY_NAME/kubectl] Init container auto-discovery image repository
829 ## @skip externalAccess.autoDiscovery.image.tag Init container auto-discovery image tag (immutable tags are recommended)
830 ## @param externalAccess.autoDiscovery.image.digest Init container auto-discovery image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
831 ## @param externalAccess.autoDiscovery.image.pullPolicy Init container auto-discovery image pull policy
832 ## @param externalAccess.autoDiscovery.image.pullSecrets Init container auto-discovery image pull secrets
836 repository: bitnami/kubectl
837 tag: 1.29.2-debian-12-r1
839 ## Specify a imagePullPolicy
840 ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
841 ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
843 pullPolicy: IfNotPresent
844 ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
845 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
848 ## - myRegistryKeySecretName
851 ## Init Container resource requests and limits
852 ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
853 ## We usually recommend not to specify default resources and to leave this as a conscious
854 ## choice for the user. This also increases chances charts run on environments with little
855 ## resources, such as Minikube. If you do want to specify resources, uncomment the following
856 ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
857 ## @param externalAccess.autoDiscovery.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production).
858 ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
860 resourcesPreset: "none"
861 ## @param externalAccess.autoDiscovery.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
872 ## Parameters to configure a set of Pods that connect to an existing MongoDB(®) deployment that lies outside of Kubernetes.
873 ## @param externalAccess.externalMaster.enabled Use external master for bootstrapping
874 ## @param externalAccess.externalMaster.host External master host to bootstrap from
875 ## @param externalAccess.externalMaster.port Port for MongoDB(®) service external master host
881 ## Parameters to configure K8s service(s) used to externally access MongoDB(®)
882 ## A new service per broker will be created
885 ## @param externalAccess.service.type Kubernetes Service type for external access. Allowed values: NodePort, LoadBalancer or ClusterIP
888 ## @param externalAccess.service.portName MongoDB(®) port name used for external access when service type is LoadBalancer
891 ## @param externalAccess.service.ports.mongodb MongoDB(®) port used for external access when service type is LoadBalancer
895 ## @param externalAccess.service.loadBalancerIPs Array of load balancer IPs for MongoDB(®) nodes
902 ## @param externalAccess.service.loadBalancerClass loadBalancerClass when service type is LoadBalancer
903 # ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class
904 loadBalancerClass: ""
905 ## @param externalAccess.service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer
906 ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
908 ## loadBalancerSourceRanges:
911 loadBalancerSourceRanges: []
912 ## @param externalAccess.service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer
913 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation
915 allocateLoadBalancerNodePorts: true
916 ## @param externalAccess.service.externalTrafficPolicy MongoDB(®) service external traffic policy
917 ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
919 externalTrafficPolicy: Local
920 ## @param externalAccess.service.nodePorts Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort
927 ## @param externalAccess.service.domain Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort
928 ## If not specified, the container will try to get the kubernetes node external IP
930 ## domain: mydomain.com
933 ## @param externalAccess.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
936 ## @param externalAccess.service.annotations Service annotations for external access
939 ## @param externalAccess.service.sessionAffinity Control where client requests go, to the same pod or round-robin
940 ## Values: ClientIP or None
941 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/
943 sessionAffinity: None
944 ## @param externalAccess.service.sessionAffinityConfig Additional settings for the sessionAffinity
945 ## sessionAffinityConfig:
947 ## timeoutSeconds: 300
949 sessionAffinityConfig: {}
950 ## External Access to MongoDB(®) Hidden nodes configuration
953 ## @param externalAccess.hidden.enabled Enable Kubernetes external cluster access to MongoDB(®) hidden nodes
956 ## Parameters to configure K8s service(s) used to externally access MongoDB(®)
957 ## A new service per broker will be created
960 ## @param externalAccess.hidden.service.type Kubernetes Service type for external access. Allowed values: NodePort or LoadBalancer
963 ## @param externalAccess.hidden.service.portName MongoDB(®) port name used for external access when service type is LoadBalancer
966 ## @param externalAccess.hidden.service.ports.mongodb MongoDB(®) port used for external access when service type is LoadBalancer
970 ## @param externalAccess.hidden.service.loadBalancerIPs Array of load balancer IPs for MongoDB(®) nodes
977 ## @param externalAccess.hidden.service.loadBalancerClass loadBalancerClass when service type is LoadBalancer
978 # ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class
979 loadBalancerClass: ""
980 ## @param externalAccess.hidden.service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer
981 ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
983 ## loadBalancerSourceRanges:
986 loadBalancerSourceRanges: []
987 ## @param externalAccess.hidden.service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer
988 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation
990 allocateLoadBalancerNodePorts: true
991 ## @param externalAccess.hidden.service.externalTrafficPolicy MongoDB(®) service external traffic policy
992 ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
994 externalTrafficPolicy: Local
995 ## @param externalAccess.hidden.service.nodePorts Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort. Length must be the same as replicaCount
1002 ## @param externalAccess.hidden.service.domain Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort
1003 ## If not specified, the container will try to get the kubernetes node external IP
1005 ## domain: mydomain.com
1008 ## @param externalAccess.hidden.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
1011 ## @param externalAccess.hidden.service.annotations Service annotations for external access
1014 ## @param externalAccess.hidden.service.sessionAffinity Control where client requests go, to the same pod or round-robin
1015 ## Values: ClientIP or None
1016 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/
1018 sessionAffinity: None
1019 ## @param externalAccess.hidden.service.sessionAffinityConfig Additional settings for the sessionAffinity
1020 ## sessionAffinityConfig:
1022 ## timeoutSeconds: 300
1024 sessionAffinityConfig: {}
1025 ## @section Network policy parameters
1029 ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
1032 ## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created
1035 ## @param networkPolicy.allowExternal Don't require server label for connections
1036 ## The Policy model to apply. When set to false, only pods with the correct
1037 ## server label will have network access to the ports server is listening
1038 ## on. When true, server will accept connections from any source
1039 ## (with the correct destination port).
1042 ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
1044 allowExternalEgress: true
1045 ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolice
1055 ## - matchExpressions:
1061 ## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
1071 ## - matchExpressions:
1078 ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
1079 ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
1081 ingressNSMatchLabels: {}
1082 ingressNSPodMatchLabels: {}
1084 ## @param persistence.enabled Enable MongoDB(®) data persistence using PVC
1087 ## @param persistence.name Name of the PVC and mounted volume
1090 ## @param persistence.medium Provide a medium for `emptyDir` volumes.
1091 ## Requires persistence.enabled: false
1094 ## @param persistence.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)
1095 ## Requires persistence.enabled: true
1096 ## If defined, PVC must be created manually before volume will be bound
1097 ## Ignored when mongodb.architecture=replicaset
1100 ## @param persistence.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted
1103 ## @param persistence.storageClass PVC Storage Class for MongoDB(®) data volume
1104 ## If defined, storageClassName: <storageClass>
1105 ## If set to "-", storageClassName: "", which disables dynamic provisioning
1106 ## If undefined (the default) or set to null, no storageClassName spec is
1107 ## set, choosing the default provisioner.
1110 ## @param persistence.accessModes PV Access Mode
1114 ## @param persistence.size PVC Storage Request for MongoDB(®) data volume
1117 ## @param persistence.annotations PVC annotations
1120 ## @param persistence.mountPath Path to mount the volume at
1121 ## MongoDB(®) images.
1123 mountPath: /bitnami/mongodb
1124 ## @param persistence.subPath Subdirectory of the volume to mount at
1125 ## and one PV for multiple services.
1128 ## Fine tuning for volumeClaimTemplates
1130 volumeClaimTemplates:
1131 ## @param persistence.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes)
1132 ## A label query over volumes to consider for binding (e.g. when using local volumes)
1133 ## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details
1136 ## @param persistence.volumeClaimTemplates.requests Custom PVC requests attributes
1137 ## Sometime cloud providers use additional requests attributes to provision custom storage instance
1138 ## See https://cloud.ibm.com/docs/containers?topic=containers-file_storage#file_dynamic_statefulset
1141 ## @param persistence.volumeClaimTemplates.dataSource Add dataSource to the VolumeClaimTemplate
1144 ## Persistent Volume Claim Retention Policy
1145 ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention
1147 persistentVolumeClaimRetentionPolicy:
1148 ## @param persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for MongoDB(®) Statefulset
1151 ## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced
1154 ## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted
1157 ## @section Backup parameters
1158 ## This section implements a trivial logical dump cronjob of the database.
1159 ## This only comes with the consistency guarantees of the dump program.
1160 ## This is not a snapshot based roll forward/backward recovery backup.
1161 ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/
1164 ## @param backup.enabled Enable the logical dump of the database "regularly"
1167 ## Fine tuning cronjob's config
1170 ## @param backup.cronjob.schedule Set the cronjob parameter schedule
1173 ## @param backup.cronjob.concurrencyPolicy Set the cronjob parameter concurrencyPolicy
1175 concurrencyPolicy: Allow
1176 ## @param backup.cronjob.failedJobsHistoryLimit Set the cronjob parameter failedJobsHistoryLimit
1178 failedJobsHistoryLimit: 1
1179 ## @param backup.cronjob.successfulJobsHistoryLimit Set the cronjob parameter successfulJobsHistoryLimit
1181 successfulJobsHistoryLimit: 3
1182 ## @param backup.cronjob.startingDeadlineSeconds Set the cronjob parameter startingDeadlineSeconds
1184 startingDeadlineSeconds: ""
1185 ## @param backup.cronjob.ttlSecondsAfterFinished Set the cronjob parameter ttlSecondsAfterFinished
1187 ttlSecondsAfterFinished: ""
1188 ## @param backup.cronjob.restartPolicy Set the cronjob parameter restartPolicy
1190 restartPolicy: OnFailure
1191 ## backup container's Security Context
1192 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
1193 ## @param backup.cronjob.containerSecurityContext.enabled Enabled containers' Security Context
1194 ## @param backup.cronjob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
1195 ## @param backup.cronjob.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
1196 ## @param backup.cronjob.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
1197 ## @param backup.cronjob.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
1198 ## @param backup.cronjob.containerSecurityContext.privileged Set container's Security Context privileged
1199 ## @param backup.cronjob.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
1200 ## @param backup.cronjob.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
1201 ## @param backup.cronjob.containerSecurityContext.capabilities.drop List of capabilities to be dropped
1202 ## @param backup.cronjob.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
1204 containerSecurityContext:
1206 seLinuxOptions: null
1211 readOnlyRootFilesystem: false
1212 allowPrivilegeEscalation: false
1216 type: "RuntimeDefault"
1217 ## @param backup.cronjob.command Set backup container's command to run
1220 ## @param backup.cronjob.labels Set the cronjob labels
1223 ## @param backup.cronjob.annotations Set the cronjob annotations
1226 ## Backup container's
1229 ## @param backup.cronjob.storage.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)
1230 ## If defined, PVC must be created manually before volume will be bound
1233 ## @param backup.cronjob.storage.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted
1236 ## @param backup.cronjob.storage.storageClass PVC Storage Class for the backup data volume
1237 ## If defined, storageClassName: <storageClass>
1238 ## If set to "-", storageClassName: "", which disables dynamic provisioning
1239 ## If undefined (the default) or set to null, no storageClassName spec is
1240 ## set, choosing the default provisioner.
1243 ## @param backup.cronjob.storage.accessModes PV Access Mode
1247 ## @param backup.cronjob.storage.size PVC Storage Request for the backup data volume
1250 ## @param backup.cronjob.storage.annotations PVC annotations
1253 ## @param backup.cronjob.storage.mountPath Path to mount the volume at
1255 mountPath: /backup/mongodb
1256 ## @param backup.cronjob.storage.subPath Subdirectory of the volume to mount at
1257 ## and one PV for multiple services.
1260 ## Fine tuning for volumeClaimTemplates
1262 volumeClaimTemplates:
1263 ## @param backup.cronjob.storage.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes)
1264 ## A label query over volumes to consider for binding (e.g. when using local volumes)
1265 ## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details
1268 ## @section RBAC parameters
1272 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
1275 ## @param serviceAccount.create Enable creation of ServiceAccount for MongoDB(®) pods
1278 ## @param serviceAccount.name Name of the created serviceAccount
1279 ## If not set and create is true, a name is generated using the mongodb.fullname template
1282 ## @param serviceAccount.annotations Additional Service Account annotations
1285 ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
1286 ## Can be set to false if pods using this serviceAccount do not need to use K8s API
1288 automountServiceAccountToken: false
1289 ## Role Based Access
1290 ## ref: https://kubernetes.io/docs/admin/authorization/rbac/
1293 ## @param rbac.create Whether to create & use RBAC resources or not
1294 ## binding MongoDB(®) ServiceAccount to a role
1295 ## that allows MongoDB(®) pods querying the K8s API
1296 ## this needs to be set to 'true' to enable the mongo-labeler sidecar primary mongodb discovery
1299 ## @param rbac.rules Custom rules to create following the role specification
1300 ## The example below needs to be uncommented to use the 'mongo-labeler' sidecar for dynamic discovery of the primary mongodb pod:
1313 ## PodSecurityPolicy configuration
1314 ## Be sure to also set rbac.create to true, otherwise Role and RoleBinding won't be created.
1315 ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
1318 ## @param podSecurityPolicy.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later
1321 ## @param podSecurityPolicy.allowPrivilegeEscalation Enable privilege escalation
1322 ## Either use predefined policy with some adjustments or use `podSecurityPolicy.spec`
1324 allowPrivilegeEscalation: false
1325 ## @param podSecurityPolicy.privileged Allow privileged
1328 ## @param podSecurityPolicy.spec Specify the full spec to use for Pod Security Policy
1329 ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
1330 ## Defining a spec ignores the above values.
1334 ## allowPrivilegeEscalation: false
1336 ## rule: 'MustRunAs'
1341 ## hostNetwork: false
1343 ## privileged: false
1344 ## readOnlyRootFilesystem: false
1345 ## requiredDropCapabilities:
1348 ## rule: 'MustRunAs'
1354 ## supplementalGroups:
1355 ## rule: 'MustRunAs'
1363 ## - 'persistentVolumeClaim'
1365 ## @section Volume Permissions parameters
1367 ## Init Container parameters
1368 ## Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each component
1369 ## values from the securityContext section of the component
1372 ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup`
1375 ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry
1376 ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository
1377 ## @skip volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended)
1378 ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
1379 ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy
1380 ## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array
1384 repository: bitnami/os-shell
1385 tag: 12-debian-12-r15
1387 ## Specify a imagePullPolicy
1388 ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
1389 ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
1391 pullPolicy: IfNotPresent
1392 ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
1393 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
1396 ## - myRegistryKeySecretName
1399 ## Init Container resource requests and limits
1400 ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
1401 ## We usually recommend not to specify default resources and to leave this as a conscious
1402 ## choice for the user. This also increases chances charts run on environments with little
1403 ## resources, such as Minikube. If you do want to specify resources, uncomment the following
1404 ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
1405 ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
1406 ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
1408 resourcesPreset: "none"
1409 ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
1420 ## Init container Security Context
1421 ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser
1422 ## and not the below volumePermissions.securityContext.runAsUser
1423 ## When runAsUser is set to special value "auto", init container will try to chwon the
1424 ## data folder to autodetermined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
1425 ## "auto" is especially useful for OpenShift which has scc with dynamic userids (and 0 is not allowed).
1426 ## You may want to use this volumePermissions.securityContext.runAsUser="auto" in combination with
1427 ## podSecurityContext.enabled=false,containerSecurityContext.enabled=false and shmVolume.chmod.enabled=false
1428 ## @param volumePermissions.securityContext.seLinuxOptions [object,nullable] Set SELinux options in container
1429 ## @param volumePermissions.securityContext.runAsUser User ID for the volumePermissions container
1432 seLinuxOptions: null
1434 ## @section Arbiter parameters
1437 ## @param arbiter.enabled Enable deploying the arbiter
1438 ## https://docs.mongodb.com/manual/tutorial/add-replica-set-arbiter/
1441 ## @param arbiter.automountServiceAccountToken Mount Service Account token in pod
1443 automountServiceAccountToken: false
1444 ## @param arbiter.hostAliases Add deployment host aliases
1445 ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
1448 ## @param arbiter.configuration Arbiter configuration file to be used
1449 ## http://docs.mongodb.org/manual/reference/configuration-options/
1452 ## @param arbiter.existingConfigmap Name of existing ConfigMap with Arbiter configuration
1453 ## NOTE: When it's set the arbiter.configuration parameter is ignored
1455 existingConfigmap: ""
1456 ## Command and args for running the container (set to default if not set). Use array form
1457 ## @param arbiter.command Override default container command (useful when using custom images)
1458 ## @param arbiter.args Override default container args (useful when using custom images)
1462 ## @param arbiter.extraFlags Arbiter additional command line flags
1465 ## - "--wiredTigerCacheSizeGB=2"
1468 ## @param arbiter.extraEnvVars Extra environment variables to add to Arbiter pods
1475 ## @param arbiter.extraEnvVarsCM Name of existing ConfigMap containing extra env vars
1478 ## @param arbiter.extraEnvVarsSecret Name of existing Secret containing extra env vars (in case of sensitive data)
1480 extraEnvVarsSecret: ""
1481 ## @param arbiter.annotations Additional labels to be added to the Arbiter statefulset
1484 ## @param arbiter.labels Annotations to be added to the Arbiter statefulset
1487 ## @param arbiter.topologySpreadConstraints MongoDB(®) Spread Constraints for arbiter Pods
1488 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
1490 topologySpreadConstraints: []
1491 ## @param arbiter.lifecycleHooks LifecycleHook for the Arbiter container to automate configuration before or after startup
1494 ## @param arbiter.terminationGracePeriodSeconds Arbiter Termination Grace Period
1496 terminationGracePeriodSeconds: ""
1497 ## @param arbiter.updateStrategy.type Strategy that will be employed to update Pods in the StatefulSet
1498 ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
1500 ## type: RollingUpdate
1503 ## maxUnavailable: 25%
1507 ## @param arbiter.podManagementPolicy Pod management policy for MongoDB(®)
1508 ## Should be initialized one by one when building the replicaset for the first time
1510 podManagementPolicy: OrderedReady
1511 ## @param arbiter.schedulerName Name of the scheduler (other than default) to dispatch pods
1512 ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
1515 ## @param arbiter.podAffinityPreset Arbiter Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
1516 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
1518 podAffinityPreset: ""
1519 ## @param arbiter.podAntiAffinityPreset Arbiter Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
1520 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
1522 podAntiAffinityPreset: soft
1523 ## Node affinity preset
1524 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
1527 ## @param arbiter.nodeAffinityPreset.type Arbiter Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
1530 ## @param arbiter.nodeAffinityPreset.key Arbiter Node label key to match Ignored if `affinity` is set.
1532 ## key: "kubernetes.io/e2e-az-name"
1535 ## @param arbiter.nodeAffinityPreset.values Arbiter Node label values to match. Ignored if `affinity` is set.
1542 ## @param arbiter.affinity Arbiter Affinity for pod assignment
1543 ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
1544 ## Note: arbiter.podAffinityPreset, arbiter.podAntiAffinityPreset, and arbiter.nodeAffinityPreset will be ignored when it's set
1547 ## @param arbiter.nodeSelector Arbiter Node labels for pod assignment
1548 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
1551 ## @param arbiter.tolerations Arbiter Tolerations for pod assignment
1552 ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
1555 ## @param arbiter.podLabels Arbiter pod labels
1556 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
1559 ## @param arbiter.podAnnotations Arbiter Pod annotations
1560 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
1563 ## @param arbiter.priorityClassName Name of the existing priority class to be used by Arbiter pod(s)
1564 ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
1566 priorityClassName: ""
1567 ## @param arbiter.runtimeClassName Name of the runtime class to be used by Arbiter pod(s)
1568 ## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
1570 runtimeClassName: ""
1571 ## MongoDB(®) Arbiter pods' Security Context.
1572 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
1573 ## @param arbiter.podSecurityContext.enabled Enable Arbiter pod(s)' Security Context
1574 ## @param arbiter.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
1575 ## @param arbiter.podSecurityContext.supplementalGroups Set filesystem extra groups
1576 ## @param arbiter.podSecurityContext.fsGroup Group ID for the volumes of the Arbiter pod(s)
1577 ## @param arbiter.podSecurityContext.sysctls sysctl settings of the Arbiter pod(s)'
1581 fsGroupChangePolicy: Always
1582 supplementalGroups: []
1587 ## - name: net.core.somaxconn
1591 ## MongoDB(®) Arbiter containers' Security Context (only main container).
1592 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
1593 ## @param arbiter.containerSecurityContext.enabled Enabled containers' Security Context
1594 ## @param arbiter.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
1595 ## @param arbiter.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
1596 ## @param arbiter.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
1597 ## @param arbiter.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
1598 ## @param arbiter.containerSecurityContext.privileged Set container's Security Context privileged
1599 ## @param arbiter.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
1600 ## @param arbiter.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
1601 ## @param arbiter.containerSecurityContext.capabilities.drop List of capabilities to be dropped
1602 ## @param arbiter.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
1604 containerSecurityContext:
1606 seLinuxOptions: null
1611 readOnlyRootFilesystem: false
1612 allowPrivilegeEscalation: false
1616 type: "RuntimeDefault"
1617 ## MongoDB(®) Arbiter containers' resource requests and limits.
1618 ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
1619 ## We usually recommend not to specify default resources and to leave this as a conscious
1620 ## choice for the user. This also increases chances charts run on environments with little
1621 ## resources, such as Minikube. If you do want to specify resources, uncomment the following
1622 ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
1623 ## @param arbiter.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if arbiter.resources is set (arbiter.resources is recommended for production).
1624 ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
1626 resourcesPreset: "none"
1627 ## @param arbiter.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
1638 ## @param arbiter.containerPorts.mongodb MongoDB(®) arbiter container port
1642 ## MongoDB(®) Arbiter pods' liveness probe. Evaluated as a template.
1643 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
1644 ## @param arbiter.livenessProbe.enabled Enable livenessProbe
1645 ## @param arbiter.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
1646 ## @param arbiter.livenessProbe.periodSeconds Period seconds for livenessProbe
1647 ## @param arbiter.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
1648 ## @param arbiter.livenessProbe.failureThreshold Failure threshold for livenessProbe
1649 ## @param arbiter.livenessProbe.successThreshold Success threshold for livenessProbe
1653 initialDelaySeconds: 30
1658 ## MongoDB(®) Arbiter pods' readiness probe. Evaluated as a template.
1659 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
1660 ## @param arbiter.readinessProbe.enabled Enable readinessProbe
1661 ## @param arbiter.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
1662 ## @param arbiter.readinessProbe.periodSeconds Period seconds for readinessProbe
1663 ## @param arbiter.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
1664 ## @param arbiter.readinessProbe.failureThreshold Failure threshold for readinessProbe
1665 ## @param arbiter.readinessProbe.successThreshold Success threshold for readinessProbe
1669 initialDelaySeconds: 5
1674 ## MongoDB(®) Arbiter pods' startup probe. Evaluated as a template.
1675 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
1676 ## @param arbiter.startupProbe.enabled Enable startupProbe
1677 ## @param arbiter.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
1678 ## @param arbiter.startupProbe.periodSeconds Period seconds for startupProbe
1679 ## @param arbiter.startupProbe.timeoutSeconds Timeout seconds for startupProbe
1680 ## @param arbiter.startupProbe.failureThreshold Failure threshold for startupProbe
1681 ## @param arbiter.startupProbe.successThreshold Success threshold for startupProbe
1685 initialDelaySeconds: 5
1689 failureThreshold: 30
1690 ## @param arbiter.customLivenessProbe Override default liveness probe for Arbiter containers
1691 ## Ignored when arbiter.livenessProbe.enabled=true
1693 customLivenessProbe: {}
1694 ## @param arbiter.customReadinessProbe Override default readiness probe for Arbiter containers
1695 ## Ignored when arbiter.readinessProbe.enabled=true
1697 customReadinessProbe: {}
1698 ## @param arbiter.customStartupProbe Override default startup probe for Arbiter containers
1699 ## Ignored when arbiter.startupProbe.enabled=true
1701 customStartupProbe: {}
1702 ## @param arbiter.initContainers Add additional init containers for the Arbiter pod(s)
1705 ## - name: your-image-name
1706 ## image: your-image
1707 ## imagePullPolicy: Always
1710 ## containerPort: 1234
1713 ## @param arbiter.sidecars Add additional sidecar containers for the Arbiter pod(s)
1716 ## - name: your-image-name
1717 ## image: your-image
1718 ## imagePullPolicy: Always
1721 ## containerPort: 1234
1724 ## @param arbiter.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Arbiter container(s)
1726 ## extraVolumeMounts:
1728 ## mountPath: /usr/share/extras
1731 extraVolumeMounts: []
1732 ## @param arbiter.extraVolumes Optionally specify extra list of additional volumes to the Arbiter statefulset
1738 ## MongoDB(®) Arbiter Pod Disruption Budget configuration
1739 ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
1742 ## @param arbiter.pdb.create Enable/disable a Pod Disruption Budget creation for Arbiter pod(s)
1745 ## @param arbiter.pdb.minAvailable Minimum number/percentage of Arbiter pods that should remain scheduled
1748 ## @param arbiter.pdb.maxUnavailable Maximum number/percentage of Arbiter pods that may be made unavailable
1751 ## MongoDB(®) Arbiter service parameters
1754 ## @param arbiter.service.nameOverride The arbiter service name
1757 ## @param arbiter.service.ports.mongodb MongoDB(®) service port
1761 ## @param arbiter.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
1764 ## @param arbiter.service.annotations Provide any additional annotations that may be required
1767 ## Headless service properties
1770 ## @param arbiter.service.headless.annotations Annotations for the headless service.
1773 ## @section Hidden Node parameters
1776 ## @param hidden.enabled Enable deploying the hidden nodes
1777 ## https://docs.mongodb.com/manual/tutorial/configure-a-hidden-replica-set-member/
1780 ## @param hidden.automountServiceAccountToken Mount Service Account token in pod
1782 automountServiceAccountToken: false
1783 ## @param hidden.hostAliases Add deployment host aliases
1784 ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
1787 ## @param hidden.configuration Hidden node configuration file to be used
1788 ## http://docs.mongodb.org/manual/reference/configuration-options/
1791 ## @param hidden.existingConfigmap Name of existing ConfigMap with Hidden node configuration
1792 ## NOTE: When it's set the hidden.configuration parameter is ignored
1794 existingConfigmap: ""
1795 ## Command and args for running the container (set to default if not set). Use array form
1796 ## @param hidden.command Override default container command (useful when using custom images)
1797 ## @param hidden.args Override default container args (useful when using custom images)
1801 ## @param hidden.extraFlags Hidden node additional command line flags
1804 ## - "--wiredTigerCacheSizeGB=2"
1807 ## @param hidden.extraEnvVars Extra environment variables to add to Hidden node pods
1814 ## @param hidden.extraEnvVarsCM Name of existing ConfigMap containing extra env vars
1817 ## @param hidden.extraEnvVarsSecret Name of existing Secret containing extra env vars (in case of sensitive data)
1819 extraEnvVarsSecret: ""
1820 ## @param hidden.annotations Additional labels to be added to thehidden node statefulset
1823 ## @param hidden.labels Annotations to be added to the hidden node statefulset
1826 ## @param hidden.topologySpreadConstraints MongoDB(®) Spread Constraints for hidden Pods
1827 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
1829 topologySpreadConstraints: []
1830 ## @param hidden.lifecycleHooks LifecycleHook for the Hidden container to automate configuration before or after startup
1833 ## @param hidden.replicaCount Number of hidden nodes (only when `architecture=replicaset`)
1834 ## Ignored when mongodb.architecture=standalone
1837 ## @param hidden.terminationGracePeriodSeconds Hidden Termination Grace Period
1839 terminationGracePeriodSeconds: ""
1840 ## @param hidden.updateStrategy.type Strategy that will be employed to update Pods in the StatefulSet
1841 ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
1843 ## type: RollingUpdate
1846 ## maxUnavailable: 25%
1850 ## @param hidden.podManagementPolicy Pod management policy for hidden node
1852 podManagementPolicy: OrderedReady
1853 ## @param hidden.schedulerName Name of the scheduler (other than default) to dispatch pods
1854 ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
1857 ## @param hidden.podAffinityPreset Hidden node Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
1858 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
1860 podAffinityPreset: ""
1861 ## @param hidden.podAntiAffinityPreset Hidden node Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
1862 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
1864 podAntiAffinityPreset: soft
1865 ## Node affinity preset
1866 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
1867 ## Allowed values: soft, hard
1870 ## @param hidden.nodeAffinityPreset.type Hidden Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
1873 ## @param hidden.nodeAffinityPreset.key Hidden Node label key to match Ignored if `affinity` is set.
1875 ## key: "kubernetes.io/e2e-az-name"
1878 ## @param hidden.nodeAffinityPreset.values Hidden Node label values to match. Ignored if `affinity` is set.
1885 ## @param hidden.affinity Hidden node Affinity for pod assignment
1886 ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
1887 ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
1890 ## @param hidden.nodeSelector Hidden node Node labels for pod assignment
1891 ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
1894 ## @param hidden.tolerations Hidden node Tolerations for pod assignment
1895 ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
1898 ## @param hidden.podLabels Hidden node pod labels
1899 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
1902 ## @param hidden.podAnnotations Hidden node Pod annotations
1903 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
1906 ## @param hidden.priorityClassName Name of the existing priority class to be used by hidden node pod(s)
1907 ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
1909 priorityClassName: ""
1910 ## @param hidden.runtimeClassName Name of the runtime class to be used by hidden node pod(s)
1911 ## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
1913 runtimeClassName: ""
1914 ## MongoDB(®) Hidden pods' Security Context.
1915 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
1916 ## @param hidden.podSecurityContext.enabled Enable Hidden pod(s)' Security Context
1917 ## @param hidden.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
1918 ## @param hidden.podSecurityContext.supplementalGroups Set filesystem extra groups
1919 ## @param hidden.podSecurityContext.fsGroup Group ID for the volumes of the Hidden pod(s)
1920 ## @param hidden.podSecurityContext.sysctls sysctl settings of the Hidden pod(s)'
1924 fsGroupChangePolicy: Always
1925 supplementalGroups: []
1930 ## - name: net.core.somaxconn
1934 ## MongoDB(®) Hidden containers' Security Context (only main container).
1935 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
1936 ## @param hidden.containerSecurityContext.enabled Enabled containers' Security Context
1937 ## @param hidden.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
1938 ## @param hidden.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
1939 ## @param hidden.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
1940 ## @param hidden.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
1941 ## @param hidden.containerSecurityContext.privileged Set container's Security Context privileged
1942 ## @param hidden.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
1943 ## @param hidden.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
1944 ## @param hidden.containerSecurityContext.capabilities.drop List of capabilities to be dropped
1945 ## @param hidden.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
1947 containerSecurityContext:
1949 seLinuxOptions: null
1954 readOnlyRootFilesystem: false
1955 allowPrivilegeEscalation: false
1959 type: "RuntimeDefault"
1960 ## MongoDB(®) Hidden containers' resource requests and limits.
1961 ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
1962 ## We usually recommend not to specify default resources and to leave this as a conscious
1963 ## choice for the user. This also increases chances charts run on environments with little
1964 ## resources, such as Minikube. If you do want to specify resources, uncomment the following
1965 ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
1966 ## @param hidden.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if hidden.resources is set (hidden.resources is recommended for production).
1967 ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
1969 resourcesPreset: "none"
1970 ## @param hidden.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
1981 ## @param hidden.containerPorts.mongodb MongoDB(®) hidden container port
1985 ## MongoDB(®) Hidden pods' liveness probe. Evaluated as a template.
1986 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
1987 ## @param hidden.livenessProbe.enabled Enable livenessProbe
1988 ## @param hidden.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
1989 ## @param hidden.livenessProbe.periodSeconds Period seconds for livenessProbe
1990 ## @param hidden.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
1991 ## @param hidden.livenessProbe.failureThreshold Failure threshold for livenessProbe
1992 ## @param hidden.livenessProbe.successThreshold Success threshold for livenessProbe
1996 initialDelaySeconds: 30
2001 ## MongoDB(®) Hidden pods' readiness probe. Evaluated as a template.
2002 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
2003 ## @param hidden.readinessProbe.enabled Enable readinessProbe
2004 ## @param hidden.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
2005 ## @param hidden.readinessProbe.periodSeconds Period seconds for readinessProbe
2006 ## @param hidden.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
2007 ## @param hidden.readinessProbe.failureThreshold Failure threshold for readinessProbe
2008 ## @param hidden.readinessProbe.successThreshold Success threshold for readinessProbe
2012 initialDelaySeconds: 5
2017 ## Slow starting containers can be protected through startup probes
2018 ## Startup probes are available in Kubernetes version 1.16 and above
2019 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
2020 ## @param hidden.startupProbe.enabled Enable startupProbe
2021 ## @param hidden.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
2022 ## @param hidden.startupProbe.periodSeconds Period seconds for startupProbe
2023 ## @param hidden.startupProbe.timeoutSeconds Timeout seconds for startupProbe
2024 ## @param hidden.startupProbe.failureThreshold Failure threshold for startupProbe
2025 ## @param hidden.startupProbe.successThreshold Success threshold for startupProbe
2029 initialDelaySeconds: 5
2033 failureThreshold: 30
2034 ## @param hidden.customLivenessProbe Override default liveness probe for hidden node containers
2035 ## Ignored when hidden.livenessProbe.enabled=true
2037 customLivenessProbe: {}
2038 ## @param hidden.customReadinessProbe Override default readiness probe for hidden node containers
2039 ## Ignored when hidden.readinessProbe.enabled=true
2041 customReadinessProbe: {}
2042 ## @param hidden.customStartupProbe Override default startup probe for MongoDB(®) containers
2043 ## Ignored when hidden.startupProbe.enabled=true
2045 customStartupProbe: {}
2046 ## @param hidden.initContainers Add init containers to the MongoDB(®) Hidden pods.
2049 ## - name: your-image-name
2050 ## image: your-image
2051 ## imagePullPolicy: Always
2054 ## containerPort: 1234
2057 ## @param hidden.sidecars Add additional sidecar containers for the hidden node pod(s)
2060 ## - name: your-image-name
2061 ## image: your-image
2062 ## imagePullPolicy: Always
2065 ## containerPort: 1234
2068 ## @param hidden.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the hidden node container(s)
2070 ## extraVolumeMounts:
2072 ## mountPath: /usr/share/extras
2075 extraVolumeMounts: []
2076 ## @param hidden.extraVolumes Optionally specify extra list of additional volumes to the hidden node statefulset
2082 ## MongoDB(®) Hidden Pod Disruption Budget configuration
2083 ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
2086 ## @param hidden.pdb.create Enable/disable a Pod Disruption Budget creation for hidden node pod(s)
2089 ## @param hidden.pdb.minAvailable Minimum number/percentage of hidden node pods that should remain scheduled
2092 ## @param hidden.pdb.maxUnavailable Maximum number/percentage of hidden node pods that may be made unavailable
2095 ## Enable persistence using Persistent Volume Claims
2096 ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
2099 ## @param hidden.persistence.enabled Enable hidden node data persistence using PVC
2102 ## @param hidden.persistence.medium Provide a medium for `emptyDir` volumes.
2103 ## Requires hidden.persistence.enabled: false
2106 ## @param hidden.persistence.storageClass PVC Storage Class for hidden node data volume
2107 ## If defined, storageClassName: <storageClass>
2108 ## If set to "-", storageClassName: "", which disables dynamic provisioning
2109 ## If undefined (the default) or set to null, no storageClassName spec is
2110 ## set, choosing the default provisioner.
2113 ## @param hidden.persistence.accessModes PV Access Mode
2117 ## @param hidden.persistence.size PVC Storage Request for hidden node data volume
2120 ## @param hidden.persistence.annotations PVC annotations
2123 ## @param hidden.persistence.mountPath The path the volume will be mounted at, useful when using different MongoDB(®) images.
2125 mountPath: /bitnami/mongodb
2126 ## @param hidden.persistence.subPath The subdirectory of the volume to mount to, useful in dev environments
2127 ## and one PV for multiple services.
2130 ## Fine tuning for volumeClaimTemplates
2132 volumeClaimTemplates:
2133 ## @param hidden.persistence.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes)
2134 ## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details
2137 ## @param hidden.persistence.volumeClaimTemplates.requests Custom PVC requests attributes
2138 ## Sometime cloud providers use additional requests attributes to provision custom storage instance
2139 ## See https://cloud.ibm.com/docs/containers?topic=containers-file_storage#file_dynamic_statefulset
2142 ## @param hidden.persistence.volumeClaimTemplates.dataSource Set volumeClaimTemplate dataSource
2146 ## @param hidden.service.portName MongoDB(®) service port name
2149 ## @param hidden.service.ports.mongodb MongoDB(®) service port
2153 ## @param hidden.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
2156 ## @param hidden.service.annotations Provide any additional annotations that may be required
2159 ## Headless service properties
2162 ## @param hidden.service.headless.annotations Annotations for the headless service.
2165 ## @section Metrics parameters
2168 ## @param metrics.enabled Enable using a sidecar Prometheus exporter
2171 ## Bitnami MongoDB(®) Promtheus Exporter image
2172 ## ref: https://hub.docker.com/r/bitnami/mongodb-exporter/tags/
2173 ## @param metrics.image.registry [default: REGISTRY_NAME] MongoDB(®) Prometheus exporter image registry
2174 ## @param metrics.image.repository [default: REPOSITORY_NAME/mongodb-exporter] MongoDB(®) Prometheus exporter image repository
2175 ## @skip metrics.image.tag MongoDB(®) Prometheus exporter image tag (immutable tags are recommended)
2176 ## @param metrics.image.digest MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
2177 ## @param metrics.image.pullPolicy MongoDB(®) Prometheus exporter image pull policy
2178 ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array
2182 repository: bitnami/mongodb-exporter
2183 tag: 0.40.0-debian-12-r11
2185 pullPolicy: IfNotPresent
2186 ## Optionally specify an array of imagePullSecrets.
2187 ## Secrets must be manually created in the namespace.
2188 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
2191 ## - myRegistryKeySecretName
2194 ## @param metrics.username String with username for the metrics exporter
2195 ## If undefined the root user will be used for the metrics exporter
2198 ## @param metrics.password String with password for the metrics exporter
2199 ## If undefined but metrics.username is defined, a random password will be generated
2202 ## @param metrics.compatibleMode Enables old style mongodb-exporter metrics
2203 compatibleMode: true
2205 ## @param metrics.collector.all Enable all collectors. Same as enabling all individual metrics
2206 ## Enabling all metrics will cause significant CPU load on mongod
2208 ## @param metrics.collector.diagnosticdata Boolean Enable collecting metrics from getDiagnosticData
2209 diagnosticdata: true
2210 ## @param metrics.collector.replicasetstatus Boolean Enable collecting metrics from replSetGetStatus
2211 replicasetstatus: true
2212 ## @param metrics.collector.dbstats Boolean Enable collecting metrics from dbStats
2214 ## @param metrics.collector.topmetrics Boolean Enable collecting metrics from top admin command
2216 ## @param metrics.collector.indexstats Boolean Enable collecting metrics from $indexStats
2218 ## @param metrics.collector.collstats Boolean Enable collecting metrics from $collStats
2220 ## @param metrics.collector.collstatsColls List of \<databases\>.\<collections\> to get $collStats
2222 ## @param metrics.collector.indexstatsColls List - List of \<databases\>.\<collections\> to get $indexStats
2224 ## @param metrics.collector.collstatsLimit Number - Disable collstats, dbstats, topmetrics and indexstats collector if there are more than \<n\> collections. 0=No limit
2226 ## @param metrics.extraFlags String with extra flags to the metrics exporter
2227 ## ref: https://github.com/percona/mongodb_exporter/blob/main/main.go
2230 ## Command and args for running the container (set to default if not set). Use array form
2231 ## @param metrics.command Override default container command (useful when using custom images)
2232 ## @param metrics.args Override default container args (useful when using custom images)
2236 ## Metrics exporter container resource requests and limits
2237 ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
2238 ## We usually recommend not to specify default resources and to leave this as a conscious
2239 ## choice for the user. This also increases chances charts run on environments with little
2240 ## resources, such as Minikube. If you do want to specify resources, uncomment the following
2241 ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
2242 ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production).
2243 ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
2245 resourcesPreset: "none"
2246 ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
2257 ## @param metrics.containerPort Port of the Prometheus metrics container
2260 ## Prometheus Exporter service configuration
2263 ## @param metrics.service.annotations [object] Annotations for Prometheus Exporter pods. Evaluated as a template.
2264 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
2267 prometheus.io/scrape: "true"
2268 prometheus.io/port: "{{ .Values.metrics.service.ports.metrics }}"
2269 prometheus.io/path: "/metrics"
2270 ## @param metrics.service.type Type of the Prometheus metrics service
2273 ## @param metrics.service.ports.metrics Port of the Prometheus metrics service
2277 ## @param metrics.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
2280 ## Metrics exporter liveness probe
2281 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
2282 ## @param metrics.livenessProbe.enabled Enable livenessProbe
2283 ## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
2284 ## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe
2285 ## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
2286 ## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe
2287 ## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe
2291 initialDelaySeconds: 15
2296 ## Metrics exporter readiness probe
2297 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
2298 ## @param metrics.readinessProbe.enabled Enable readinessProbe
2299 ## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
2300 ## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe
2301 ## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
2302 ## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe
2303 ## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe
2307 initialDelaySeconds: 5
2312 ## Slow starting containers can be protected through startup probes
2313 ## Startup probes are available in Kubernetes version 1.16 and above
2314 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
2315 ## @param metrics.startupProbe.enabled Enable startupProbe
2316 ## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
2317 ## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe
2318 ## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe
2319 ## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe
2320 ## @param metrics.startupProbe.successThreshold Success threshold for startupProbe
2324 initialDelaySeconds: 5
2328 failureThreshold: 30
2329 ## @param metrics.customLivenessProbe Override default liveness probe for MongoDB(®) containers
2330 ## Ignored when livenessProbe.enabled=true
2332 customLivenessProbe: {}
2333 ## @param metrics.customReadinessProbe Override default readiness probe for MongoDB(®) containers
2334 ## Ignored when readinessProbe.enabled=true
2336 customReadinessProbe: {}
2337 ## @param metrics.customStartupProbe Override default startup probe for MongoDB(®) containers
2338 ## Ignored when startupProbe.enabled=true
2340 customStartupProbe: {}
2341 ## @param metrics.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the metrics container(s)
2343 ## extraVolumeMounts:
2345 ## mountPath: /usr/share/extras
2348 extraVolumeMounts: []
2349 ## Prometheus Service Monitor
2350 ## ref: https://github.com/coreos/prometheus-operator
2351 ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
2354 ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
2357 ## @param metrics.serviceMonitor.namespace Namespace which Prometheus is running in
2360 ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped
2363 ## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended
2365 ## scrapeTimeout: 30s
2368 ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping.
2371 ## @param metrics.serviceMonitor.metricRelabelings MetricsRelabelConfigs to apply to samples before ingestion.
2373 metricRelabelings: []
2374 ## @param metrics.serviceMonitor.labels Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
2375 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
2378 ## @param metrics.serviceMonitor.selector Prometheus instance selector labels
2379 ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
2382 ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
2385 ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
2388 ## Custom PrometheusRule to be defined
2389 ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
2392 ## @param metrics.prometheusRule.enabled Set this to true to create prometheusRules for Prometheus operator
2395 ## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so prometheusRules will be discovered by Prometheus
2397 additionalLabels: {}
2398 ## @param metrics.prometheusRule.namespace Namespace where prometheusRules resource should be created
2401 ## @param metrics.prometheusRule.rules Rules to be created, check values for an example
2402 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup
2403 ## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
2405 ## This is an example of a rule, you should add the below code block under the "rules" param, removing the brackets
2407 ## - alert: HighRequestLatency
2408 ## expr: job:request_latency_seconds:mean5m{job="myjob"} > 0.5
2413 ## summary: High request latency