+ "helmValuesDefaults": "# Copyright (c) 2016-2018 ForgeRock AS.\n\n\n# If useDefaultSecrets is set to true (the default), the secret values in ../secrets will\n# be used to create a secret map with the same name as the instance ($instance).\n# If you set useDefaultSecrets to false, you must create this secret map yourself before the DS\n# instances will be provisioned. This allows you to inject your own secrets rather\n# than use the default ones bundled in the chart. An alternate strategy is to fork this chart.\n# and replace the secrets in ./secrets with your own.\nuseDefaultSecrets: true\n\n# The default DS baseDN for the user store. Note the ds image creates several backends that are hard coded and this\n# setting will have no impact on those backends. This setting will be removed in the future.\nbaseDN: \"ou=identities\"\n\n# The default instance name. This will create a stateful set that can be resolved at\n# $instance-0.$instance. You can also use the service name $instance - which will get (randomly)\n# load balanced to an instance (not recommended )\ninstance: ds\n\ncomponent: ds\n\n# If you want to disable the userstore backend, set this to false\nuserstore:\n enabled: true\n\n# If you want to disable specific backends, set to false:\ncts:\n enabled: true\n\nconfigstore:\n enabled: true\n\nidmRepo:\n enabled: true\n\nimage:\n repository: forgerock-docker-public.bintray.io/forgerock/ds\n pullPolicy: IfNotPresent\n tag: 6.5.0\n\n# The number of instances in the StatefulSet. Each instance is a combined DS/RS pair.\n# You can not change this after installation.\nreplicas: 1\n\n# Size for DS database storage. Note GKE IOPS scale based on the size of the volume.\nstorageSize: \"10Gi\"\n\n# Set storageClass only on clusters that support it (GCP / AWS).\n#storageClass: fast\n\n\nbackup:\n # This is an optional parameter that will mount the named PVC volume (most likely an NFS share)\n # on the bak/ directory. If this is not specified, an emptyDir will be mounted instead.\n # The pvc is usually created by the dsadmin/ chart.\n #pvcClaimName: ds-backup\n\n # This configures the top level directory under bak/\n # The backup folder is set to $clusterName/$instance-$namespace. This\n # forces each instance backup to go to a different folder on the shared PVC drive. Without this\n # you will get collisions on backup / restore.\n # If you have many clusters backing up same shared NFS volume, change the default here. For example, \n # set it to \"production\"\n clusterName: \"default\"\n\n\n# You need to be on JDK 8u131 or higher to enable these options.\n# todo: find JDK 11 args\n#opendjJavaArgs: \"-server -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -XX:+UseCompressedOops -XX:+UseG1GC -XX:MaxGCPauseMillis=100 -XX:MaxRAMFraction=2\"\n\n# These defaults work for a small test instance\nopendjJavaArgs: \"-Xmx512m\"\n\n# Resource limits.\n# These help for pod placement in a larger cluster to ensure the DS instance gets sufficient resources.\n# The default values are artificially low.\n# For production, you will want to increase them.\nresources:\n requests:\n memory: 512Mi\n limits:\n memory: 768Mi\n\n# DS persistence switch. Setting this to false disables volume claims - all data is stored inside the docker image.\n# Used in testing environments without pv providers. When the pod is terminated, the DS data will be deleted!\npersistence: true\n\n# Pod Anti Affinity switch. For production this should be set to \"hard\", otherwise use \"soft\".\n# The hard setting will force ds pods to be spread out over multiple hosts/zones. soft is best effort\n# but pods will still be scheduled together if sufficient resources are not available.\npodAntiAffinity: \"soft\"\n\n# This is the exact value for TopologyKey. The other possible value is \"failure-domain.beta.kubernetes.io/zone\"\n# which will ensure that pod is scheduled on nodes in different zones thus allowing for HA across zones.\n# Note you want to leave this value as is if you are deploying a single zone cluster and change the values only\n# if you have a multi-zone cluster.\ntopologyKey: \"kubernetes.io/hostname\"\n\n# Restore parameters. \nrestore:\n # If true, runs the init containers that restores the directory from a backup folder in the bak/ folder.\n # The backup data must be present in the bak/ folder. \n # Restore will not overwrite existing DS data. \n # A backup folder contains a full backup and a number of incrementals. The most up to date incremental \n # is used to recover.\n enabled: false\n\nsecurityContext:\n runAsUser: 11111\n fsGroup: 11111\n supplementalGroups: [ 0 ]\n",
0 commit comments