diff --git a/pygluu/kubernetes/templates/helm/gluu/README.md b/pygluu/kubernetes/templates/helm/gluu/README.md index 51d73331..3f4e69ca 100644 --- a/pygluu/kubernetes/templates/helm/gluu/README.md +++ b/pygluu/kubernetes/templates/helm/gluu/README.md @@ -68,7 +68,7 @@ Kubernetes: `>=v1.22.0-0` | casa.replicas | int | `1` | Service replica number. | | casa.resources | object | `{"limits":{"cpu":"500m","memory":"500Mi"},"requests":{"cpu":"500m","memory":"500Mi"}}` | Resource specs. | | casa.resources.limits.cpu | string | `"500m"` | CPU limit. | -| casa.resources.limits.memory | string | `"500Mi"` | Memory limit. | +| casa.resources.limits.memory | string | `"500Mi"` | Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. | | casa.resources.requests.cpu | string | `"500m"` | CPU request. | | casa.resources.requests.memory | string | `"500Mi"` | Memory request. | | casa.service.casaServiceName | string | `"casa"` | Name of the casa service. Please keep it as default. | @@ -223,7 +223,7 @@ Kubernetes: `>=v1.22.0-0` | fido2.replicas | int | `1` | Service replica number. | | fido2.resources | object | `{"limits":{"cpu":"500m","memory":"500Mi"},"requests":{"cpu":"500m","memory":"500Mi"}}` | Resource specs. | | fido2.resources.limits.cpu | string | `"500m"` | CPU limit. | -| fido2.resources.limits.memory | string | `"500Mi"` | Memory limit. | +| fido2.resources.limits.memory | string | `"500Mi"` | Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. | | fido2.resources.requests.cpu | string | `"500m"` | CPU request. | | fido2.resources.requests.memory | string | `"500Mi"` | Memory request. | | fido2.service.fido2ServiceName | string | `"fido2"` | Name of the fido2 service. Please keep it as default. | @@ -236,7 +236,7 @@ Kubernetes: `>=v1.22.0-0` | fido2.usrEnvs.secret | object | `{}` | Add custom secret envs to the service variable1: value1 | | fido2.volumeMounts | list | `[]` | Configure any additional volumesMounts that need to be attached to the containers | | fido2.volumes | list | `[]` | Configure any additional volumes that need to be attached to the pod | -| global | object | `{"alb":{"ingress":{"additionalAnnotations":{"alb.ingress.kubernetes.io/auth-session-cookie":"custom-cookie","alb.ingress.kubernetes.io/certificate-arn":"arn:aws:acm:us-west-2:xxxx:certificate/xxxxxx","alb.ingress.kubernetes.io/scheme":"internet-facing","kubernetes.io/ingress.class":"alb"},"additionalLabels":{},"adminUiEnabled":true,"authServerEnabled":true,"casaEnabled":false,"enabled":false,"fido2ConfigEnabled":false,"fido2Enabled":false,"openidConfigEnabled":true,"passportEnabled":false,"scimConfigEnabled":false,"scimEnabled":false,"shibEnabled":false,"u2fConfigEnabled":true,"uma2ConfigEnabled":true,"webdiscoveryEnabled":true,"webfingerEnabled":true}},"azureStorageAccountType":"Standard_LRS","azureStorageKind":"Managed","cloud":{"testEnviroment":false},"cnAwsConfigFile":"/etc/gluu/conf/aws_config_file","cnAwsSecretsReplicaRegionsFile":"/etc/gluu/conf/aws_secrets_replica_regions","cnAwsSharedCredentialsFile":"/etc/gluu/conf/aws_shared_credential_file","cnGoogleApplicationCredentials":"/etc/gluu/conf/google-credentials.json","config":{"enabled":true},"configAdapterName":"kubernetes","configSecretAdapter":"kubernetes","cr-rotate":{"enabled":false},"domain":"demoexample.gluu.org","enableSecurityContextWithNonRegisteredDomain":"true","fido2":{"appLoggers":{"enableStdoutLogPrefix":"true","fido2LogLevel":"INFO","fido2LogTarget":"STDOUT","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE"},"enabled":false,"gluuCustomJavaOptions":""},"gcePdStorageType":"pd-standard","gluuJackrabbitCluster":"true","gluuPersistenceType":"couchbase","isDomainRegistered":"false","istio":{"additionalAnnotations":{},"additionalLabels":{},"enabled":false,"gateways":[],"ingress":false,"namespace":"istio-system"},"jackrabbit":{"appLoggers":{"jackrabbitLogLevel":"INFO","jackrabbitLogTarget":"STDOUT"},"enabled":false},"jobTtlSecondsAfterFinished":300,"lbIp":"22.22.22.22","ldapServiceName":"opendj","nginx-ingress":{"enabled":true},"opendj":{"enabled":true},"oxauth":{"appLoggers":{"auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","authLogLevel":"INFO","authLogTarget":"STDOUT","cleanerLogLevel":"INFO","cleanerLogTarget":"FILE","enableStdoutLogPrefix":"true","httpLogLevel":"INFO","httpLogTarget":"FILE","ldapStatsLogLevel":"INFO","ldapStatsLogTarget":"FILE","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scriptLogLevel":"INFO","scriptLogTarget":"FILE"},"enabled":true,"gluuCustomJavaOptions":""},"oxauth-key-rotation":{"enabled":false},"oxd-server":{"appLoggers":{"oxdServerLogLevel":"INFO","oxdServerLogTarget":"STDOUT"},"enabled":true,"gluuCustomJavaOptions":""},"oxshibboleth":{"appLoggers":{"auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","consentAuditLogLevel":"INFO","consentAuditLogTarget":"FILE","containerLogLevel":"","enableStdoutLogPrefix":"true","encryptionLogLevel":"","httpclientLogLevel":"","idpLogLevel":"INFO","idpLogTarget":"STDOUT","ldapLogLevel":"","messagesLogLevel":"","opensamlLogLevel":"","propsLogLevel":"","scriptLogLevel":"INFO","scriptLogTarget":"FILE","springLogLevel":"","xmlsecLogLevel":""},"enabled":false,"gluuCustomJavaOptions":""},"oxtrust":{"appLoggers":{"apachehcLogLevel":"INFO","apachehcLogTarget":"FILE","auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","cacheRefreshLogLevel":"INFO","cacheRefreshLogTarget":"FILE","cacheRefreshPythonLogLevel":"INFO","cacheRefreshPythonLogTarget":"FILE","cleanerLogLevel":"INFO","cleanerLogTarget":"FILE","enableStdoutLogPrefix":"true","httpLogLevel":"INFO","httpLogTarget":"FILE","ldapStatsLogLevel":"INFO","ldapStatsLogTarget":"FILE","oxtrustLogLevel":"INFO","oxtrustLogTarget":"STDOUT","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scriptLogLevel":"INFO","scriptLogTarget":"FILE","velocityLogLevel":"INFO","velocityLogTarget":"FILE"},"enabled":true,"gluuCustomJavaOptions":"-XshowSettings:vm -XX:MaxRAMPercentage=80"},"persistence":{"enabled":true},"scim":{"appLoggers":{"enableStdoutLogPrefix":"true","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scimLogLevel":"INFO","scimLogTarget":"STDOUT","scriptLogLevel":"INFO","scriptLogTarget":"FILE"},"enabled":false,"gluuCustomJavaOptions":""},"sslCertFromDomain":"false","storageClass":{"allowVolumeExpansion":true,"allowedTopologies":[],"mountOptions":["debug"],"parameters":{},"provisioner":"microk8s.io/hostpath","reclaimPolicy":"Retain","volumeBindingMode":"WaitForFirstConsumer"},"upgrade":{"enabled":false,"image":{"repository":"gluufederation/upgrade","tag":"4.5.3-2"},"sourceVersion":"4.5","targetVersion":"4.5"},"usrEnvs":{"normal":{},"secret":{}}}` | Parameters used globally across all services helm charts. | +| global | object | `{"alb":{"ingress":{"additionalAnnotations":{"alb.ingress.kubernetes.io/auth-session-cookie":"custom-cookie","alb.ingress.kubernetes.io/certificate-arn":"arn:aws:acm:us-west-2:xxxx:certificate/xxxxxx","alb.ingress.kubernetes.io/scheme":"internet-facing","kubernetes.io/ingress.class":"alb"},"additionalLabels":{},"adminUiEnabled":true,"authServerEnabled":true,"casaEnabled":false,"enabled":false,"fido2ConfigEnabled":false,"fido2Enabled":false,"openidConfigEnabled":true,"passportEnabled":false,"scimConfigEnabled":false,"scimEnabled":false,"shibEnabled":false,"u2fConfigEnabled":true,"uma2ConfigEnabled":true,"webdiscoveryEnabled":true,"webfingerEnabled":true}},"azureStorageAccountType":"Standard_LRS","azureStorageKind":"Managed","casa":{"gluuCustomJavaOptions":""},"cloud":{"testEnviroment":false},"cnAwsConfigFile":"/etc/gluu/conf/aws_config_file","cnAwsSecretsReplicaRegionsFile":"/etc/gluu/conf/aws_secrets_replica_regions","cnAwsSharedCredentialsFile":"/etc/gluu/conf/aws_shared_credential_file","cnGoogleApplicationCredentials":"/etc/gluu/conf/google-credentials.json","config":{"enabled":true},"configAdapterName":"kubernetes","configSecretAdapter":"kubernetes","cr-rotate":{"enabled":false},"domain":"demoexample.gluu.org","enableSecurityContextWithNonRegisteredDomain":"true","fido2":{"appLoggers":{"enableStdoutLogPrefix":"true","fido2LogLevel":"INFO","fido2LogTarget":"STDOUT","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE"},"enabled":false,"gluuCustomJavaOptions":""},"gcePdStorageType":"pd-standard","gluuJackrabbitCluster":"true","gluuPersistenceType":"couchbase","isDomainRegistered":"false","istio":{"additionalAnnotations":{},"additionalLabels":{},"enabled":false,"gateways":[],"ingress":false,"namespace":"istio-system"},"jackrabbit":{"appLoggers":{"jackrabbitLogLevel":"INFO","jackrabbitLogTarget":"STDOUT"},"enabled":false},"jobTtlSecondsAfterFinished":300,"lbIp":"22.22.22.22","ldapServiceName":"opendj","nginx-ingress":{"enabled":true},"opendj":{"enabled":false},"oxauth":{"appLoggers":{"auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","authLogLevel":"INFO","authLogTarget":"STDOUT","cleanerLogLevel":"INFO","cleanerLogTarget":"FILE","enableStdoutLogPrefix":"true","httpLogLevel":"INFO","httpLogTarget":"FILE","ldapStatsLogLevel":"INFO","ldapStatsLogTarget":"FILE","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scriptLogLevel":"INFO","scriptLogTarget":"FILE"},"enabled":true,"gluuCustomJavaOptions":""},"oxauth-key-rotation":{"enabled":false},"oxd-server":{"appLoggers":{"oxdServerLogLevel":"INFO","oxdServerLogTarget":"STDOUT"},"enabled":true,"gluuCustomJavaOptions":""},"oxshibboleth":{"appLoggers":{"auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","consentAuditLogLevel":"INFO","consentAuditLogTarget":"FILE","containerLogLevel":"","enableStdoutLogPrefix":"true","encryptionLogLevel":"","httpclientLogLevel":"","idpLogLevel":"INFO","idpLogTarget":"STDOUT","ldapLogLevel":"","messagesLogLevel":"","opensamlLogLevel":"","propsLogLevel":"","scriptLogLevel":"INFO","scriptLogTarget":"FILE","springLogLevel":"","xmlsecLogLevel":""},"enabled":false,"gluuCustomJavaOptions":""},"oxtrust":{"appLoggers":{"apachehcLogLevel":"INFO","apachehcLogTarget":"FILE","auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","cacheRefreshLogLevel":"INFO","cacheRefreshLogTarget":"FILE","cacheRefreshPythonLogLevel":"INFO","cacheRefreshPythonLogTarget":"FILE","cleanerLogLevel":"INFO","cleanerLogTarget":"FILE","enableStdoutLogPrefix":"true","httpLogLevel":"INFO","httpLogTarget":"FILE","ldapStatsLogLevel":"INFO","ldapStatsLogTarget":"FILE","oxtrustLogLevel":"INFO","oxtrustLogTarget":"STDOUT","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scriptLogLevel":"INFO","scriptLogTarget":"FILE","velocityLogLevel":"INFO","velocityLogTarget":"FILE"},"enabled":true,"gluuCustomJavaOptions":"-XshowSettings:vm -XX:MaxRAMPercentage=80"},"persistence":{"enabled":true},"scim":{"appLoggers":{"enableStdoutLogPrefix":"true","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scimLogLevel":"INFO","scimLogTarget":"STDOUT","scriptLogLevel":"INFO","scriptLogTarget":"FILE"},"enabled":false,"gluuCustomJavaOptions":""},"sslCertFromDomain":"false","storageClass":{"allowVolumeExpansion":true,"allowedTopologies":[],"mountOptions":["debug"],"parameters":{},"provisioner":"microk8s.io/hostpath","reclaimPolicy":"Retain","volumeBindingMode":"WaitForFirstConsumer"},"upgrade":{"enabled":false,"image":{"repository":"gluufederation/upgrade","tag":"4.5.3-2"},"sourceVersion":"4.5","targetVersion":"4.5"},"usrEnvs":{"normal":{},"secret":{}}}` | Parameters used globally across all services helm charts. | | global.alb.ingress.additionalAnnotations | object | `{"alb.ingress.kubernetes.io/auth-session-cookie":"custom-cookie","alb.ingress.kubernetes.io/certificate-arn":"arn:aws:acm:us-west-2:xxxx:certificate/xxxxxx","alb.ingress.kubernetes.io/scheme":"internet-facing","kubernetes.io/ingress.class":"alb"}` | Additional annotations that will be added across all ingress definitions in the format of {cert-manager.io/issuer: "letsencrypt-prod"} | | global.alb.ingress.additionalLabels | object | `{}` | Additional labels that will be added across all ingress definitions in the format of {mylabel: "myapp"} | | global.alb.ingress.adminUiEnabled | bool | `true` | Enable Admin UI endpoints /identity | @@ -255,6 +255,7 @@ Kubernetes: `>=v1.22.0-0` | global.alb.ingress.webfingerEnabled | bool | `true` | Enable endpoint /.well-known/webfinger | | global.azureStorageAccountType | string | `"Standard_LRS"` | Volume storage type if using Azure disks. | | global.azureStorageKind | string | `"Managed"` | Azure storage kind if using Azure disks | +| global.casa.gluuCustomJavaOptions | string | `""` | passing custom java options to casa. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | | global.cloud.testEnviroment | bool | `false` | Boolean flag if enabled will strip resources requests and limits from all services. | | global.cnGoogleApplicationCredentials | string | `"/etc/gluu/conf/google-credentials.json"` | Base64 encoded service account. The sa must have roles/secretmanager.admin to use Google secrets and roles/spanner.databaseUser to use Spanner. Leave as this is a sensible default. | | global.config.enabled | bool | `true` | Boolean flag to enable/disable the configuration chart. This normally should never be false | @@ -269,7 +270,7 @@ Kubernetes: `>=v1.22.0-0` | global.fido2.appLoggers.persistenceLogLevel | string | `"INFO"` | fido2_persistence.log level | | global.fido2.appLoggers.persistenceLogTarget | string | `"FILE"` | fido2_persistence.log target | | global.fido2.enabled | bool | `false` | Boolean flag to enable/disable the fido2 chart. | -| global.fido2.gluuCustomJavaOptions | string | `""` | passing custom java options to fido2. Notice you do not need to pass in any loggers optoins as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | +| global.fido2.gluuCustomJavaOptions | string | `""` | passing custom java options to fido2. Notice you do not need to pass in any loggers options as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | | global.gcePdStorageType | string | `"pd-standard"` | GCE storage kind if using Google disks | | global.gluuJackrabbitCluster | string | `"true"` | Boolean flag if enabled will enable jackrabbit in cluster mode with Postgres. | | global.gluuPersistenceType | string | `"couchbase"` | Persistence backend to run Gluu with ldap|couchbase|hybrid|sql|spanner. | @@ -288,7 +289,7 @@ Kubernetes: `>=v1.22.0-0` | global.lbIp | string | `"22.22.22.22"` | The Loadbalancer IP created by nginx or istio on clouds that provide static IPs. This is not needed if `global.domain` is globally resolvable. | | global.ldapServiceName | string | `"opendj"` | Name of the OpenDJ service. Please keep it as default. | | global.nginx-ingress.enabled | bool | `true` | Boolean flag to enable/disable the nginx-ingress definitions chart. | -| global.opendj.enabled | bool | `true` | Boolean flag to enable/disable the OpenDJ chart. | +| global.opendj.enabled | bool | `false` | Boolean flag to enable/disable the OpenDJ chart. | | global.oxauth-key-rotation.enabled | bool | `false` | Boolean flag to enable/disable the oxauth-server-key rotation cronjob chart. | | global.oxauth.appLoggers | object | `{"auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","authLogLevel":"INFO","authLogTarget":"STDOUT","cleanerLogLevel":"INFO","cleanerLogTarget":"FILE","enableStdoutLogPrefix":"true","httpLogLevel":"INFO","httpLogTarget":"FILE","ldapStatsLogLevel":"INFO","ldapStatsLogTarget":"FILE","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scriptLogLevel":"INFO","scriptLogTarget":"FILE"}` | App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. log levels are "OFF", "FATAL", "ERROR", "WARN", "INFO", "DEBUG", "TRACE" Targets are "STDOUT" and "FILE" | | global.oxauth.appLoggers.auditStatsLogLevel | string | `"INFO"` | oxauth_audit.log level | @@ -309,12 +310,12 @@ Kubernetes: `>=v1.22.0-0` | global.oxauth.appLoggers.scriptLogLevel | string | `"INFO"` | oxauth_script.log level | | global.oxauth.appLoggers.scriptLogTarget | string | `"FILE"` | oxauth_script.log target | | global.oxauth.enabled | bool | `true` | Boolean flag to enable/disable oxauth chart. You should never set this to false. | -| global.oxauth.gluuCustomJavaOptions | string | `""` | passing custom java options to oxauth. Notice you do not need to pass in any loggers optoins as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | +| global.oxauth.gluuCustomJavaOptions | string | `""` | passing custom java options to oxauth. Notice you do not need to pass in any loggers options as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | | global.oxd-server.appLoggers | object | `{"oxdServerLogLevel":"INFO","oxdServerLogTarget":"STDOUT"}` | App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. log levels are "OFF", "FATAL", "ERROR", "WARN", "INFO", "DEBUG", "TRACE" Targets are "STDOUT" and "FILE" | | global.oxd-server.appLoggers.oxdServerLogLevel | string | `"INFO"` | oxd-server.log level | | global.oxd-server.appLoggers.oxdServerLogTarget | string | `"STDOUT"` | oxd-server.log target | | global.oxd-server.enabled | bool | `true` | Boolean flag to enable/disable the oxd-server chart. | -| global.oxd-server.gluuCustomJavaOptions | string | `""` | passing custom java options to oxShibboleth. Notice you do not need to pass in any loggers optoins as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | +| global.oxd-server.gluuCustomJavaOptions | string | `""` | passing custom java options to oxShibboleth. Notice you do not need to pass in any loggers options as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | | global.oxshibboleth.appLoggers | object | `{"auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","consentAuditLogLevel":"INFO","consentAuditLogTarget":"FILE","containerLogLevel":"","enableStdoutLogPrefix":"true","encryptionLogLevel":"","httpclientLogLevel":"","idpLogLevel":"INFO","idpLogTarget":"STDOUT","ldapLogLevel":"","messagesLogLevel":"","opensamlLogLevel":"","propsLogLevel":"","scriptLogLevel":"INFO","scriptLogTarget":"FILE","springLogLevel":"","xmlsecLogLevel":""}` | App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. log levels are "OFF", "FATAL", "ERROR", "WARN", "INFO", "DEBUG", "TRACE" Targets are "STDOUT" and "FILE" | | global.oxshibboleth.appLoggers.auditStatsLogLevel | string | `"INFO"` | idp-audit.log level | | global.oxshibboleth.appLoggers.auditStatsLogTarget | string | `"FILE"` | idp-audit.log target | @@ -327,7 +328,7 @@ Kubernetes: `>=v1.22.0-0` | global.oxshibboleth.appLoggers.scriptLogLevel | string | `"INFO"` | idp-script.log level | | global.oxshibboleth.appLoggers.scriptLogTarget | string | `"FILE"` | idp-script.log target | | global.oxshibboleth.enabled | bool | `false` | Boolean flag to enable/disable the oxShibbboleth chart. | -| global.oxshibboleth.gluuCustomJavaOptions | string | `""` | passing custom java options to oxShibboleth. Notice you do not need to pass in any loggers optoins as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | +| global.oxshibboleth.gluuCustomJavaOptions | string | `""` | passing custom java options to oxShibboleth. Notice you do not need to pass in any loggers options as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | | global.oxtrust.appLoggers | object | `{"apachehcLogLevel":"INFO","apachehcLogTarget":"FILE","auditStatsLogLevel":"INFO","auditStatsLogTarget":"FILE","cacheRefreshLogLevel":"INFO","cacheRefreshLogTarget":"FILE","cacheRefreshPythonLogLevel":"INFO","cacheRefreshPythonLogTarget":"FILE","cleanerLogLevel":"INFO","cleanerLogTarget":"FILE","enableStdoutLogPrefix":"true","httpLogLevel":"INFO","httpLogTarget":"FILE","ldapStatsLogLevel":"INFO","ldapStatsLogTarget":"FILE","oxtrustLogLevel":"INFO","oxtrustLogTarget":"STDOUT","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scriptLogLevel":"INFO","scriptLogTarget":"FILE","velocityLogLevel":"INFO","velocityLogTarget":"FILE"}` | App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. log levels are "OFF", "FATAL", "ERROR", "WARN", "INFO", "DEBUG", "TRACE" Targets are "STDOUT" and "FILE" | | global.oxtrust.appLoggers.apachehcLogLevel | string | `"INFO"` | apachehc log level | | global.oxtrust.appLoggers.apachehcLogTarget | string | `"FILE"` | apachehc log target | @@ -368,7 +369,7 @@ Kubernetes: `>=v1.22.0-0` | global.scim.appLoggers.scriptLogLevel | string | `"INFO"` | scim_script.log level | | global.scim.appLoggers.scriptLogTarget | string | `"FILE"` | scim_script.log target | | global.scim.enabled | bool | `false` | Boolean flag to enable/disable the SCIM chart. | -| global.scim.gluuCustomJavaOptions | string | `""` | passing custom java options to scim. Notice you do not need to pass in any loggers optoins as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | +| global.scim.gluuCustomJavaOptions | string | `""` | passing custom java options to scim. Notice you do not need to pass in any loggers options as they are introduced below in appLoggers. DO NOT PASS GLUU_JAVA_OPTIONS in envs. | | global.sslCertFromDomain | string | `"false"` | Validate certificate is downloaded from given domain. If set to true (default to false), raise an error if cert is not downloaded. Note that the flag is ignored if mounted SSL cert and key files exist | | global.storageClass | object | `{"allowVolumeExpansion":true,"allowedTopologies":[],"mountOptions":["debug"],"parameters":{},"provisioner":"microk8s.io/hostpath","reclaimPolicy":"Retain","volumeBindingMode":"WaitForFirstConsumer"}` | StorageClass section for Jackrabbit and OpenDJ charts. This is not currently used by the openbanking distribution. You may specify custom parameters as needed. | | global.storageClass.parameters | object | `{}` | parameters: fsType: "" kind: "" pool: "" storageAccountType: "" type: "" | @@ -551,7 +552,7 @@ Kubernetes: `>=v1.22.0-0` | oxauth.replicas | int | `1` | Service replica number. | | oxauth.resources | object | `{"limits":{"cpu":"2500m","memory":"2500Mi"},"requests":{"cpu":"2500m","memory":"2500Mi"}}` | Resource specs. | | oxauth.resources.limits.cpu | string | `"2500m"` | CPU limit. | -| oxauth.resources.limits.memory | string | `"2500Mi"` | Memory limit. | +| oxauth.resources.limits.memory | string | `"2500Mi"` | Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. | | oxauth.resources.requests.cpu | string | `"2500m"` | CPU request. | | oxauth.resources.requests.memory | string | `"2500Mi"` | Memory request. | | oxauth.service.name | string | `"http-oxauth"` | The name of the oxauth port within the oxauth service. Please keep it as default. | @@ -585,7 +586,7 @@ Kubernetes: `>=v1.22.0-0` | oxd-server.replicas | int | `1` | Service replica number. | | oxd-server.resources | object | `{"limits":{"cpu":"1000m","memory":"400Mi"},"requests":{"cpu":"1000m","memory":"400Mi"}}` | Resource specs. | | oxd-server.resources.limits.cpu | string | `"1000m"` | CPU limit. | -| oxd-server.resources.limits.memory | string | `"400Mi"` | Memory limit. | +| oxd-server.resources.limits.memory | string | `"400Mi"` | Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. | | oxd-server.resources.requests.cpu | string | `"1000m"` | CPU request. | | oxd-server.resources.requests.memory | string | `"400Mi"` | Memory request. | | oxd-server.service.oxdServerServiceName | string | `"oxd-server"` | Name of the OXD server service. This must match config.configMap.gluuOxdApplicationCertCn. Please keep it as default. | @@ -654,7 +655,7 @@ Kubernetes: `>=v1.22.0-0` | oxshibboleth.replicas | int | `1` | Service replica number. | | oxshibboleth.resources | object | `{"limits":{"cpu":"1000m","memory":"1000Mi"},"requests":{"cpu":"1000m","memory":"1000Mi"}}` | Resource specs. | | oxshibboleth.resources.limits.cpu | string | `"1000m"` | CPU limit. | -| oxshibboleth.resources.limits.memory | string | `"1000Mi"` | Memory limit. | +| oxshibboleth.resources.limits.memory | string | `"1000Mi"` | Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. | | oxshibboleth.resources.requests.cpu | string | `"1000m"` | CPU request. | | oxshibboleth.resources.requests.memory | string | `"1000Mi"` | Memory request. | | oxshibboleth.service.name | string | `"http-oxshib"` | Port of the oxShibboleth service. Please keep it as default. | @@ -689,7 +690,7 @@ Kubernetes: `>=v1.22.0-0` | oxtrust.replicas | int | `1` | Service replica number. | | oxtrust.resources | object | `{"limits":{"cpu":"2500m","memory":"2500Mi"},"requests":{"cpu":"2500m","memory":"2500Mi"}}` | Resource specs. | | oxtrust.resources.limits.cpu | string | `"2500m"` | CPU limit. | -| oxtrust.resources.limits.memory | string | `"2500Mi"` | Memory limit. | +| oxtrust.resources.limits.memory | string | `"2500Mi"` | Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. | | oxtrust.resources.requests.cpu | string | `"2500m"` | CPU request. | | oxtrust.resources.requests.memory | string | `"2500Mi"` | Memory request. | | oxtrust.service.name | string | `"http-oxtrust"` | The name of the oxtrust port within the oxtrust service. Please keep it as default. | @@ -745,7 +746,7 @@ Kubernetes: `>=v1.22.0-0` | scim.readinessProbe.httpGet.path | string | `"/scim/restv1/scim/v2/ServiceProviderConfig"` | http readiness probe endpoint | | scim.replicas | int | `1` | Service replica number. | | scim.resources.limits.cpu | string | `"1000m"` | CPU limit. | -| scim.resources.limits.memory | string | `"1000Mi"` | Memory limit. | +| scim.resources.limits.memory | string | `"1000Mi"` | Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. | | scim.resources.requests.cpu | string | `"1000m"` | CPU request. | | scim.resources.requests.memory | string | `"1000Mi"` | Memory request. | | scim.service.name | string | `"http-scim"` | The name of the scim port within the scim service. Please keep it as default. | diff --git a/pygluu/kubernetes/templates/helm/gluu/values.yaml b/pygluu/kubernetes/templates/helm/gluu/values.yaml index 1f549711..2ebe34e3 100644 --- a/pygluu/kubernetes/templates/helm/gluu/values.yaml +++ b/pygluu/kubernetes/templates/helm/gluu/values.yaml @@ -1132,7 +1132,7 @@ oxauth: limits: # -- CPU limit. cpu: 2500m - # -- Memory limit. + # -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. memory: 2500Mi requests: # -- CPU request. @@ -1253,7 +1253,7 @@ oxtrust: limits: # -- CPU limit. cpu: 2500m - # -- Memory limit. + # -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. memory: 2500Mi requests: # -- CPU request. @@ -1376,7 +1376,7 @@ fido2: limits: # -- CPU limit. cpu: 500m - # -- Memory limit. + # -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. memory: 500Mi requests: # -- CPU request. @@ -1492,7 +1492,7 @@ scim: limits: # -- CPU limit. cpu: 1000m - # -- Memory limit. + # -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. memory: 1000Mi requests: # -- CPU request. @@ -1610,7 +1610,7 @@ oxd-server: limits: # -- CPU limit. cpu: 1000m - # -- Memory limit. + # -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. memory: 400Mi requests: # -- CPU request. @@ -1727,7 +1727,7 @@ casa: limits: # -- CPU limit. cpu: 500m - # -- Memory limit. + # -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. memory: 500Mi requests: # -- CPU request. @@ -1968,7 +1968,7 @@ oxshibboleth: limits: # -- CPU limit. cpu: 1000m - # -- Memory limit. + # -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units. memory: 1000Mi requests: # -- CPU request.