Version: 1.29.7

OnPremises - SD On Premises Cluster Schema

This document explains the full schema for the kind: OnPremises for the furyctl.yaml file used by furyctl. This configuration file will be used to deploy the SIGHUP Distribution modules and cluster on premises.

An example configuration file can be created by running the following command:

furyctl create config --kind OnPremises --version v1.29.4 --name example-cluster

note

Replace the version with your desired version of KFD.

Properties

Property	Type	Required
apiVersion	`string`	Required
kind	`string`	Required
metadata	`object`	Required
spec	`object`	Required

Description

A KFD Cluster deployed on top of a set of existing VMs.

.apiVersion

Constraints

pattern: the string must match the following regular expression:

^kfd\.sighup\.io/v\d+((alpha|beta)\d+)?$

try pattern

.kind

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"OnPremises"`

.metadata

Properties

Property	Type	Required
name	`string`	Required

.metadata.name

Description

The name of the cluster. It will also be used as a prefix for all the other resources created.

Constraints

maximum length: the maximum number of characters for this string is: 56

minimum length: the minimum number of characters for this string is: 1

.spec

Properties

Property	Type	Required
distribution	`object`	Required
distributionVersion	`string`	Required
kubernetes	`object`	Optional
plugins	`object`	Optional

.spec.distribution

Properties

Property	Type	Required
common	`object`	Optional
customPatches	`object`	Optional
modules	`object`	Required

.spec.distribution.common

Properties

Property	Type	Required
networkPoliciesEnabled	`boolean`	Optional
nodeSelector	`object`	Optional
provider	`object`	Optional
registry	`string`	Optional
relativeVendorPath	`string`	Optional
tolerations	`array`	Optional

Description

Common configuration for all the distribution modules.

.spec.distribution.common.networkPoliciesEnabled

Description

EXPERIMENTAL FEATURE. This field defines whether Network Policies are provided for core modules.

.spec.distribution.common.nodeSelector

Description

The node selector to use to place the pods for all the KFD modules. Follows Kubernetes selector format. Example: node.kubernetes.io/role: infra.

.spec.distribution.common.provider

Properties

Property	Type	Required
type	`string`	Required

.spec.distribution.common.provider.type

Description

The provider type. Don't set. FOR INTERNAL USE ONLY.

.spec.distribution.common.registry

Description

URL of the registry where to pull images from for the Distribution phase. (Default is registry.sighup.io/fury).

NOTE: If plugins are pulling from the default registry, the registry will be replaced for the plugin too.

.spec.distribution.common.relativeVendorPath

Description

The relative path to the vendor directory, does not need to be changed.

.spec.distribution.common.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

An array with the tolerations that will be added to the pods for all the KFD modules. Follows Kubernetes tolerations format. Example:

- effect: NoSchedule
  key: node.kubernetes.io/role
  value: infra

.spec.distribution.common.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.common.tolerations.key

Description

The key of the toleration

.spec.distribution.common.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.common.tolerations.value

Description

The value of the toleration

.spec.distribution.customPatches

Properties

Property	Type	Required
configMapGenerator	`array`	Optional
images	`array`	Optional
patches	`array`	Optional
patchesStrategicMerge	`array`	Optional
secretGenerator	`array`	Optional

.spec.distribution.customPatches.configMapGenerator

Properties

Property	Type	Required
behavior	`string`	Optional
envs	`array`	Optional
files	`array`	Optional
literals	`array`	Optional
name	`string`	Required
namespace	`string`	Optional
options	`object`	Optional

.spec.distribution.customPatches.configMapGenerator.behavior

Description

The behavior of the configmap

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"create"`
`"replace"`
`"merge"`

.spec.distribution.customPatches.configMapGenerator.envs

Description

The envs of the configmap

.spec.distribution.customPatches.configMapGenerator.files

Description

The files of the configmap

.spec.distribution.customPatches.configMapGenerator.literals

Description

The literals of the configmap

.spec.distribution.customPatches.configMapGenerator.name

Description

The name of the configmap

.spec.distribution.customPatches.configMapGenerator.namespace

Description

The namespace of the configmap

.spec.distribution.customPatches.configMapGenerator.options

Properties

Property	Type	Required
annotations	`object`	Optional
disableNameSuffixHash	`boolean`	Optional
immutable	`boolean`	Optional
labels	`object`	Optional

.spec.distribution.customPatches.configMapGenerator.options.annotations

Description

The annotations of the configmap

.spec.distribution.customPatches.configMapGenerator.options.disableNameSuffixHash

Description

If true, the name suffix hash will be disabled

.spec.distribution.customPatches.configMapGenerator.options.immutable

Description

If true, the configmap will be immutable

.spec.distribution.customPatches.configMapGenerator.options.labels

Description

The labels of the configmap

.spec.distribution.customPatches.images

Description

Each entry should follow the format of Kustomize's images patch

.spec.distribution.customPatches.patches

Properties

Property	Type	Required
options	`object`	Optional
patch	`string`	Optional
path	`string`	Optional
target	`object`	Optional

.spec.distribution.customPatches.patches.options

Properties

Property	Type	Required
allowKindChange	`boolean`	Optional
allowNameChange	`boolean`	Optional

.spec.distribution.customPatches.patches.options.allowKindChange

Description

If true, the kind change will be allowed

.spec.distribution.customPatches.patches.options.allowNameChange

Description

If true, the name change will be allowed

.spec.distribution.customPatches.patches.patch

Description

The patch content

.spec.distribution.customPatches.patches.path

Description

The path of the patch

.spec.distribution.customPatches.patches.target

Properties

Property	Type	Required
annotationSelector	`string`	Optional
group	`string`	Optional
kind	`string`	Optional
labelSelector	`string`	Optional
name	`string`	Optional
namespace	`string`	Optional
version	`string`	Optional

.spec.distribution.customPatches.patches.target.annotationSelector

Description

The annotation selector of the target

.spec.distribution.customPatches.patches.target.group

Description

The group of the target

.spec.distribution.customPatches.patches.target.kind

Description

The kind of the target

.spec.distribution.customPatches.patches.target.labelSelector

Description

The label selector of the target

.spec.distribution.customPatches.patches.target.name

Description

The name of the target

.spec.distribution.customPatches.patches.target.namespace

Description

The namespace of the target

.spec.distribution.customPatches.patches.target.version

Description

The version of the target

.spec.distribution.customPatches.patchesStrategicMerge

Description

Each entry should be either a relative file path or an inline content resolving to a partial or complete resource definition

.spec.distribution.customPatches.secretGenerator

Properties

Property	Type	Required
behavior	`string`	Optional
envs	`array`	Optional
files	`array`	Optional
literals	`array`	Optional
name	`string`	Required
namespace	`string`	Optional
options	`object`	Optional
type	`string`	Optional

.spec.distribution.customPatches.secretGenerator.behavior

Description

The behavior of the secret

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"create"`
`"replace"`
`"merge"`

.spec.distribution.customPatches.secretGenerator.envs

Description

The envs of the secret

.spec.distribution.customPatches.secretGenerator.files

Description

The files of the secret

.spec.distribution.customPatches.secretGenerator.literals

Description

The literals of the secret

.spec.distribution.customPatches.secretGenerator.name

Description

The name of the secret

.spec.distribution.customPatches.secretGenerator.namespace

Description

The namespace of the secret

.spec.distribution.customPatches.secretGenerator.options

Properties

Property	Type	Required
annotations	`object`	Optional
disableNameSuffixHash	`boolean`	Optional
immutable	`boolean`	Optional
labels	`object`	Optional

.spec.distribution.customPatches.secretGenerator.options.annotations

Description

The annotations of the secret

.spec.distribution.customPatches.secretGenerator.options.disableNameSuffixHash

Description

If true, the name suffix hash will be disabled

.spec.distribution.customPatches.secretGenerator.options.immutable

Description

If true, the secret will be immutable

.spec.distribution.customPatches.secretGenerator.options.labels

Description

The labels of the secret

.spec.distribution.customPatches.secretGenerator.type

Description

The type of the secret

.spec.distribution.modules

Properties

Property	Type	Required
auth	`object`	Optional
dr	`object`	Required
ingress	`object`	Required
logging	`object`	Required
monitoring	`object`	Optional
networking	`object`	Optional
policy	`object`	Required
tracing	`object`	Optional

.spec.distribution.modules.auth

Properties

Property	Type	Required
baseDomain	`string`	Optional
dex	`object`	Optional
oidcKubernetesAuth	`object`	Optional
overrides	`object`	Optional
pomerium	`object`	Optional
provider	`object`	Required

Description

Configuration for the Auth module.

.spec.distribution.modules.auth.baseDomain

Description

The base domain for the ingresses created by the Auth module (Gangplank, Pomerium, Dex). Notice that when the ingress module type is dual, these will use the external ingress class.

.spec.distribution.modules.auth.dex

Properties

Property	Type	Required
additionalStaticClients	`array`	Optional
connectors	`array`	Required
expiry	`object`	Optional
overrides	`object`	Optional

Description

Configuration for the Dex package.

.spec.distribution.modules.auth.dex.additionalStaticClients

Description

Additional static clients defitions that will be added to the default clients included with the distribution in Dex's configuration. Example:

additionalStaticClients:
  - id: my-custom-client
    name: "A custom additional static client"
    redirectURIs:
      - "https://myapp.tld/redirect"
      - "https://alias.tld/oidc-callback"
    secret: supersecretpassword

Reference: https://dexidp.io/docs/connectors/local/

.spec.distribution.modules.auth.dex.connectors

Description

A list with each item defining a Dex connector. Follows Dex connectors configuration format: https://dexidp.io/docs/connectors/

.spec.distribution.modules.auth.dex.expiry

Properties

Property	Type	Required
idTokens	`string`	Optional
signingKeys	`string`	Optional

.spec.distribution.modules.auth.dex.expiry.idTokens

Description

Dex ID tokens expiration time duration (default 24h).

.spec.distribution.modules.auth.dex.expiry.signingKeys

Description

Dex signing key expiration time duration (default 6h).

.spec.distribution.modules.auth.dex.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.auth.dex.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.auth.dex.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.auth.dex.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.auth.dex.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.auth.dex.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.auth.dex.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.auth.oidcKubernetesAuth

Properties

Property	Type	Required
clientID	`string`	Optional
clientSecret	`string`	Optional
emailClaim	`string`	Optional
enabled	`boolean`	Required
namespace	`string`	Optional
removeCAFromKubeconfig	`boolean`	Optional
scopes	`array`	Optional
sessionSecurityKey	`string`	Optional
usernameClaim	`string`	Optional

.spec.distribution.modules.auth.oidcKubernetesAuth.clientID

Description

The client ID that the Kubernetes API will use to authenticate against the OIDC provider (Dex).

.spec.distribution.modules.auth.oidcKubernetesAuth.clientSecret

Description

The client secret that the Kubernetes API will use to authenticate against the OIDC provider (Dex).

.spec.distribution.modules.auth.oidcKubernetesAuth.emailClaim

Description

DEPRECATED. Defaults to email.

.spec.distribution.modules.auth.oidcKubernetesAuth.enabled

Description

If true, components needed for interacting with the Kubernetes API with OIDC authentication (Gangplank, Dex) be deployed and configued.

.spec.distribution.modules.auth.oidcKubernetesAuth.namespace

Description

The namespace to set in the context of the kubeconfig file generated by Gangplank. Defaults to default.

.spec.distribution.modules.auth.oidcKubernetesAuth.removeCAFromKubeconfig

Description

Set to true to remove the CA from the kubeconfig file generated by Gangplank.

.spec.distribution.modules.auth.oidcKubernetesAuth.scopes

Description

Used to specify the scope of the requested Oauth authorization by Gangplank. Defaults to: ["openid", "profile", "email", "offline_access", "groups"]

.spec.distribution.modules.auth.oidcKubernetesAuth.sessionSecurityKey

Description

The Key to use for the sessions in Gangplank. Must be different between different instances of Gangplank.

.spec.distribution.modules.auth.oidcKubernetesAuth.usernameClaim

Description

The JWT claim to use as the username. This is used in Gangplank's UI. This is combined with the clusterName for the user portion of the kubeconfig. Defaults to nickname.

.spec.distribution.modules.auth.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the Auth module.

.spec.distribution.modules.auth.overrides.ingresses

Properties

Property	Type	Required
dex	`object`	Optional
gangplank	`object`	Optional

Description

Override the definition of the Auth module ingresses.

.spec.distribution.modules.auth.overrides.ingresses.dex

Properties

Property	Type	Required
host	`string`	Required
ingressClass	`string`	Required

.spec.distribution.modules.auth.overrides.ingresses.dex.host

Description

Use this host for the ingress instead of the default one.

.spec.distribution.modules.auth.overrides.ingresses.dex.ingressClass

Description

Use this ingress class for the ingress instead of the default one.

.spec.distribution.modules.auth.overrides.ingresses.gangplank

Properties

Property	Type	Required
host	`string`	Required
ingressClass	`string`	Required

.spec.distribution.modules.auth.overrides.ingresses.gangplank.host

Description

Use this host for the ingress instead of the default one.

.spec.distribution.modules.auth.overrides.ingresses.gangplank.ingressClass

Description

Use this ingress class for the ingress instead of the default one.

.spec.distribution.modules.auth.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the Auth module.

.spec.distribution.modules.auth.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the Auth module.

.spec.distribution.modules.auth.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.auth.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.auth.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.auth.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.auth.pomerium

Properties

Property	Type	Required
defaultRoutesPolicy	`object`	Optional
overrides	`object`	Optional
policy	`string`	Optional
routes	`array`	Optional
secrets	`object`	Required

Description

Configuration for Pomerium, an identity-aware reverse proxy used for SSO.

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy

Properties

Property	Type	Required
gatekeeperPolicyManager	`array`	Optional
hubbleUi	`array`	Optional
ingressNgnixForecastle	`array`	Optional
loggingMinioConsole	`array`	Optional
loggingOpensearchDashboards	`array`	Optional
monitoringAlertmanager	`array`	Optional
monitoringGrafana	`array`	Optional
monitoringMinioConsole	`array`	Optional
monitoringPrometheus	`array`	Optional
tracingMinioConsole	`array`	Optional

Description

override default routes for KFD components

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.gatekeeperPolicyManager

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.hubbleUi

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.ingressNgnixForecastle

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.loggingMinioConsole

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.loggingOpensearchDashboards

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringAlertmanager

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringGrafana

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringMinioConsole

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringPrometheus

.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.tracingMinioConsole

.spec.distribution.modules.auth.pomerium.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.auth.pomerium.overrides.nodeSelector

.spec.distribution.modules.auth.pomerium.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Required

.spec.distribution.modules.auth.pomerium.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.auth.pomerium.overrides.tolerations.key

.spec.distribution.modules.auth.pomerium.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.auth.pomerium.overrides.tolerations.value

.spec.distribution.modules.auth.pomerium.policy

Description

DEPRECATED: Use defaultRoutesPolicy and/or routes

.spec.distribution.modules.auth.pomerium.routes

Description

Additional routes configuration for Pomerium. Follows Pomerium's route format: https://www.pomerium.com/docs/reference/routes

.spec.distribution.modules.auth.pomerium.secrets

Properties

Property	Type	Required
COOKIE_SECRET	`string`	Required
IDP_CLIENT_SECRET	`string`	Required
SHARED_SECRET	`string`	Required
SIGNING_KEY	`string`	Required

Description

Pomerium needs some user-provided secrets to be fully configured. These secrets should be unique between clusters.

.spec.distribution.modules.auth.pomerium.secrets.COOKIE_SECRET

Description

Cookie Secret is the secret used to encrypt and sign session cookies.

To generate a random key, run the following command: head -c32 /dev/urandom | base64

.spec.distribution.modules.auth.pomerium.secrets.IDP_CLIENT_SECRET

Description

Identity Provider Client Secret is the OAuth 2.0 Secret Identifier. When auth type is SSO, this value will be the secret used to authenticate Pomerium with Dex, use a strong random value.

.spec.distribution.modules.auth.pomerium.secrets.SHARED_SECRET

Description

Shared Secret is the base64-encoded, 256-bit key used to mutually authenticate requests between Pomerium services. It's critical that secret keys are random, and stored safely.

To generate a key, run the following command: head -c32 /dev/urandom | base64

.spec.distribution.modules.auth.pomerium.secrets.SIGNING_KEY

Description

Signing Key is the base64 representation of one or more PEM-encoded private keys used to sign a user's attestation JWT, which can be consumed by upstream applications to pass along identifying user information like username, id, and groups.

To generates an P-256 (ES256) signing key:

openssl ecparam  -genkey  -name prime256v1  -noout  -out ec_private.pem
# careful! this will output your private key in terminal
cat ec_private.pem | base64

.spec.distribution.modules.auth.provider

Properties

Property	Type	Required
basicAuth	`object`	Optional
type	`string`	Required

.spec.distribution.modules.auth.provider.basicAuth

Properties

Property	Type	Required
password	`string`	Required
username	`string`	Required

Description

Configuration for the HTTP Basic Auth provider.

.spec.distribution.modules.auth.provider.basicAuth.password

Description

The password for logging in with the HTTP basic authentication.

.spec.distribution.modules.auth.provider.basicAuth.username

Description

The username for logging in with the HTTP basic authentication.

.spec.distribution.modules.auth.provider.type

Description

The type of the Auth provider, options are:

none: will disable authentication in the infrastructural ingresses.
sso: will protect the infrastructural ingresses with Pomerium and Dex (SSO) and require authentication before accessing them.
basicAuth: will protect the infrastructural ingresses with HTTP basic auth (username and password) authentication.

Default is none.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"none"`
`"basicAuth"`
`"sso"`

.spec.distribution.modules.dr

Properties

Property	Type	Required
etcdBackup	`object`	Optional
overrides	`object`	Optional
type	`string`	Required
velero	`object`	Optional

Description

Configuration for the Disaster Recovery module.

.spec.distribution.modules.dr.etcdBackup

Properties

Property	Type	Required
backupPrefix	`string`	Optional
pvc	`object`	Optional
s3	`object`	Optional
type	`string`	Optional

Description

Configuration for the ETCD backup package.

.spec.distribution.modules.dr.etcdBackup.backupPrefix

Description

A prefix to be prepended to the backup filenames. If unset, the prefix defaults to the cluster's name.

.spec.distribution.modules.dr.etcdBackup.pvc

Properties

Property	Type	Required
accessModes	`array`	Optional
name	`string`	Optional
retentionTime	`string`	Optional
schedule	`string`	Optional
size	`string`	Optional
storageClass	`string`	Optional

Description

Configuration parameters for the pvc type of etcdBackup.

.spec.distribution.modules.dr.etcdBackup.pvc.accessModes

Description

The accessModes that the furyctl-managed PersistentVolumeClaim will use. This has no effect and is ignored if name is set. Default is ["ReadOnlyOnce"]

.spec.distribution.modules.dr.etcdBackup.pvc.name

Description

The PersistentVolumeClaim name where the backups will be saved. If set, size and storageClass will be ignored and etcd-backup will use the PersistentVolumeClaim that matches the name set. Please note that the PersistentVolumeClaim must be created inside the kube-system namespace.

If you leave name unset furyctl will create a PersistentVolumeClaim for you with an arbitrary name.

.spec.distribution.modules.dr.etcdBackup.pvc.retentionTime

Description

The retention time of the backups inside the PersistentVolumeClaim. Follows rclone's min-age format. Example: '30d' for 30 days. Default is 10d (ten days).

.spec.distribution.modules.dr.etcdBackup.pvc.schedule

Description

The cron expression for the etcd-backup-pvc backup schedule. Default is 0 1 * * * (everyday at 01:00).

.spec.distribution.modules.dr.etcdBackup.pvc.size

Description

The size that the furyctl-managed PersistentVolumeClaim will use. This has no effect and is ignored if name is set. Default is 10G.

.spec.distribution.modules.dr.etcdBackup.pvc.storageClass

Description

The storage class that the furyctl-managed PersistentVolumeClaim will use. This has no effect and is ignored if name is set. Default is default.

.spec.distribution.modules.dr.etcdBackup.s3

Properties

Property	Type	Required
accessKeyId	`string`	Required
bucketName	`string`	Required
endpoint	`string`	Required
insecure	`boolean`	Optional
retentionTime	`string`	Optional
schedule	`string`	Optional
secretAccessKey	`string`	Required

Description

Configuration parameters for the s3 type of etcdBackup.

.spec.distribution.modules.dr.etcdBackup.s3.accessKeyId

Description

The access key ID (username) for the external S3-compatible bucket.

.spec.distribution.modules.dr.etcdBackup.s3.bucketName

Description

The bucket name of the external S3-compatible object storage.

.spec.distribution.modules.dr.etcdBackup.s3.endpoint

Description

External S3-compatible endpoint for etcd-backup-s3's storage.

.spec.distribution.modules.dr.etcdBackup.s3.insecure

Description

If true, will use HTTP as protocol instead of HTTPS.

.spec.distribution.modules.dr.etcdBackup.s3.retentionTime

Description

The retention time of the external S3-compatible object storage. Follows rclone's min-age format. Example: '30d' for 30 days. Default is 10d (ten days).

.spec.distribution.modules.dr.etcdBackup.s3.schedule

Description

The cron expression for the etcd-backup-s3 backup schedule. Default is 0 1 * * * (everyday at 01:00).

.spec.distribution.modules.dr.etcdBackup.s3.secretAccessKey

Description

The secret access key (password) for the external S3-compatible bucket.

.spec.distribution.modules.dr.etcdBackup.type

Description

The type of the etcd backup to enable, options are:

none: no etcd backup CronJob will be installed and no etcd backup will be performed.
s3: the etcd-backup-s3 package will be enabled. It will deploy a CronJob which continuously snapshots a healthy etcd node and will save the backups in a configured S3 bucket.
pvc: the etcd-backup-pvc package will be enabled. It will deploy a CronJob which continuously snapshots a healthy etcd node and will save the backups in a configured PersistentVolumeClaim.
all: both kinds of backups will be enabled.

Default is none.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"s3"`
`"pvc"`
`"none"`
`"all"`

.spec.distribution.modules.dr.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the module.

.spec.distribution.modules.dr.overrides.ingresses

.spec.distribution.modules.dr.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the module.

.spec.distribution.modules.dr.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the module.

.spec.distribution.modules.dr.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.dr.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.dr.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.dr.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.dr.type

Description

The type of the Disaster Recovery, must be none or on-premises. none disables the module and on-premises will install Velero, an optional MinIO deployment and optionally etcd-backup.

Default is none.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"none"`
`"on-premises"`

.spec.distribution.modules.dr.velero

Properties

Property	Type	Required
backend	`string`	Optional
externalEndpoint	`object`	Optional
overrides	`object`	Optional
schedules	`object`	Optional
snapshotController	`object`	Optional

Description

Configuration for the Velero package.

.spec.distribution.modules.dr.velero.backend

Description

The storage backend type for Velero. minio will use an in-cluster MinIO deployment for object storage, externalEndpoint can be used to point to an external S3-compatible object storage instead of deploying an in-cluster MinIO.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"minio"`
`"externalEndpoint"`

.spec.distribution.modules.dr.velero.externalEndpoint

Properties

Property	Type	Required
accessKeyId	`string`	Optional
bucketName	`string`	Optional
endpoint	`string`	Optional
insecure	`boolean`	Optional
secretAccessKey	`string`	Optional

Description

Configuration for Velero's external storage backend.

.spec.distribution.modules.dr.velero.externalEndpoint.accessKeyId

Description

The access key ID (username) for the external S3-compatible bucket.

.spec.distribution.modules.dr.velero.externalEndpoint.bucketName

Description

The bucket name of the external S3-compatible object storage.

.spec.distribution.modules.dr.velero.externalEndpoint.endpoint

Description

External S3-compatible endpoint for Velero's storage.

.spec.distribution.modules.dr.velero.externalEndpoint.insecure

Description

If true, will use HTTP as protocol instead of HTTPS.

.spec.distribution.modules.dr.velero.externalEndpoint.secretAccessKey

Description

The secret access key (password) for the external S3-compatible bucket.

.spec.distribution.modules.dr.velero.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.dr.velero.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.dr.velero.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.dr.velero.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.dr.velero.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.dr.velero.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.dr.velero.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.dr.velero.schedules

Properties

Property	Type	Required
definitions	`object`	Optional
install	`boolean`	Optional

Description

Configuration for Velero's backup schedules.

.spec.distribution.modules.dr.velero.schedules.definitions

Properties

Property	Type	Required
full	`object`	Optional
manifests	`object`	Optional

Description

Configuration for Velero schedules.

.spec.distribution.modules.dr.velero.schedules.definitions.full

Properties

Property	Type	Required
schedule	`string`	Optional
snapshotMoveData	`boolean`	Optional
ttl	`string`	Optional

Description

Configuration for Velero's manifests backup schedule.

.spec.distribution.modules.dr.velero.schedules.definitions.full.schedule

Description

The cron expression for the full backup schedule (default 0 1 * * *).

.spec.distribution.modules.dr.velero.schedules.definitions.full.snapshotMoveData

Description

EXPERIMENTAL (if you do more than one backups, the following backups after the first are not automatically restorable, see https://github.com/vmware-tanzu/velero/issues/7057#issuecomment-2466815898 for the manual restore solution): SnapshotMoveData specifies whether snapshot data should be moved. Velero will create a new volume from the snapshot and upload the content to the storageLocation.

.spec.distribution.modules.dr.velero.schedules.definitions.full.ttl

Description

The Time To Live (TTL) of the backups created by the backup schedules (default 720h0m0s, 30 days). Notice that changing this value will affect only newly created backups, prior backups will keep the old TTL.

.spec.distribution.modules.dr.velero.schedules.definitions.manifests

Properties

Property	Type	Required
schedule	`string`	Optional
ttl	`string`	Optional

Description

Configuration for Velero's manifests backup schedule.

.spec.distribution.modules.dr.velero.schedules.definitions.manifests.schedule

Description

The cron expression for the manifests backup schedule (default */15 * * * *).

.spec.distribution.modules.dr.velero.schedules.definitions.manifests.ttl

Description

.spec.distribution.modules.dr.velero.schedules.install

Description

Whether to install or not the default manifests and full backups schedules. Default is true.

.spec.distribution.modules.dr.velero.snapshotController

Properties

Property	Type	Required
install	`boolean`	Optional

Description

Configuration for the additional snapshotController component installation.

.spec.distribution.modules.dr.velero.snapshotController.install

Description

Whether to install or not the snapshotController component in the cluster. Before enabling this field, check if your CSI driver does not have snapshotController built-in.

.spec.distribution.modules.ingress

Properties

Property	Type	Required
baseDomain	`string`	Required
certManager	`object`	Optional
forecastle	`object`	Optional
nginx	`object`	Required
overrides	`object`	Optional
then	`object`	Optional

.spec.distribution.modules.ingress.baseDomain

Description

The base domain used for all the KFD infrastructural ingresses. If using the nginx dual type, this value should be the same as the domain associated with the internal ingress class.

.spec.distribution.modules.ingress.certManager

Properties

Property	Type	Required
clusterIssuer	`object`	Required
overrides	`object`	Optional

Description

Configuration for the cert-manager package. Required even if ingress.nginx.type is none, cert-manager is used for managing other certificates in the cluster besides the TLS termination certificates for the ingresses.

.spec.distribution.modules.ingress.certManager.clusterIssuer

Properties

Property	Type	Required
email	`string`	Required
name	`string`	Required
solvers	`array`	Optional
type	`string`	Optional

Description

Configuration for the cert-manager's ACME clusterIssuer used to request certificates from Let's Encrypt.

.spec.distribution.modules.ingress.certManager.clusterIssuer.email

Description

The email address to use during the certificate issuing process.

.spec.distribution.modules.ingress.certManager.clusterIssuer.name

Description

The name of the clusterIssuer.

.spec.distribution.modules.ingress.certManager.clusterIssuer.solvers

Description

The list of challenge solvers to use instead of the default one for the http01 challenge. Check cert manager's documentation for examples for this field.

.spec.distribution.modules.ingress.certManager.clusterIssuer.type

Description

The type of the clusterIssuer. Only http01 challenge is supported for on-premises clusters. See solvers for arbitrary configurations.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"http01"`

.spec.distribution.modules.ingress.certManager.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.ingress.certManager.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.ingress.certManager.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.ingress.certManager.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.ingress.certManager.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.ingress.certManager.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.ingress.certManager.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.ingress.forecastle

Properties

Property	Type	Required
overrides	`object`	Optional

.spec.distribution.modules.ingress.forecastle.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.ingress.forecastle.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.ingress.forecastle.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.ingress.forecastle.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.ingress.forecastle.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.ingress.forecastle.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.ingress.forecastle.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.ingress.nginx

Properties

Property	Type	Required
overrides	`object`	Optional
tls	`object`	Optional
type	`string`	Required

Description

Configurations for the Ingress nginx controller package.

.spec.distribution.modules.ingress.nginx.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.ingress.nginx.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.ingress.nginx.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.ingress.nginx.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.ingress.nginx.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.ingress.nginx.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.ingress.nginx.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.ingress.nginx.tls

Properties

Property	Type	Required
provider	`string`	Required
secret	`object`	Optional

.spec.distribution.modules.ingress.nginx.tls.provider

Description

The provider of the TLS certificates for the ingresses, one of: none, certManager, or secret.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"certManager"`
`"secret"`
`"none"`

.spec.distribution.modules.ingress.nginx.tls.secret

Properties

Property	Type	Required
ca	`string`	Required
cert	`string`	Required
key	`string`	Required

Description

Kubernetes TLS secret for the ingresses TLS certificate.

.spec.distribution.modules.ingress.nginx.tls.secret.ca

Description

The Certificate Authority certificate file's content. You can use the "{file://<path>}" notation to get the content from a file.

.spec.distribution.modules.ingress.nginx.tls.secret.cert

Description

The certificate file's content. You can use the "{file://<path>}" notation to get the content from a file.

.spec.distribution.modules.ingress.nginx.tls.secret.key

Description

The signing key file's content. You can use the "{file://<path>}" notation to get the content from a file.

.spec.distribution.modules.ingress.nginx.type

Description

The type of the Ingress nginx controller, options are:

none: no ingress controller will be installed and no infrastructural ingresses will be created.
single: a single ingress controller with ingress class nginx will be installed to manage all the ingress resources, infrastructural ingresses will be created.
dual: two independent ingress controllers will be installed, one for the internal ingress class intended for private ingresses and one for the external ingress class intended for public ingresses. KFD infrastructural ingresses wil use the internal ingress class when using the dual type.

Default is single.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"none"`
`"single"`
`"dual"`

.spec.distribution.modules.ingress.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the Ingress module.

.spec.distribution.modules.ingress.overrides.ingresses

Properties

Property	Type	Required
forecastle	`object`	Optional

.spec.distribution.modules.ingress.overrides.ingresses.forecastle

Properties

Property	Type	Required
disableAuth	`boolean`	Optional
host	`string`	Optional
ingressClass	`string`	Optional

.spec.distribution.modules.ingress.overrides.ingresses.forecastle.disableAuth

Description

If true, the ingress will not have authentication even if .spec.modules.auth.provider.type is SSO or Basic Auth.

.spec.distribution.modules.ingress.overrides.ingresses.forecastle.host

Description

Use this host for the ingress instead of the default one.

.spec.distribution.modules.ingress.overrides.ingresses.forecastle.ingressClass

Description

Use this ingress class for the ingress instead of the default one.

.spec.distribution.modules.ingress.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the Ingress module.

.spec.distribution.modules.ingress.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the Ingress module.

.spec.distribution.modules.ingress.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.ingress.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.ingress.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.ingress.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.ingress.then

.spec.distribution.modules.logging

Properties

Property	Type	Required
cerebro	`object`	Optional
customOutputs	`object`	Optional
loki	`object`	Optional
minio	`object`	Optional
opensearch	`object`	Optional
operator	`object`	Optional
overrides	`object`	Optional
type	`string`	Required

Description

Configuration for the Logging module.

.spec.distribution.modules.logging.cerebro

Properties

Property	Type	Required
overrides	`object`	Optional

Description

DEPRECATED since KFD v1.26.6, 1.27.5, v1.28.0.

.spec.distribution.modules.logging.cerebro.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.logging.cerebro.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.logging.cerebro.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.logging.cerebro.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.logging.cerebro.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.logging.cerebro.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.logging.cerebro.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.logging.customOutputs

Properties

Property	Type	Required
audit	`string`	Required
errors	`string`	Required
events	`string`	Required
infra	`string`	Required
ingressNginx	`string`	Required
kubernetes	`string`	Required
systemdCommon	`string`	Required
systemdEtcd	`string`	Required

Description

When using the customOutputs logging type, you need to manually specify the spec of the several Output and ClusterOutputs that the Logging Operator expects to forward the logs collected by the pre-defined flows.

.spec.distribution.modules.logging.customOutputs.audit

Description

This value defines where the output from the audit Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.customOutputs.errors

Description

This value defines where the output from the errors Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.customOutputs.events

Description

This value defines where the output from the events Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.customOutputs.infra

Description

This value defines where the output from the infra Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.customOutputs.ingressNginx

Description

This value defines where the output from the ingressNginx Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.customOutputs.kubernetes

Description

This value defines where the output from the kubernetes Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.customOutputs.systemdCommon

Description

This value defines where the output from the systemdCommon Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.customOutputs.systemdEtcd

Description

This value defines where the output from the systemdEtcd Flow will be sent. This will be the spec section of the Output object. It must be a string (and not a YAML object) following the OutputSpec definition. Use the nullout output to discard the flow: nullout: {}

.spec.distribution.modules.logging.loki

Properties

Property	Type	Required
backend	`string`	Optional
externalEndpoint	`object`	Optional
resources	`object`	Optional
tsdbStartDate	`string`	Required

Description

Configuration for the Loki package.

.spec.distribution.modules.logging.loki.backend

Description

The storage backend type for Loki. minio will use an in-cluster MinIO deployment for object storage, externalEndpoint can be used to point to an external object storage instead of deploying an in-cluster MinIO.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"minio"`
`"externalEndpoint"`

.spec.distribution.modules.logging.loki.externalEndpoint

Properties

Property	Type	Required
accessKeyId	`string`	Optional
bucketName	`string`	Optional
endpoint	`string`	Optional
insecure	`boolean`	Optional
secretAccessKey	`string`	Optional

Description

Configuration for Loki's external storage backend.

.spec.distribution.modules.logging.loki.externalEndpoint.accessKeyId

Description

The access key ID (username) for the external S3-compatible bucket.

.spec.distribution.modules.logging.loki.externalEndpoint.bucketName

Description

The bucket name of the external S3-compatible object storage.

.spec.distribution.modules.logging.loki.externalEndpoint.endpoint

Description

External S3-compatible endpoint for Loki's storage.

.spec.distribution.modules.logging.loki.externalEndpoint.insecure

Description

If true, will use HTTP as protocol instead of HTTPS.

.spec.distribution.modules.logging.loki.externalEndpoint.secretAccessKey

Description

The secret access key (password) for the external S3-compatible bucket.

.spec.distribution.modules.logging.loki.resources

Properties

Property	Type	Required
limits	`object`	Optional
requests	`object`	Optional

.spec.distribution.modules.logging.loki.resources.limits

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.logging.loki.resources.limits.cpu

Description

The CPU limit for the Pod. Example: 1000m.

.spec.distribution.modules.logging.loki.resources.limits.memory

Description

The memory limit for the Pod. Example: 1G.

.spec.distribution.modules.logging.loki.resources.requests

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.logging.loki.resources.requests.cpu

Description

The CPU request for the Pod, in cores. Example: 500m.

.spec.distribution.modules.logging.loki.resources.requests.memory

Description

The memory request for the Pod. Example: 500M.

.spec.distribution.modules.logging.loki.tsdbStartDate

Description

Starting from versions 1.28.4, 1.29.5 and 1.30.0 of KFD, Loki will change the time series database from BoltDB to TSDB and the schema from v11 to v13 that it uses to store the logs.

The value of this field will determine the date when Loki will start writing using the new TSDB and the schema v13, always at midnight UTC. The old BoltDB and schema will be kept until they expire for reading purposes.

From versions 1.29.7, 1.30.3 and 1.31.1 of the distribution, this field will be unmutable once changed.

Value must be a string in ISO 8601 date format (yyyy-mm-dd). Example: 2024-11-18.

.spec.distribution.modules.logging.minio

Properties

Property	Type	Required
overrides	`object`	Optional
rootUser	`object`	Optional
storageSize	`string`	Optional

Description

Configuration for Logging's MinIO deployment.

.spec.distribution.modules.logging.minio.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.logging.minio.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.logging.minio.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.logging.minio.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.logging.minio.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.logging.minio.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.logging.minio.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.logging.minio.rootUser

Properties

Property	Type	Required
password	`string`	Optional
username	`string`	Optional

.spec.distribution.modules.logging.minio.rootUser.password

Description

The password for the default MinIO root user.

.spec.distribution.modules.logging.minio.rootUser.username

Description

The username for the default MinIO root user.

.spec.distribution.modules.logging.minio.storageSize

Description

The PVC size for each MinIO disk, 6 disks total.

.spec.distribution.modules.logging.opensearch

Properties

Property	Type	Required
overrides	`object`	Optional
resources	`object`	Optional
storageSize	`string`	Optional
type	`string`	Required

.spec.distribution.modules.logging.opensearch.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.logging.opensearch.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.logging.opensearch.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.logging.opensearch.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.logging.opensearch.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.logging.opensearch.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.logging.opensearch.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.logging.opensearch.resources

Properties

Property	Type	Required
limits	`object`	Optional
requests	`object`	Optional

.spec.distribution.modules.logging.opensearch.resources.limits

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.logging.opensearch.resources.limits.cpu

Description

The CPU limit for the Pod. Example: 1000m.

.spec.distribution.modules.logging.opensearch.resources.limits.memory

Description

The memory limit for the Pod. Example: 1G.

.spec.distribution.modules.logging.opensearch.resources.requests

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.logging.opensearch.resources.requests.cpu

Description

The CPU request for the Pod, in cores. Example: 500m.

.spec.distribution.modules.logging.opensearch.resources.requests.memory

Description

The memory request for the Pod. Example: 500M.

.spec.distribution.modules.logging.opensearch.storageSize

Description

The storage size for the OpenSearch volumes. Follows Kubernetes resources storage requests. Default is 150Gi.

.spec.distribution.modules.logging.opensearch.type

Description

The type of OpenSearch deployment. One of: single for a single replica or triple for an HA 3-replicas deployment.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"single"`
`"triple"`

.spec.distribution.modules.logging.operator

Properties

Property	Type	Required
overrides	`object`	Optional

Description

Configuration for the Logging Operator.

.spec.distribution.modules.logging.operator.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.logging.operator.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.logging.operator.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.logging.operator.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.logging.operator.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.logging.operator.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.logging.operator.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.logging.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the module.

.spec.distribution.modules.logging.overrides.ingresses

.spec.distribution.modules.logging.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the module.

.spec.distribution.modules.logging.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the module.

.spec.distribution.modules.logging.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.logging.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.logging.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.logging.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.logging.type

Description

Selects the logging stack. Options are:

none: will disable the centralized logging.
opensearch: will deploy and configure the Logging Operator and an OpenSearch cluster (can be single or triple for HA) where the logs will be stored.
loki: will use a distributed Grafana Loki instead of OpenSearch for storage.
customOuputs: the Logging Operator will be deployed and installed but without in-cluster storage, you will have to create the needed Outputs and ClusterOutputs to ship the logs to your desired storage.

Default is opensearch.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"none"`
`"opensearch"`
`"loki"`
`"customOutputs"`

.spec.distribution.modules.monitoring

Properties

Property	Type	Required
alertmanager	`object`	Optional
blackboxExporter	`object`	Optional
grafana	`object`	Optional
kubeStateMetrics	`object`	Optional
mimir	`object`	Optional
minio	`object`	Optional
overrides	`object`	Optional
prometheus	`object`	Optional
prometheusAgent	`object`	Optional
type	`string`	Required
x509Exporter	`object`	Optional

Description

Configuration for the Monitoring module.

.spec.distribution.modules.monitoring.alertmanager

Properties

Property	Type	Required
deadManSwitchWebhookUrl	`string`	Optional
installDefaultRules	`boolean`	Optional
slackWebhookUrl	`string`	Optional

.spec.distribution.modules.monitoring.alertmanager.deadManSwitchWebhookUrl

Description

The webhook URL to send dead man's switch monitoring, for example to use with healthchecks.io.

.spec.distribution.modules.monitoring.alertmanager.installDefaultRules

Description

Set to false to avoid installing the Prometheus rules (alerts) included with the distribution.

.spec.distribution.modules.monitoring.alertmanager.slackWebhookUrl

Description

The Slack webhook URL where to send the infrastructural and workload alerts to.

.spec.distribution.modules.monitoring.blackboxExporter

Properties

Property	Type	Required
overrides	`object`	Optional

.spec.distribution.modules.monitoring.blackboxExporter.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.monitoring.blackboxExporter.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.monitoring.grafana

Properties

Property	Type	Required
basicAuthIngress	`boolean`	Optional
overrides	`object`	Optional
usersRoleAttributePath	`string`	Optional

.spec.distribution.modules.monitoring.grafana.basicAuthIngress

Description

Setting this to true will deploy an additional grafana-basic-auth ingress protected with Grafana's basic auth instead of SSO. It's intended use is as a temporary ingress for when there are problems with the SSO login flow.

Notice that by default anonymous access is enabled.

.spec.distribution.modules.monitoring.grafana.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.monitoring.grafana.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.monitoring.grafana.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.monitoring.grafana.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.monitoring.grafana.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.monitoring.grafana.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.monitoring.grafana.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.monitoring.grafana.usersRoleAttributePath

Description

JMESPath expression to retrieve the user's role. Example:

usersRoleAttributePath: "contains(groups[*], 'beta') && 'Admin' || contains(groups[*], 'gamma') && 'Editor' || contains(groups[*], 'delta') && 'Viewer'

More details in Grafana's documentation.

.spec.distribution.modules.monitoring.kubeStateMetrics

Properties

Property	Type	Required
overrides	`object`	Optional

.spec.distribution.modules.monitoring.kubeStateMetrics.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.monitoring.mimir

Properties

Property	Type	Required
backend	`string`	Optional
externalEndpoint	`object`	Optional
overrides	`object`	Optional
retentionTime	`string`	Optional

Description

Configuration for the Mimir package.

.spec.distribution.modules.monitoring.mimir.backend

Description

The storage backend type for Mimir. minio will use an in-cluster MinIO deployment for object storage, externalEndpoint can be used to point to an external S3-compatible object storage instead of deploying an in-cluster MinIO.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"minio"`
`"externalEndpoint"`

.spec.distribution.modules.monitoring.mimir.externalEndpoint

Properties

Property	Type	Required
accessKeyId	`string`	Optional
bucketName	`string`	Optional
endpoint	`string`	Optional
insecure	`boolean`	Optional
secretAccessKey	`string`	Optional

Description

Configuration for Mimir's external storage backend.

.spec.distribution.modules.monitoring.mimir.externalEndpoint.accessKeyId

Description

The access key ID (username) for the external S3-compatible bucket.

.spec.distribution.modules.monitoring.mimir.externalEndpoint.bucketName

Description

The bucket name of the external S3-compatible object storage.

.spec.distribution.modules.monitoring.mimir.externalEndpoint.endpoint

Description

The external S3-compatible endpoint for Mimir's storage.

.spec.distribution.modules.monitoring.mimir.externalEndpoint.insecure

Description

If true, will use HTTP as protocol instead of HTTPS.

.spec.distribution.modules.monitoring.mimir.externalEndpoint.secretAccessKey

Description

The secret access key (password) for the external S3-compatible bucket.

.spec.distribution.modules.monitoring.mimir.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.monitoring.mimir.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.monitoring.mimir.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.monitoring.mimir.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.monitoring.mimir.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.monitoring.mimir.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.monitoring.mimir.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.monitoring.mimir.retentionTime

Description

The retention time for the logs stored in Mimir. Default is 30d. Value must match the regular expression [0-9]+(ns|us|µs|ms|s|m|h|d|w|y) where y = 365 days.

.spec.distribution.modules.monitoring.minio

Properties

Property	Type	Required
overrides	`object`	Optional
rootUser	`object`	Optional
storageSize	`string`	Optional

Description

Configuration for Monitoring's MinIO deployment.

.spec.distribution.modules.monitoring.minio.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.monitoring.minio.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.monitoring.minio.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.monitoring.minio.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.monitoring.minio.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.monitoring.minio.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.monitoring.minio.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.monitoring.minio.rootUser

Properties

Property	Type	Required
password	`string`	Optional
username	`string`	Optional

.spec.distribution.modules.monitoring.minio.rootUser.password

Description

The password for the default MinIO root user.

.spec.distribution.modules.monitoring.minio.rootUser.username

Description

The username for the default MinIO root user.

.spec.distribution.modules.monitoring.minio.storageSize

Description

The PVC size for each MinIO disk, 6 disks total.

.spec.distribution.modules.monitoring.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the module.

.spec.distribution.modules.monitoring.overrides.ingresses

.spec.distribution.modules.monitoring.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the module.

.spec.distribution.modules.monitoring.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the module.

.spec.distribution.modules.monitoring.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.monitoring.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.monitoring.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.monitoring.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.monitoring.prometheus

Properties

Property	Type	Required
remoteWrite	`array`	Optional
resources	`object`	Optional
retentionSize	`string`	Optional
retentionTime	`string`	Optional
storageSize	`string`	Optional

.spec.distribution.modules.monitoring.prometheus.remoteWrite

Description

Set this option to ship the collected metrics to a remote Prometheus receiver.

remoteWrite is an array of objects that allows configuring the remoteWrite options for Prometheus. The objects in the array follow the same schema as in the prometheus operator.

.spec.distribution.modules.monitoring.prometheus.resources

Properties

Property	Type	Required
limits	`object`	Optional
requests	`object`	Optional

.spec.distribution.modules.monitoring.prometheus.resources.limits

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.monitoring.prometheus.resources.limits.cpu

Description

The CPU limit for the Pod. Example: 1000m.

.spec.distribution.modules.monitoring.prometheus.resources.limits.memory

Description

The memory limit for the Pod. Example: 1G.

.spec.distribution.modules.monitoring.prometheus.resources.requests

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.monitoring.prometheus.resources.requests.cpu

Description

The CPU request for the Pod, in cores. Example: 500m.

.spec.distribution.modules.monitoring.prometheus.resources.requests.memory

Description

The memory request for the Pod. Example: 500M.

.spec.distribution.modules.monitoring.prometheus.retentionSize

Description

The retention size for the k8s Prometheus instance.

.spec.distribution.modules.monitoring.prometheus.retentionTime

Description

The retention time for the k8s Prometheus instance.

.spec.distribution.modules.monitoring.prometheus.storageSize

Description

The storage size for the k8s Prometheus instance.

.spec.distribution.modules.monitoring.prometheusAgent

Properties

Property	Type	Required
remoteWrite	`array`	Optional
resources	`object`	Optional

.spec.distribution.modules.monitoring.prometheusAgent.remoteWrite

Description

Set this option to ship the collected metrics to a remote Prometheus receiver.

remoteWrite is an array of objects that allows configuring the remoteWrite options for Prometheus. The objects in the array follow the same schema as in the prometheus operator.

.spec.distribution.modules.monitoring.prometheusAgent.resources

Properties

Property	Type	Required
limits	`object`	Optional
requests	`object`	Optional

.spec.distribution.modules.monitoring.prometheusAgent.resources.limits

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.monitoring.prometheusAgent.resources.limits.cpu

Description

The CPU limit for the Pod. Example: 1000m.

.spec.distribution.modules.monitoring.prometheusAgent.resources.limits.memory

Description

The memory limit for the Pod. Example: 1G.

.spec.distribution.modules.monitoring.prometheusAgent.resources.requests

Properties

Property	Type	Required
cpu	`string`	Optional
memory	`string`	Optional

.spec.distribution.modules.monitoring.prometheusAgent.resources.requests.cpu

Description

The CPU request for the Pod, in cores. Example: 500m.

.spec.distribution.modules.monitoring.prometheusAgent.resources.requests.memory

Description

The memory request for the Pod. Example: 500M.

.spec.distribution.modules.monitoring.type

Description

The type of the monitoring, must be none, prometheus, prometheusAgent or mimir.

none: will disable the whole monitoring stack.
prometheus: will install Prometheus Operator and a preconfigured Prometheus instance, Alertmanager, a set of alert rules, exporters needed to monitor all the components of the cluster, Grafana and a series of dashboards to view the collected metrics, and more.
prometheusAgent: will install Prometheus operator, an instance of Prometheus in Agent mode (no alerting, no queries, no storage), and all the exporters needed to get metrics for the status of the cluster and the workloads. Useful when having a centralized (remote) Prometheus where to ship the metrics and not storing them locally in the cluster.
mimir: will install the same as the prometheus option, plus Grafana Mimir that allows for longer retention of metrics and the usage of Object Storage.

Default is prometheus.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"none"`
`"prometheus"`
`"prometheusAgent"`
`"mimir"`

.spec.distribution.modules.monitoring.x509Exporter

Properties

Property	Type	Required
overrides	`object`	Optional

.spec.distribution.modules.monitoring.x509Exporter.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.monitoring.x509Exporter.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.networking

Properties

Property	Type	Required
cilium	`object`	Optional
overrides	`object`	Optional
tigeraOperator	`object`	Optional
type	`string`	Required

Description

Configuration for the Networking module.

.spec.distribution.modules.networking.cilium

Properties

Property	Type	Required
maskSize	`string`	Optional
overrides	`object`	Optional
podCidr	`string`	Optional

.spec.distribution.modules.networking.cilium.maskSize

Description

The mask size to use for the Pods network on each node.

.spec.distribution.modules.networking.cilium.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.networking.cilium.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.networking.cilium.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.networking.cilium.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.networking.cilium.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.networking.cilium.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.networking.cilium.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.networking.cilium.podCidr

Description

Allows specifing a CIDR for the Pods network different from .spec.kubernetes.podCidr. If not set the default is to use .spec.kubernetes.podCidr.

Constraints

pattern: the string must match the following regular expression:

^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)\.?\b){4}\/(3[0-2]|[1-2][0-9]|[0-9])$

try pattern

.spec.distribution.modules.networking.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the module.

.spec.distribution.modules.networking.overrides.ingresses

.spec.distribution.modules.networking.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the module.

.spec.distribution.modules.networking.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the module.

.spec.distribution.modules.networking.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.networking.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.networking.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.networking.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.networking.tigeraOperator

Properties

Property	Type	Required
overrides	`object`	Optional

.spec.distribution.modules.networking.tigeraOperator.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.networking.tigeraOperator.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.networking.type

Description

The type of CNI plugin to use, either calico (Tigera Operator) or cilium. Default is calico.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"calico"`
`"cilium"`

.spec.distribution.modules.policy

Properties

Property	Type	Required
gatekeeper	`object`	Optional
kyverno	`object`	Optional
overrides	`object`	Optional
type	`string`	Required

Description

Configuration for the Policy module.

.spec.distribution.modules.policy.gatekeeper

Properties

Property	Type	Required
additionalExcludedNamespaces	`array`	Optional
enforcementAction	`string`	Required
installDefaultPolicies	`boolean`	Required
overrides	`object`	Optional

Description

Configuration for the Gatekeeper package.

.spec.distribution.modules.policy.gatekeeper.additionalExcludedNamespaces

Description

This parameter adds namespaces to Gatekeeper's exemption list, so it will not enforce the constraints on them.

.spec.distribution.modules.policy.gatekeeper.enforcementAction

Description

The default enforcement action to use for the included constraints. deny will block the admission when violations to the policies are found, warn will show a message to the user but will admit the violating requests and dryrun won't give any feedback to the user but it will log the violations.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"deny"`
`"dryrun"`
`"warn"`

.spec.distribution.modules.policy.gatekeeper.installDefaultPolicies

Description

Set to false to avoid installing the default Gatekeeper policies (constraints templates and constraints) included with the distribution.

.spec.distribution.modules.policy.gatekeeper.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.policy.gatekeeper.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.policy.gatekeeper.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.policy.kyverno

Properties

Property	Type	Required
additionalExcludedNamespaces	`array`	Optional
installDefaultPolicies	`boolean`	Required
overrides	`object`	Optional
validationFailureAction	`string`	Required

Description

Configuration for the Kyverno package.

.spec.distribution.modules.policy.kyverno.additionalExcludedNamespaces

Description

This parameter adds namespaces to Kyverno's exemption list, so it will not enforce the policies on them.

.spec.distribution.modules.policy.kyverno.installDefaultPolicies

Description

Set to false to avoid installing the default Kyverno policies included with distribution.

.spec.distribution.modules.policy.kyverno.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.policy.kyverno.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.policy.kyverno.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.policy.kyverno.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.policy.kyverno.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.policy.kyverno.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.policy.kyverno.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.policy.kyverno.validationFailureAction

Description

The validation failure action to use for the included policies, Enforce will block when a request does not comply with the policies and Audit will not block but log when a request does not comply with the policies.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Audit"`
`"Enforce"`

.spec.distribution.modules.policy.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the module.

.spec.distribution.modules.policy.overrides.ingresses

.spec.distribution.modules.policy.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the module.

.spec.distribution.modules.policy.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the module.

.spec.distribution.modules.policy.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.policy.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.policy.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.policy.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.policy.type

Description

The type of policy enforcement to use, either none, gatekeeper or kyverno.

Default is none.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"none"`
`"gatekeeper"`
`"kyverno"`

.spec.distribution.modules.tracing

Properties

Property	Type	Required
minio	`object`	Optional
overrides	`object`	Optional
tempo	`object`	Optional
type	`string`	Required

Description

Configuration for the Tracing module.

.spec.distribution.modules.tracing.minio

Properties

Property	Type	Required
overrides	`object`	Optional
rootUser	`object`	Optional
storageSize	`string`	Optional

Description

Configuration for Tracing's MinIO deployment.

.spec.distribution.modules.tracing.minio.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.tracing.minio.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.tracing.minio.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.tracing.minio.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.tracing.minio.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.tracing.minio.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.tracing.minio.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.tracing.minio.rootUser

Properties

Property	Type	Required
password	`string`	Optional
username	`string`	Optional

.spec.distribution.modules.tracing.minio.rootUser.password

Description

The password for the default MinIO root user.

.spec.distribution.modules.tracing.minio.rootUser.username

Description

The username for the default MinIO root user.

.spec.distribution.modules.tracing.minio.storageSize

Description

The PVC size for each MinIO disk, 6 disks total.

.spec.distribution.modules.tracing.overrides

Properties

Property	Type	Required
ingresses	`object`	Optional
nodeSelector	`object`	Optional
tolerations	`array`	Optional

Description

Override the common configuration with a particular configuration for the module.

.spec.distribution.modules.tracing.overrides.ingresses

.spec.distribution.modules.tracing.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the module.

.spec.distribution.modules.tracing.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the module.

.spec.distribution.modules.tracing.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.tracing.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.tracing.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.tracing.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.tracing.tempo

Properties

Property	Type	Required
backend	`string`	Optional
externalEndpoint	`object`	Optional
overrides	`object`	Optional
retentionTime	`string`	Optional

Description

Configuration for the Tempo package.

.spec.distribution.modules.tracing.tempo.backend

Description

The storage backend type for Tempo. minio will use an in-cluster MinIO deployment for object storage, externalEndpoint can be used to point to an external S3-compatible object storage instead of deploying an in-cluster MinIO.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"minio"`
`"externalEndpoint"`

.spec.distribution.modules.tracing.tempo.externalEndpoint

Properties

Property	Type	Required
accessKeyId	`string`	Optional
bucketName	`string`	Optional
endpoint	`string`	Optional
insecure	`boolean`	Optional
secretAccessKey	`string`	Optional

Description

Configuration for Tempo's external storage backend.

.spec.distribution.modules.tracing.tempo.externalEndpoint.accessKeyId

Description

The access key ID (username) for the external S3-compatible bucket.

.spec.distribution.modules.tracing.tempo.externalEndpoint.bucketName

Description

The bucket name of the external S3-compatible object storage.

.spec.distribution.modules.tracing.tempo.externalEndpoint.endpoint

Description

The external S3-compatible endpoint for Tempo's storage.

.spec.distribution.modules.tracing.tempo.externalEndpoint.insecure

Description

If true, will use HTTP as protocol instead of HTTPS.

.spec.distribution.modules.tracing.tempo.externalEndpoint.secretAccessKey

Description

The secret access key (password) for the external S3-compatible bucket.

.spec.distribution.modules.tracing.tempo.overrides

Properties

Property	Type	Required
nodeSelector	`object`	Optional
tolerations	`array`	Optional

.spec.distribution.modules.tracing.tempo.overrides.nodeSelector

Description

Set to override the node selector used to place the pods of the package.

.spec.distribution.modules.tracing.tempo.overrides.tolerations

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
operator	`string`	Optional
value	`string`	Optional

Description

Set to override the tolerations that will be added to the pods of the package.

.spec.distribution.modules.tracing.tempo.overrides.tolerations.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.distribution.modules.tracing.tempo.overrides.tolerations.key

Description

The key of the toleration

.spec.distribution.modules.tracing.tempo.overrides.tolerations.operator

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"Exists"`
`"Equal"`

.spec.distribution.modules.tracing.tempo.overrides.tolerations.value

Description

The value of the toleration

.spec.distribution.modules.tracing.tempo.retentionTime

Description

The retention time for the traces stored in Tempo.

.spec.distribution.modules.tracing.type

Description

The type of tracing to use, either none or tempo. none will disable the Tracing module and tempo will install a Grafana Tempo deployment.

Default is tempo.

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"none"`
`"tempo"`

.spec.distributionVersion

Description

Defines which KFD version will be installed and, in consequence, the Kubernetes version used to create the cluster. It supports git tags and branches. Example: v1.30.1.

Constraints

minimum length: the minimum number of characters for this string is: 1

.spec.kubernetes

Properties

Property	Type	Required
advanced	`object`	Optional
advancedAnsible	`object`	Optional
controlPlaneAddress	`string`	Required
dnsZone	`string`	Required
etcd	`object`	Optional
loadBalancers	`object`	Required
masters	`object`	Required
nodes	`array`	Required
pkiFolder	`string`	Required
podCidr	`string`	Required
proxy	`object`	Optional
ssh	`object`	Required
svcCidr	`string`	Required

Description

Defines the Kubernetes components configuration and the values needed for the kubernetes phase of furyctl.

.spec.kubernetes.advanced

Properties

Property	Type	Required
airGap	`object`	Optional
apiServerCertSANs	`array`	Optional
cloud	`object`	Optional
containerd	`object`	Optional
encryption	`object`	Optional
kubeletConfiguration	`object`	Optional
oidc	`object`	Optional
registry	`string`	Optional
users	`object`	Optional

.spec.kubernetes.advanced.airGap

Properties

Property	Type	Required
containerdDownloadUrl	`string`	Optional
dependenciesOverride	`object`	Optional
etcdDownloadUrl	`string`	Optional
runcChecksum	`string`	Optional
runcDownloadUrl	`string`	Optional

Description

Advanced configuration for air-gapped installations. Allows setting custom URLs where to download the binaries dependencies from and custom .deb and .rpm package repositories.

.spec.kubernetes.advanced.airGap.containerdDownloadUrl

Description

URL where to download the .tar.gz with containerd from. The tar.gz should be as the one downloaded from containerd GitHub releases page.

.spec.kubernetes.advanced.airGap.dependenciesOverride

Properties

Property	Type	Required
apt	`object`	Optional
yum	`object`	Optional

.spec.kubernetes.advanced.airGap.dependenciesOverride.apt

Properties

Property	Type	Required
gpg_key	`string`	Required
gpg_key_id	`string`	Required
name	`string`	Required
repo	`string`	Required

.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.gpg_key

Description

URL where to download the GPG key of the Apt repository. Example: https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key

.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.gpg_key_id

Description

The GPG key ID of the Apt repository. Example: 36A1D7869245C8950F966E92D8576A8BA88D21E9

.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.name

Description

An indicative name for the Apt repository. Example: k8s-1.29

.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.repo

Description

A source string for the new Apt repository. Example: deb https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /

.spec.kubernetes.advanced.airGap.dependenciesOverride.yum

Properties

Property	Type	Required
gpg_key	`string`	Required
gpg_key_check	`boolean`	Required
name	`string`	Required
repo	`string`	Required
repo_gpg_check	`boolean`	Required

.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.gpg_key

Description

URL where to download the ASCII-armored GPG key of the Yum repository. Example: https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key

.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.gpg_key_check

Description

If true, the GPG signature check on the packages will be enabled.

.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.name

Description

An indicative name for the Yum repository. Example: k8s-1.29

.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.repo

Description

URL to the directory where the Yum repository's repodata directory lives. Example: https://pkgs.k8s.io/core:/stable:/v1.29/rpm/

.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.repo_gpg_check

Description

If true, the GPG signature check on the repodata will be enabled.

.spec.kubernetes.advanced.airGap.etcdDownloadUrl

Description

URL to the path where the etcd tar.gzs are available. etcd will be downloaded from <etcdDownloadUrl>/<etcd_version>/etcd-<etcd_version>-linux-<host_architecture>.tar.gz

.spec.kubernetes.advanced.airGap.runcChecksum

Description

Checksum for the runc binary.

.spec.kubernetes.advanced.airGap.runcDownloadUrl

Description

URL where to download the runc binary from.

.spec.kubernetes.advanced.apiServerCertSANs

Description

Additional Subject Alternative Names for the API server certificates. These are used to secure connections to the API server from various clients.

.spec.kubernetes.advanced.cloud

Properties

Property	Type	Required
config	`string`	Optional
provider	`string`	Optional

.spec.kubernetes.advanced.cloud.config

Description

Sets cloud config for the Kubelet

.spec.kubernetes.advanced.cloud.provider

Description

Sets the cloud provider for the Kubelet

.spec.kubernetes.advanced.containerd

Properties

Property	Type	Required
registryConfigs	`array`	Optional

Description

Advanced configuration for containerd

.spec.kubernetes.advanced.containerd.registryConfigs

Properties

Property	Type	Required
insecureSkipVerify	`boolean`	Optional
mirrorEndpoint	`array`	Optional
password	`string`	Optional
registry	`string`	Optional
username	`string`	Optional

Description

Allows specifying custom configuration for a registry at containerd level. You can set authentication details and mirrors for a registry. This feature can be used for example to authenticate to a private registry at containerd (container runtime) level, i.e. globally instead of using imagePullSecrets. It also can be used to use a mirror for a registry or to enable insecure connections to trusted registries that have self-signed certificates.

.spec.kubernetes.advanced.containerd.registryConfigs.insecureSkipVerify

Description

Set to true to skip TLS verification (e.g. when using self-signed certificates).

.spec.kubernetes.advanced.containerd.registryConfigs.mirrorEndpoint

Description

Array of URLs with the mirrors to use for the registry. Example: ["http://mymirror.tld:8080"]

.spec.kubernetes.advanced.containerd.registryConfigs.password

Description

The password containerd will use to authenticate against the registry.

.spec.kubernetes.advanced.containerd.registryConfigs.registry

Description

Registry address on which you would like to configure authentication or mirror(s). Example: myregistry.tld:5000

.spec.kubernetes.advanced.containerd.registryConfigs.username

Description

The username containerd will use to authenticate against the registry.

.spec.kubernetes.advanced.encryption

Properties

Property	Type	Required
configuration	`string`	Optional
tlsCipherSuites	`array`	Optional

.spec.kubernetes.advanced.encryption.configuration

Description

etcd's encryption at rest configuration. Must be a string with the EncryptionConfiguration object in YAML. Example:

apiVersion: apiserver.config.k8s.io/v1
kind: EncryptionConfiguration
resources:
  - resources:
    - secrets
    providers:
    - aescbc:
        keys:
        - name: mykey
          secret: base64_encoded_secret

.spec.kubernetes.advanced.encryption.tlsCipherSuites

Description

The TLS cipher suites to use for etcd, kubelet, and kubeadm static pods. Example:

tlsCipherSuites:
  - "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
  - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
  - "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
  - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
  - "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
  - "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
  - "TLS_AES_128_GCM_SHA256"
  - "TLS_AES_256_GCM_SHA384"
  - "TLS_CHACHA20_POLY1305_SHA256"

. NOTE: to customize the TLS cipher suites of the kubelet (as well as on control plane and etcd), set only this field - do not configure them under the KubeletConfiguration.

.spec.kubernetes.advanced.kubeletConfiguration

Description

Advanced configuration for Kubelet. This open field allows users to specify any parameter supported by the KubeletConfiguration object. Examples of uses include controlling the maximum number of pods per core (podsPerCore), managing container logging (containerLogMaxSize), Topology Manager options (topologyManagerPolicyOptions). All values must follow the official Kubelet specification: https://kubernetes.io/docs/reference/config-api/kubelet-config.v1beta1/.

NOTE: Content will not be validated by furyctl. To customize the TLS cipher suites of the Kubelet, set only the Spec.Kubernetes.Advanced.Encryption.tlsCipherSuites field - do not configure them under this field.

.spec.kubernetes.advanced.oidc

Properties

Property	Type	Required
ca_file	`string`	Optional
client_id	`string`	Optional
group_prefix	`string`	Optional
groups_claim	`string`	Optional
issuer_url	`string`	Optional
username_claim	`string`	Optional
username_prefix	`string`	Optional

Description

OIDC configuration for the Kubernetes API server.

.spec.kubernetes.advanced.oidc.ca_file

Description

The path to the certificate for the CA that signed the identity provider's web certificate. Defaults to the host's root CAs. This should be a path available to the API Server.

.spec.kubernetes.advanced.oidc.client_id

Description

The client ID the API server will use to authenticate to the OIDC provider.

.spec.kubernetes.advanced.oidc.group_prefix

Description

Prefix prepended to group claims to prevent clashes with existing names (such as system: groups).

.spec.kubernetes.advanced.oidc.groups_claim

Description

JWT claim to use as the user's group.

.spec.kubernetes.advanced.oidc.issuer_url

Description

The issuer URL of the OIDC provider.

.spec.kubernetes.advanced.oidc.username_claim

Description

JWT claim to use as the user name. The default value is sub, which is expected to be a unique identifier of the end user.

.spec.kubernetes.advanced.oidc.username_prefix

Description

Prefix prepended to username claims to prevent clashes with existing names (such as system: users).

.spec.kubernetes.advanced.registry

Description

URL of the registry where to pull images from for the Kubernetes phase. (Default is registry.sighup.io/fury/on-premises).

.spec.kubernetes.advanced.users

Properties

Property	Type	Required
names	`array`	Optional
org	`string`	Optional

.spec.kubernetes.advanced.users.names

Description

List of user names to create and get a kubeconfig file. Users will not have any permissions by default, RBAC setup for the new users is needed.

.spec.kubernetes.advanced.users.org

Description

The organization the users belong to.

.spec.kubernetes.advancedAnsible

Properties

Property	Type	Required
config	`string`	Optional
pythonInterpreter	`string`	Optional

.spec.kubernetes.advancedAnsible.config

Description

Additional configuration to append to the ansible.cfg file

.spec.kubernetes.advancedAnsible.pythonInterpreter

Description

The Python interpreter to use for running Ansible. Example: python3

.spec.kubernetes.controlPlaneAddress

Description

The address for the Kubernetes control plane. Usually a DNS entry pointing to a Load Balancer on port 6443.

.spec.kubernetes.dnsZone

Description

The DNS zone of the machines. It will be appended to the name of each host to generate the kubernetes_hostname in the Ansible inventory file. It is also used to calculate etcd's initial cluster value.

.spec.kubernetes.etcd

Properties

Property	Type	Required
hosts	`array`	Required

Description

Optional configuration for an etcd cluster on dedicated nodes. If omitted, etcd will run on control plane nodes.

.spec.kubernetes.etcd.hosts

Properties

Property	Type	Required
ip	`string`	Required
name	`string`	Required

Description

List of nodes of the dedicated etcd cluster.

Constraints

minimum number of items: the minimum number of items for this array is: 1

.spec.kubernetes.etcd.hosts.ip

Description

The IP address of the etcd node.

.spec.kubernetes.etcd.hosts.name

Description

A name to identify the etcd node. This value will be concatenated to .spec.kubernetes.dnsZone to calculate the FQDN for the host as <name>.<dnsZone>.

.spec.kubernetes.loadBalancers

Properties

Property	Type	Required
additionalConfig	`string`	Optional
enabled	`boolean`	Required
hosts	`array`	Optional
keepalived	`object`	Optional
stats	`object`	Optional

.spec.kubernetes.loadBalancers.additionalConfig

Description

Additional configuration to append to HAProxy's configuration file.

.spec.kubernetes.loadBalancers.enabled

Description

Set to true to install HAProxy and configure it as a load balancer on the the load balancer hosts.

.spec.kubernetes.loadBalancers.hosts

Properties

Property	Type	Required
ip	`string`	Required
name	`string`	Required

.spec.kubernetes.loadBalancers.hosts.ip

Description

The IP address of the host.

.spec.kubernetes.loadBalancers.hosts.name

Description

A name to identify the host. This value will be concatenated to .spec.kubernetes.dnsZone to calculate the FQDN for the host as <name>.<dnsZone>.

.spec.kubernetes.loadBalancers.keepalived

Properties

Property	Type	Required
enabled	`boolean`	Required
interface	`string`	Optional
ip	`string`	Optional
passphrase	`string`	Optional
virtualRouterId	`string`	Optional

.spec.kubernetes.loadBalancers.keepalived.enabled

Description

Set to install keepalived with a floating virtual IP shared between the load balancer hosts for a deployment in High Availability.

.spec.kubernetes.loadBalancers.keepalived.interface

Description

Name of the network interface where to bind the Keepalived virtual IP.

.spec.kubernetes.loadBalancers.keepalived.ip

Description

The Virtual floating IP for Keepalived

.spec.kubernetes.loadBalancers.keepalived.passphrase

Description

Password for accessing vrrpd. Make it unique between Keepalived clusters.

Constraints

maximum length: the maximum number of characters for this string is: 8

.spec.kubernetes.loadBalancers.keepalived.virtualRouterId

Description

The virtual router ID of Keepalived, an arbitrary unique number from 1 to 255 used to differentiate multiple instances of vrrpd running on the same network interface and address family and multicast/unicast (and hence same socket).

.spec.kubernetes.loadBalancers.stats

Properties

Property	Type	Required
password	`string`	Required
username	`string`	Required

Description

Configuration for HAProxy stats page. Accessible at http://<haproxy host>:1936/stats

.spec.kubernetes.loadBalancers.stats.password

Description

The basic-auth password for HAProxy's stats page.

.spec.kubernetes.loadBalancers.stats.username

Description

The basic-auth username for HAProxy's stats page

.spec.kubernetes.masters

Properties

Property	Type	Required
annotations	`object`	Optional
hosts	`array`	Required
kubeletConfiguration	`object`	Optional
labels	`object`	Optional

Description

Configuration for the control plane hosts

.spec.kubernetes.masters.annotations

Description

Optional additional Kubernetes annotations that will be added to the control-plane nodes. Follows Kubernetes annotations format. Existing annotations with the same key will be overwritten.

.spec.kubernetes.masters.hosts

Properties

Property	Type	Required
ip	`string`	Required
name	`string`	Required

.spec.kubernetes.masters.hosts.ip

Description

The IP address of the host

.spec.kubernetes.masters.hosts.name

Description

A name to identify the host. This value will be concatenated to .spec.kubernetes.dnsZone to calculate the FQDN for the host as <name>.<dnsZone>.

.spec.kubernetes.masters.kubeletConfiguration

Description

.spec.kubernetes.masters.labels

Description

Optional additional Kubernetes labels that will be added to the control-plane nodes. Follows Kubernetes labels format.

Note: Existing labels with the same key will be overwritten and the label setting the control-plane role cannot be deleted.

.spec.kubernetes.nodes

Properties

Property	Type	Required
annotations	`object`	Optional
hosts	`array`	Required
kubeletConfiguration	`object`	Optional
labels	`object`	Optional
name	`string`	Required
taints	`array`	Optional

Description

Configuration for the node hosts

.spec.kubernetes.nodes.annotations

Description

Optional additional Kubernetes annotations that will be added to the nodes in this node group. Follows Kubernetes annotations format. Existing annotations with the same key will be overwritten.

.spec.kubernetes.nodes.hosts

Properties

Property	Type	Required
ip	`string`	Required
name	`string`	Required

Constraints

minimum number of items: the minimum number of items for this array is: 1

.spec.kubernetes.nodes.hosts.ip

Description

The IP address of the host

.spec.kubernetes.nodes.hosts.name

Description

A name to identify the host. This value will be concatenated to .spec.kubernetes.dnsZone to calculate the FQDN for the host as <name>.<dnsZone>.

.spec.kubernetes.nodes.kubeletConfiguration

Description

.spec.kubernetes.nodes.labels

Description

Optional additional Kubernetes labels that will be added to the nodes in this node group. Follows Kubernetes labels format.

Note: Existing labels with the same key will be overwritten and the label setting the node role to the node group name cannot be deleted.

.spec.kubernetes.nodes.name

Description

Name for the node group. It will be also used as the node role label. It should follow the valid variable names guideline from Ansible.

.spec.kubernetes.nodes.taints

Properties

Property	Type	Required
effect	`string`	Required
key	`string`	Required
value	`string`	Required

.spec.kubernetes.nodes.taints.effect

Constraints

enum: the value of this property must be equal to one of the following string values:

Value
`"NoSchedule"`
`"PreferNoSchedule"`
`"NoExecute"`

.spec.kubernetes.nodes.taints.key

.spec.kubernetes.nodes.taints.value

.spec.kubernetes.pkiFolder

Description

The path to the folder where the PKI files for Kubernetes and etcd are stored.

.spec.kubernetes.podCidr

Description

The subnet CIDR to use for the Pods network.

Constraints

pattern: the string must match the following regular expression:

^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)\.?\b){4}\/(3[0-2]|[1-2][0-9]|[0-9])$

try pattern

.spec.kubernetes.proxy

Properties

Property	Type	Required
http	`string`	Optional
https	`string`	Optional
noProxy	`string`	Optional

.spec.kubernetes.proxy.http

Description

The HTTP proxy URL. Example: http://test.example.dev:3128

Constraints

pattern: the string must match the following regular expression:

^(http|https)\:\/\/.+$

try pattern

.spec.kubernetes.proxy.https

Description

The HTTPS proxy URL. Example: https://test.example.dev:3128

Constraints

pattern: the string must match the following regular expression:

^(http|https)\:\/\/.+$

try pattern

.spec.kubernetes.proxy.noProxy

Description

Comma-separated list of hosts that should not use the HTTP(S) proxy. Example: localhost,127.0.0.1,172.16.0.0/17,172.16.128.0/17,10.0.0.0/8,.example.dev

.spec.kubernetes.ssh

Properties

Property	Type	Required
keyPath	`string`	Required
username	`string`	Required

Description

SSH credentials to access the hosts

.spec.kubernetes.ssh.keyPath

Description

The path to the private key to use to connect to the hosts

.spec.kubernetes.ssh.username

Description

The username to use to connect to the hosts

.spec.kubernetes.svcCidr

Description

The subnet CIDR to use for the Services network.

Constraints

pattern: the string must match the following regular expression:

^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)\.?\b){4}\/(3[0-2]|[1-2][0-9]|[0-9])$

try pattern

.spec.plugins

Properties

Property	Type	Required
helm	`object`	Optional
kustomize	`array`	Optional

.spec.plugins.helm

Properties

Property	Type	Required
releases	`array`	Optional
repositories	`array`	Optional

.spec.plugins.helm.releases

Properties

Property	Type	Required
chart	`string`	Required
disableValidationOnInstall	`boolean`	Optional
name	`string`	Required
namespace	`string`	Required
set	`array`	Optional
values	`array`	Optional
version	`string`	Optional

.spec.plugins.helm.releases.chart

Description

The chart of the release

.spec.plugins.helm.releases.disableValidationOnInstall

Description

Disable running helm diff validation when installing the plugin, it will still be done when upgrading.

.spec.plugins.helm.releases.name

Description

The name of the release

.spec.plugins.helm.releases.namespace

Description

The namespace of the release

.spec.plugins.helm.releases.set

Properties

Property	Type	Required
name	`string`	Required
value	`string`	Required

.spec.plugins.helm.releases.set.name

Description

The name of the set

.spec.plugins.helm.releases.set.value

Description

The value of the set

.spec.plugins.helm.releases.values

Description

The values of the release

.spec.plugins.helm.releases.version

Description

The version of the release

.spec.plugins.helm.repositories

Properties

Property	Type	Required
name	`string`	Required
url	`string`	Required

.spec.plugins.helm.repositories.name

Description

The name of the repository

.spec.plugins.helm.repositories.url

Description

The url of the repository

.spec.plugins.kustomize

Properties

Property	Type	Required
folder	`string`	Required
name	`string`	Required

.spec.plugins.kustomize.folder

Description

The folder of the kustomize plugin

.spec.plugins.kustomize.name

Description

The name of the kustomize plugin

Properties
- Description
.apiVersion
- Constraints
.kind
- Constraints
.metadata
- Properties
.metadata.name
- Description
- Constraints
.spec
- Properties
.spec.distribution
- Properties
.spec.distribution.common
- Properties
- Description
.spec.distribution.common.networkPoliciesEnabled
- Description
.spec.distribution.common.nodeSelector
- Description
.spec.distribution.common.provider
- Properties
.spec.distribution.common.provider.type
- Description
.spec.distribution.common.registry
- Description
.spec.distribution.common.relativeVendorPath
- Description
.spec.distribution.common.tolerations
- Properties
- Description
.spec.distribution.common.tolerations.effect
- Constraints
.spec.distribution.common.tolerations.key
- Description
.spec.distribution.common.tolerations.operator
- Constraints
.spec.distribution.common.tolerations.value
- Description
.spec.distribution.customPatches
- Properties
.spec.distribution.customPatches.configMapGenerator
- Properties
.spec.distribution.customPatches.configMapGenerator.behavior
- Description
- Constraints
.spec.distribution.customPatches.configMapGenerator.envs
- Description
.spec.distribution.customPatches.configMapGenerator.files
- Description
.spec.distribution.customPatches.configMapGenerator.literals
- Description
.spec.distribution.customPatches.configMapGenerator.name
- Description
.spec.distribution.customPatches.configMapGenerator.namespace
- Description
.spec.distribution.customPatches.configMapGenerator.options
- Properties
.spec.distribution.customPatches.configMapGenerator.options.annotations
- Description
.spec.distribution.customPatches.configMapGenerator.options.disableNameSuffixHash
- Description
.spec.distribution.customPatches.configMapGenerator.options.immutable
- Description
.spec.distribution.customPatches.configMapGenerator.options.labels
- Description
.spec.distribution.customPatches.images
- Description
.spec.distribution.customPatches.patches
- Properties
.spec.distribution.customPatches.patches.options
- Properties
.spec.distribution.customPatches.patches.options.allowKindChange
- Description
.spec.distribution.customPatches.patches.options.allowNameChange
- Description
.spec.distribution.customPatches.patches.patch
- Description
.spec.distribution.customPatches.patches.path
- Description
.spec.distribution.customPatches.patches.target
- Properties
.spec.distribution.customPatches.patches.target.annotationSelector
- Description
.spec.distribution.customPatches.patches.target.group
- Description
.spec.distribution.customPatches.patches.target.kind
- Description
.spec.distribution.customPatches.patches.target.labelSelector
- Description
.spec.distribution.customPatches.patches.target.name
- Description
.spec.distribution.customPatches.patches.target.namespace
- Description
.spec.distribution.customPatches.patches.target.version
- Description
.spec.distribution.customPatches.patchesStrategicMerge
- Description
.spec.distribution.customPatches.secretGenerator
- Properties
.spec.distribution.customPatches.secretGenerator.behavior
- Description
- Constraints
.spec.distribution.customPatches.secretGenerator.envs
- Description
.spec.distribution.customPatches.secretGenerator.files
- Description
.spec.distribution.customPatches.secretGenerator.literals
- Description
.spec.distribution.customPatches.secretGenerator.name
- Description
.spec.distribution.customPatches.secretGenerator.namespace
- Description
.spec.distribution.customPatches.secretGenerator.options
- Properties
.spec.distribution.customPatches.secretGenerator.options.annotations
- Description
.spec.distribution.customPatches.secretGenerator.options.disableNameSuffixHash
- Description
.spec.distribution.customPatches.secretGenerator.options.immutable
- Description
.spec.distribution.customPatches.secretGenerator.options.labels
- Description
.spec.distribution.customPatches.secretGenerator.type
- Description
.spec.distribution.modules
- Properties
.spec.distribution.modules.auth
- Properties
- Description
.spec.distribution.modules.auth.baseDomain
- Description
.spec.distribution.modules.auth.dex
- Properties
- Description
.spec.distribution.modules.auth.dex.additionalStaticClients
- Description
.spec.distribution.modules.auth.dex.connectors
- Description
.spec.distribution.modules.auth.dex.expiry
- Properties
.spec.distribution.modules.auth.dex.expiry.idTokens
- Description
.spec.distribution.modules.auth.dex.expiry.signingKeys
- Description
.spec.distribution.modules.auth.dex.overrides
- Properties
.spec.distribution.modules.auth.dex.overrides.nodeSelector
- Description
.spec.distribution.modules.auth.dex.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.auth.dex.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.auth.dex.overrides.tolerations.key
- Description
.spec.distribution.modules.auth.dex.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.auth.dex.overrides.tolerations.value
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth
- Properties
.spec.distribution.modules.auth.oidcKubernetesAuth.clientID
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.clientSecret
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.emailClaim
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.enabled
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.namespace
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.removeCAFromKubeconfig
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.scopes
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.sessionSecurityKey
- Description
.spec.distribution.modules.auth.oidcKubernetesAuth.usernameClaim
- Description
.spec.distribution.modules.auth.overrides
- Properties
- Description
.spec.distribution.modules.auth.overrides.ingresses
- Properties
- Description
.spec.distribution.modules.auth.overrides.ingresses.dex
- Properties
.spec.distribution.modules.auth.overrides.ingresses.dex.host
- Description
.spec.distribution.modules.auth.overrides.ingresses.dex.ingressClass
- Description
.spec.distribution.modules.auth.overrides.ingresses.gangplank
- Properties
.spec.distribution.modules.auth.overrides.ingresses.gangplank.host
- Description
.spec.distribution.modules.auth.overrides.ingresses.gangplank.ingressClass
- Description
.spec.distribution.modules.auth.overrides.nodeSelector
- Description
.spec.distribution.modules.auth.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.auth.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.auth.overrides.tolerations.key
- Description
.spec.distribution.modules.auth.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.auth.overrides.tolerations.value
- Description
.spec.distribution.modules.auth.pomerium
- Properties
- Description
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy
- Properties
- Description
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.gatekeeperPolicyManager
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.hubbleUi
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.ingressNgnixForecastle
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.loggingMinioConsole
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.loggingOpensearchDashboards
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringAlertmanager
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringGrafana
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringMinioConsole
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.monitoringPrometheus
.spec.distribution.modules.auth.pomerium.defaultRoutesPolicy.tracingMinioConsole
.spec.distribution.modules.auth.pomerium.overrides
- Properties
.spec.distribution.modules.auth.pomerium.overrides.nodeSelector
.spec.distribution.modules.auth.pomerium.overrides.tolerations
- Properties
.spec.distribution.modules.auth.pomerium.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.auth.pomerium.overrides.tolerations.key
.spec.distribution.modules.auth.pomerium.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.auth.pomerium.overrides.tolerations.value
.spec.distribution.modules.auth.pomerium.policy
- Description
.spec.distribution.modules.auth.pomerium.routes
- Description
.spec.distribution.modules.auth.pomerium.secrets
- Properties
- Description
.spec.distribution.modules.auth.pomerium.secrets.COOKIE_SECRET
- Description
.spec.distribution.modules.auth.pomerium.secrets.IDP_CLIENT_SECRET
- Description
.spec.distribution.modules.auth.pomerium.secrets.SHARED_SECRET
- Description
.spec.distribution.modules.auth.pomerium.secrets.SIGNING_KEY
- Description
.spec.distribution.modules.auth.provider
- Properties
.spec.distribution.modules.auth.provider.basicAuth
- Properties
- Description
.spec.distribution.modules.auth.provider.basicAuth.password
- Description
.spec.distribution.modules.auth.provider.basicAuth.username
- Description
.spec.distribution.modules.auth.provider.type
- Description
- Constraints
.spec.distribution.modules.dr
- Properties
- Description
.spec.distribution.modules.dr.etcdBackup
- Properties
- Description
.spec.distribution.modules.dr.etcdBackup.backupPrefix
- Description
.spec.distribution.modules.dr.etcdBackup.pvc
- Properties
- Description
.spec.distribution.modules.dr.etcdBackup.pvc.accessModes
- Description
.spec.distribution.modules.dr.etcdBackup.pvc.name
- Description
.spec.distribution.modules.dr.etcdBackup.pvc.retentionTime
- Description
.spec.distribution.modules.dr.etcdBackup.pvc.schedule
- Description
.spec.distribution.modules.dr.etcdBackup.pvc.size
- Description
.spec.distribution.modules.dr.etcdBackup.pvc.storageClass
- Description
.spec.distribution.modules.dr.etcdBackup.s3
- Properties
- Description
.spec.distribution.modules.dr.etcdBackup.s3.accessKeyId
- Description
.spec.distribution.modules.dr.etcdBackup.s3.bucketName
- Description
.spec.distribution.modules.dr.etcdBackup.s3.endpoint
- Description
.spec.distribution.modules.dr.etcdBackup.s3.insecure
- Description
.spec.distribution.modules.dr.etcdBackup.s3.retentionTime
- Description
.spec.distribution.modules.dr.etcdBackup.s3.schedule
- Description
.spec.distribution.modules.dr.etcdBackup.s3.secretAccessKey
- Description
.spec.distribution.modules.dr.etcdBackup.type
- Description
- Constraints
.spec.distribution.modules.dr.overrides
- Properties
- Description
.spec.distribution.modules.dr.overrides.ingresses
.spec.distribution.modules.dr.overrides.nodeSelector
- Description
.spec.distribution.modules.dr.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.dr.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.dr.overrides.tolerations.key
- Description
.spec.distribution.modules.dr.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.dr.overrides.tolerations.value
- Description
.spec.distribution.modules.dr.type
- Description
- Constraints
.spec.distribution.modules.dr.velero
- Properties
- Description
.spec.distribution.modules.dr.velero.backend
- Description
- Constraints
.spec.distribution.modules.dr.velero.externalEndpoint
- Properties
- Description
.spec.distribution.modules.dr.velero.externalEndpoint.accessKeyId
- Description
.spec.distribution.modules.dr.velero.externalEndpoint.bucketName
- Description
.spec.distribution.modules.dr.velero.externalEndpoint.endpoint
- Description
.spec.distribution.modules.dr.velero.externalEndpoint.insecure
- Description
.spec.distribution.modules.dr.velero.externalEndpoint.secretAccessKey
- Description
.spec.distribution.modules.dr.velero.overrides
- Properties
.spec.distribution.modules.dr.velero.overrides.nodeSelector
- Description
.spec.distribution.modules.dr.velero.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.dr.velero.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.dr.velero.overrides.tolerations.key
- Description
.spec.distribution.modules.dr.velero.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.dr.velero.overrides.tolerations.value
- Description
.spec.distribution.modules.dr.velero.schedules
- Properties
- Description
.spec.distribution.modules.dr.velero.schedules.definitions
- Properties
- Description
.spec.distribution.modules.dr.velero.schedules.definitions.full
- Properties
- Description
.spec.distribution.modules.dr.velero.schedules.definitions.full.schedule
- Description
.spec.distribution.modules.dr.velero.schedules.definitions.full.snapshotMoveData
- Description
.spec.distribution.modules.dr.velero.schedules.definitions.full.ttl
- Description
.spec.distribution.modules.dr.velero.schedules.definitions.manifests
- Properties
- Description
.spec.distribution.modules.dr.velero.schedules.definitions.manifests.schedule
- Description
.spec.distribution.modules.dr.velero.schedules.definitions.manifests.ttl
- Description
.spec.distribution.modules.dr.velero.schedules.install
- Description
.spec.distribution.modules.dr.velero.snapshotController
- Properties
- Description
.spec.distribution.modules.dr.velero.snapshotController.install
- Description
.spec.distribution.modules.ingress
- Properties
.spec.distribution.modules.ingress.baseDomain
- Description
.spec.distribution.modules.ingress.certManager
- Properties
- Description
.spec.distribution.modules.ingress.certManager.clusterIssuer
- Properties
- Description
.spec.distribution.modules.ingress.certManager.clusterIssuer.email
- Description
.spec.distribution.modules.ingress.certManager.clusterIssuer.name
- Description
.spec.distribution.modules.ingress.certManager.clusterIssuer.solvers
- Description
.spec.distribution.modules.ingress.certManager.clusterIssuer.type
- Description
- Constraints
.spec.distribution.modules.ingress.certManager.overrides
- Properties
.spec.distribution.modules.ingress.certManager.overrides.nodeSelector
- Description
.spec.distribution.modules.ingress.certManager.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.ingress.certManager.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.ingress.certManager.overrides.tolerations.key
- Description
.spec.distribution.modules.ingress.certManager.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.ingress.certManager.overrides.tolerations.value
- Description
.spec.distribution.modules.ingress.forecastle
- Properties
.spec.distribution.modules.ingress.forecastle.overrides
- Properties
.spec.distribution.modules.ingress.forecastle.overrides.nodeSelector
- Description
.spec.distribution.modules.ingress.forecastle.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.ingress.forecastle.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.ingress.forecastle.overrides.tolerations.key
- Description
.spec.distribution.modules.ingress.forecastle.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.ingress.forecastle.overrides.tolerations.value
- Description
.spec.distribution.modules.ingress.nginx
- Properties
- Description
.spec.distribution.modules.ingress.nginx.overrides
- Properties
.spec.distribution.modules.ingress.nginx.overrides.nodeSelector
- Description
.spec.distribution.modules.ingress.nginx.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.ingress.nginx.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.ingress.nginx.overrides.tolerations.key
- Description
.spec.distribution.modules.ingress.nginx.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.ingress.nginx.overrides.tolerations.value
- Description
.spec.distribution.modules.ingress.nginx.tls
- Properties
.spec.distribution.modules.ingress.nginx.tls.provider
- Description
- Constraints
.spec.distribution.modules.ingress.nginx.tls.secret
- Properties
- Description
.spec.distribution.modules.ingress.nginx.tls.secret.ca
- Description
.spec.distribution.modules.ingress.nginx.tls.secret.cert
- Description
.spec.distribution.modules.ingress.nginx.tls.secret.key
- Description
.spec.distribution.modules.ingress.nginx.type
- Description
- Constraints
.spec.distribution.modules.ingress.overrides
- Properties
- Description
.spec.distribution.modules.ingress.overrides.ingresses
- Properties
.spec.distribution.modules.ingress.overrides.ingresses.forecastle
- Properties
.spec.distribution.modules.ingress.overrides.ingresses.forecastle.disableAuth
- Description
.spec.distribution.modules.ingress.overrides.ingresses.forecastle.host
- Description
.spec.distribution.modules.ingress.overrides.ingresses.forecastle.ingressClass
- Description
.spec.distribution.modules.ingress.overrides.nodeSelector
- Description
.spec.distribution.modules.ingress.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.ingress.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.ingress.overrides.tolerations.key
- Description
.spec.distribution.modules.ingress.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.ingress.overrides.tolerations.value
- Description
.spec.distribution.modules.ingress.then
.spec.distribution.modules.logging
- Properties
- Description
.spec.distribution.modules.logging.cerebro
- Properties
- Description
.spec.distribution.modules.logging.cerebro.overrides
- Properties
.spec.distribution.modules.logging.cerebro.overrides.nodeSelector
- Description
.spec.distribution.modules.logging.cerebro.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.logging.cerebro.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.logging.cerebro.overrides.tolerations.key
- Description
.spec.distribution.modules.logging.cerebro.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.logging.cerebro.overrides.tolerations.value
- Description
.spec.distribution.modules.logging.customOutputs
- Properties
- Description
.spec.distribution.modules.logging.customOutputs.audit
- Description
.spec.distribution.modules.logging.customOutputs.errors
- Description
.spec.distribution.modules.logging.customOutputs.events
- Description
.spec.distribution.modules.logging.customOutputs.infra
- Description
.spec.distribution.modules.logging.customOutputs.ingressNginx
- Description
.spec.distribution.modules.logging.customOutputs.kubernetes
- Description
.spec.distribution.modules.logging.customOutputs.systemdCommon
- Description
.spec.distribution.modules.logging.customOutputs.systemdEtcd
- Description
.spec.distribution.modules.logging.loki
- Properties
- Description
.spec.distribution.modules.logging.loki.backend
- Description
- Constraints
.spec.distribution.modules.logging.loki.externalEndpoint
- Properties
- Description
.spec.distribution.modules.logging.loki.externalEndpoint.accessKeyId
- Description
.spec.distribution.modules.logging.loki.externalEndpoint.bucketName
- Description
.spec.distribution.modules.logging.loki.externalEndpoint.endpoint
- Description
.spec.distribution.modules.logging.loki.externalEndpoint.insecure
- Description
.spec.distribution.modules.logging.loki.externalEndpoint.secretAccessKey
- Description
.spec.distribution.modules.logging.loki.resources
- Properties
.spec.distribution.modules.logging.loki.resources.limits
- Properties
.spec.distribution.modules.logging.loki.resources.limits.cpu
- Description
.spec.distribution.modules.logging.loki.resources.limits.memory
- Description
.spec.distribution.modules.logging.loki.resources.requests
- Properties
.spec.distribution.modules.logging.loki.resources.requests.cpu
- Description
.spec.distribution.modules.logging.loki.resources.requests.memory
- Description
.spec.distribution.modules.logging.loki.tsdbStartDate
- Description
.spec.distribution.modules.logging.minio
- Properties
- Description
.spec.distribution.modules.logging.minio.overrides
- Properties
.spec.distribution.modules.logging.minio.overrides.nodeSelector
- Description
.spec.distribution.modules.logging.minio.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.logging.minio.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.logging.minio.overrides.tolerations.key
- Description
.spec.distribution.modules.logging.minio.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.logging.minio.overrides.tolerations.value
- Description
.spec.distribution.modules.logging.minio.rootUser
- Properties
.spec.distribution.modules.logging.minio.rootUser.password
- Description
.spec.distribution.modules.logging.minio.rootUser.username
- Description
.spec.distribution.modules.logging.minio.storageSize
- Description
.spec.distribution.modules.logging.opensearch
- Properties
.spec.distribution.modules.logging.opensearch.overrides
- Properties
.spec.distribution.modules.logging.opensearch.overrides.nodeSelector
- Description
.spec.distribution.modules.logging.opensearch.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.logging.opensearch.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.logging.opensearch.overrides.tolerations.key
- Description
.spec.distribution.modules.logging.opensearch.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.logging.opensearch.overrides.tolerations.value
- Description
.spec.distribution.modules.logging.opensearch.resources
- Properties
.spec.distribution.modules.logging.opensearch.resources.limits
- Properties
.spec.distribution.modules.logging.opensearch.resources.limits.cpu
- Description
.spec.distribution.modules.logging.opensearch.resources.limits.memory
- Description
.spec.distribution.modules.logging.opensearch.resources.requests
- Properties
.spec.distribution.modules.logging.opensearch.resources.requests.cpu
- Description
.spec.distribution.modules.logging.opensearch.resources.requests.memory
- Description
.spec.distribution.modules.logging.opensearch.storageSize
- Description
.spec.distribution.modules.logging.opensearch.type
- Description
- Constraints
.spec.distribution.modules.logging.operator
- Properties
- Description
.spec.distribution.modules.logging.operator.overrides
- Properties
.spec.distribution.modules.logging.operator.overrides.nodeSelector
- Description
.spec.distribution.modules.logging.operator.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.logging.operator.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.logging.operator.overrides.tolerations.key
- Description
.spec.distribution.modules.logging.operator.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.logging.operator.overrides.tolerations.value
- Description
.spec.distribution.modules.logging.overrides
- Properties
- Description
.spec.distribution.modules.logging.overrides.ingresses
.spec.distribution.modules.logging.overrides.nodeSelector
- Description
.spec.distribution.modules.logging.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.logging.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.logging.overrides.tolerations.key
- Description
.spec.distribution.modules.logging.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.logging.overrides.tolerations.value
- Description
.spec.distribution.modules.logging.type
- Description
- Constraints
.spec.distribution.modules.monitoring
- Properties
- Description
.spec.distribution.modules.monitoring.alertmanager
- Properties
.spec.distribution.modules.monitoring.alertmanager.deadManSwitchWebhookUrl
- Description
.spec.distribution.modules.monitoring.alertmanager.installDefaultRules
- Description
.spec.distribution.modules.monitoring.alertmanager.slackWebhookUrl
- Description
.spec.distribution.modules.monitoring.blackboxExporter
- Properties
.spec.distribution.modules.monitoring.blackboxExporter.overrides
- Properties
.spec.distribution.modules.monitoring.blackboxExporter.overrides.nodeSelector
- Description
.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.key
- Description
.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.monitoring.blackboxExporter.overrides.tolerations.value
- Description
.spec.distribution.modules.monitoring.grafana
- Properties
.spec.distribution.modules.monitoring.grafana.basicAuthIngress
- Description
.spec.distribution.modules.monitoring.grafana.overrides
- Properties
.spec.distribution.modules.monitoring.grafana.overrides.nodeSelector
- Description
.spec.distribution.modules.monitoring.grafana.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.monitoring.grafana.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.monitoring.grafana.overrides.tolerations.key
- Description
.spec.distribution.modules.monitoring.grafana.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.monitoring.grafana.overrides.tolerations.value
- Description
.spec.distribution.modules.monitoring.grafana.usersRoleAttributePath
- Description
.spec.distribution.modules.monitoring.kubeStateMetrics
- Properties
.spec.distribution.modules.monitoring.kubeStateMetrics.overrides
- Properties
.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.nodeSelector
- Description
.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.key
- Description
.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.monitoring.kubeStateMetrics.overrides.tolerations.value
- Description
.spec.distribution.modules.monitoring.mimir
- Properties
- Description
.spec.distribution.modules.monitoring.mimir.backend
- Description
- Constraints
.spec.distribution.modules.monitoring.mimir.externalEndpoint
- Properties
- Description
.spec.distribution.modules.monitoring.mimir.externalEndpoint.accessKeyId
- Description
.spec.distribution.modules.monitoring.mimir.externalEndpoint.bucketName
- Description
.spec.distribution.modules.monitoring.mimir.externalEndpoint.endpoint
- Description
.spec.distribution.modules.monitoring.mimir.externalEndpoint.insecure
- Description
.spec.distribution.modules.monitoring.mimir.externalEndpoint.secretAccessKey
- Description
.spec.distribution.modules.monitoring.mimir.overrides
- Properties
.spec.distribution.modules.monitoring.mimir.overrides.nodeSelector
- Description
.spec.distribution.modules.monitoring.mimir.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.monitoring.mimir.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.monitoring.mimir.overrides.tolerations.key
- Description
.spec.distribution.modules.monitoring.mimir.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.monitoring.mimir.overrides.tolerations.value
- Description
.spec.distribution.modules.monitoring.mimir.retentionTime
- Description
.spec.distribution.modules.monitoring.minio
- Properties
- Description
.spec.distribution.modules.monitoring.minio.overrides
- Properties
.spec.distribution.modules.monitoring.minio.overrides.nodeSelector
- Description
.spec.distribution.modules.monitoring.minio.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.monitoring.minio.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.monitoring.minio.overrides.tolerations.key
- Description
.spec.distribution.modules.monitoring.minio.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.monitoring.minio.overrides.tolerations.value
- Description
.spec.distribution.modules.monitoring.minio.rootUser
- Properties
.spec.distribution.modules.monitoring.minio.rootUser.password
- Description
.spec.distribution.modules.monitoring.minio.rootUser.username
- Description
.spec.distribution.modules.monitoring.minio.storageSize
- Description
.spec.distribution.modules.monitoring.overrides
- Properties
- Description
.spec.distribution.modules.monitoring.overrides.ingresses
.spec.distribution.modules.monitoring.overrides.nodeSelector
- Description
.spec.distribution.modules.monitoring.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.monitoring.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.monitoring.overrides.tolerations.key
- Description
.spec.distribution.modules.monitoring.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.monitoring.overrides.tolerations.value
- Description
.spec.distribution.modules.monitoring.prometheus
- Properties
.spec.distribution.modules.monitoring.prometheus.remoteWrite
- Description
.spec.distribution.modules.monitoring.prometheus.resources
- Properties
.spec.distribution.modules.monitoring.prometheus.resources.limits
- Properties
.spec.distribution.modules.monitoring.prometheus.resources.limits.cpu
- Description
.spec.distribution.modules.monitoring.prometheus.resources.limits.memory
- Description
.spec.distribution.modules.monitoring.prometheus.resources.requests
- Properties
.spec.distribution.modules.monitoring.prometheus.resources.requests.cpu
- Description
.spec.distribution.modules.monitoring.prometheus.resources.requests.memory
- Description
.spec.distribution.modules.monitoring.prometheus.retentionSize
- Description
.spec.distribution.modules.monitoring.prometheus.retentionTime
- Description
.spec.distribution.modules.monitoring.prometheus.storageSize
- Description
.spec.distribution.modules.monitoring.prometheusAgent
- Properties
.spec.distribution.modules.monitoring.prometheusAgent.remoteWrite
- Description
.spec.distribution.modules.monitoring.prometheusAgent.resources
- Properties
.spec.distribution.modules.monitoring.prometheusAgent.resources.limits
- Properties
.spec.distribution.modules.monitoring.prometheusAgent.resources.limits.cpu
- Description
.spec.distribution.modules.monitoring.prometheusAgent.resources.limits.memory
- Description
.spec.distribution.modules.monitoring.prometheusAgent.resources.requests
- Properties
.spec.distribution.modules.monitoring.prometheusAgent.resources.requests.cpu
- Description
.spec.distribution.modules.monitoring.prometheusAgent.resources.requests.memory
- Description
.spec.distribution.modules.monitoring.type
- Description
- Constraints
.spec.distribution.modules.monitoring.x509Exporter
- Properties
.spec.distribution.modules.monitoring.x509Exporter.overrides
- Properties
.spec.distribution.modules.monitoring.x509Exporter.overrides.nodeSelector
- Description
.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.key
- Description
.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.monitoring.x509Exporter.overrides.tolerations.value
- Description
.spec.distribution.modules.networking
- Properties
- Description
.spec.distribution.modules.networking.cilium
- Properties
.spec.distribution.modules.networking.cilium.maskSize
- Description
.spec.distribution.modules.networking.cilium.overrides
- Properties
.spec.distribution.modules.networking.cilium.overrides.nodeSelector
- Description
.spec.distribution.modules.networking.cilium.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.networking.cilium.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.networking.cilium.overrides.tolerations.key
- Description
.spec.distribution.modules.networking.cilium.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.networking.cilium.overrides.tolerations.value
- Description
.spec.distribution.modules.networking.cilium.podCidr
- Description
- Constraints
.spec.distribution.modules.networking.overrides
- Properties
- Description
.spec.distribution.modules.networking.overrides.ingresses
.spec.distribution.modules.networking.overrides.nodeSelector
- Description
.spec.distribution.modules.networking.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.networking.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.networking.overrides.tolerations.key
- Description
.spec.distribution.modules.networking.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.networking.overrides.tolerations.value
- Description
.spec.distribution.modules.networking.tigeraOperator
- Properties
.spec.distribution.modules.networking.tigeraOperator.overrides
- Properties
.spec.distribution.modules.networking.tigeraOperator.overrides.nodeSelector
- Description
.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.key
- Description
.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.networking.tigeraOperator.overrides.tolerations.value
- Description
.spec.distribution.modules.networking.type
- Description
- Constraints
.spec.distribution.modules.policy
- Properties
- Description
.spec.distribution.modules.policy.gatekeeper
- Properties
- Description
.spec.distribution.modules.policy.gatekeeper.additionalExcludedNamespaces
- Description
.spec.distribution.modules.policy.gatekeeper.enforcementAction
- Description
- Constraints
.spec.distribution.modules.policy.gatekeeper.installDefaultPolicies
- Description
.spec.distribution.modules.policy.gatekeeper.overrides
- Properties
.spec.distribution.modules.policy.gatekeeper.overrides.nodeSelector
- Description
.spec.distribution.modules.policy.gatekeeper.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.key
- Description
.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.policy.gatekeeper.overrides.tolerations.value
- Description
.spec.distribution.modules.policy.kyverno
- Properties
- Description
.spec.distribution.modules.policy.kyverno.additionalExcludedNamespaces
- Description
.spec.distribution.modules.policy.kyverno.installDefaultPolicies
- Description
.spec.distribution.modules.policy.kyverno.overrides
- Properties
.spec.distribution.modules.policy.kyverno.overrides.nodeSelector
- Description
.spec.distribution.modules.policy.kyverno.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.policy.kyverno.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.policy.kyverno.overrides.tolerations.key
- Description
.spec.distribution.modules.policy.kyverno.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.policy.kyverno.overrides.tolerations.value
- Description
.spec.distribution.modules.policy.kyverno.validationFailureAction
- Description
- Constraints
.spec.distribution.modules.policy.overrides
- Properties
- Description
.spec.distribution.modules.policy.overrides.ingresses
.spec.distribution.modules.policy.overrides.nodeSelector
- Description
.spec.distribution.modules.policy.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.policy.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.policy.overrides.tolerations.key
- Description
.spec.distribution.modules.policy.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.policy.overrides.tolerations.value
- Description
.spec.distribution.modules.policy.type
- Description
- Constraints
.spec.distribution.modules.tracing
- Properties
- Description
.spec.distribution.modules.tracing.minio
- Properties
- Description
.spec.distribution.modules.tracing.minio.overrides
- Properties
.spec.distribution.modules.tracing.minio.overrides.nodeSelector
- Description
.spec.distribution.modules.tracing.minio.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.tracing.minio.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.tracing.minio.overrides.tolerations.key
- Description
.spec.distribution.modules.tracing.minio.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.tracing.minio.overrides.tolerations.value
- Description
.spec.distribution.modules.tracing.minio.rootUser
- Properties
.spec.distribution.modules.tracing.minio.rootUser.password
- Description
.spec.distribution.modules.tracing.minio.rootUser.username
- Description
.spec.distribution.modules.tracing.minio.storageSize
- Description
.spec.distribution.modules.tracing.overrides
- Properties
- Description
.spec.distribution.modules.tracing.overrides.ingresses
.spec.distribution.modules.tracing.overrides.nodeSelector
- Description
.spec.distribution.modules.tracing.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.tracing.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.tracing.overrides.tolerations.key
- Description
.spec.distribution.modules.tracing.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.tracing.overrides.tolerations.value
- Description
.spec.distribution.modules.tracing.tempo
- Properties
- Description
.spec.distribution.modules.tracing.tempo.backend
- Description
- Constraints
.spec.distribution.modules.tracing.tempo.externalEndpoint
- Properties
- Description
.spec.distribution.modules.tracing.tempo.externalEndpoint.accessKeyId
- Description
.spec.distribution.modules.tracing.tempo.externalEndpoint.bucketName
- Description
.spec.distribution.modules.tracing.tempo.externalEndpoint.endpoint
- Description
.spec.distribution.modules.tracing.tempo.externalEndpoint.insecure
- Description
.spec.distribution.modules.tracing.tempo.externalEndpoint.secretAccessKey
- Description
.spec.distribution.modules.tracing.tempo.overrides
- Properties
.spec.distribution.modules.tracing.tempo.overrides.nodeSelector
- Description
.spec.distribution.modules.tracing.tempo.overrides.tolerations
- Properties
- Description
.spec.distribution.modules.tracing.tempo.overrides.tolerations.effect
- Constraints
.spec.distribution.modules.tracing.tempo.overrides.tolerations.key
- Description
.spec.distribution.modules.tracing.tempo.overrides.tolerations.operator
- Constraints
.spec.distribution.modules.tracing.tempo.overrides.tolerations.value
- Description
.spec.distribution.modules.tracing.tempo.retentionTime
- Description
.spec.distribution.modules.tracing.type
- Description
- Constraints
.spec.distributionVersion
- Description
- Constraints
.spec.kubernetes
- Properties
- Description
.spec.kubernetes.advanced
- Properties
.spec.kubernetes.advanced.airGap
- Properties
- Description
.spec.kubernetes.advanced.airGap.containerdDownloadUrl
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride
- Properties
.spec.kubernetes.advanced.airGap.dependenciesOverride.apt
- Properties
.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.gpg_key
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.gpg_key_id
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.name
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.apt.repo
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.yum
- Properties
.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.gpg_key
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.gpg_key_check
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.name
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.repo
- Description
.spec.kubernetes.advanced.airGap.dependenciesOverride.yum.repo_gpg_check
- Description
.spec.kubernetes.advanced.airGap.etcdDownloadUrl
- Description
.spec.kubernetes.advanced.airGap.runcChecksum
- Description
.spec.kubernetes.advanced.airGap.runcDownloadUrl
- Description
.spec.kubernetes.advanced.apiServerCertSANs
- Description
.spec.kubernetes.advanced.cloud
- Properties
.spec.kubernetes.advanced.cloud.config
- Description
.spec.kubernetes.advanced.cloud.provider
- Description
.spec.kubernetes.advanced.containerd
- Properties
- Description
.spec.kubernetes.advanced.containerd.registryConfigs
- Properties
- Description
.spec.kubernetes.advanced.containerd.registryConfigs.insecureSkipVerify
- Description
.spec.kubernetes.advanced.containerd.registryConfigs.mirrorEndpoint
- Description
.spec.kubernetes.advanced.containerd.registryConfigs.password
- Description
.spec.kubernetes.advanced.containerd.registryConfigs.registry
- Description
.spec.kubernetes.advanced.containerd.registryConfigs.username
- Description
.spec.kubernetes.advanced.encryption
- Properties
.spec.kubernetes.advanced.encryption.configuration
- Description
.spec.kubernetes.advanced.encryption.tlsCipherSuites
- Description
.spec.kubernetes.advanced.kubeletConfiguration
- Description
.spec.kubernetes.advanced.oidc
- Properties
- Description
.spec.kubernetes.advanced.oidc.ca_file
- Description
.spec.kubernetes.advanced.oidc.client_id
- Description
.spec.kubernetes.advanced.oidc.group_prefix
- Description
.spec.kubernetes.advanced.oidc.groups_claim
- Description
.spec.kubernetes.advanced.oidc.issuer_url
- Description
.spec.kubernetes.advanced.oidc.username_claim
- Description
.spec.kubernetes.advanced.oidc.username_prefix
- Description
.spec.kubernetes.advanced.registry
- Description
.spec.kubernetes.advanced.users
- Properties
.spec.kubernetes.advanced.users.names
- Description
.spec.kubernetes.advanced.users.org
- Description
.spec.kubernetes.advancedAnsible
- Properties
.spec.kubernetes.advancedAnsible.config
- Description
.spec.kubernetes.advancedAnsible.pythonInterpreter
- Description
.spec.kubernetes.controlPlaneAddress
- Description
.spec.kubernetes.dnsZone
- Description
.spec.kubernetes.etcd
- Properties
- Description
.spec.kubernetes.etcd.hosts
- Properties
- Description
- Constraints
.spec.kubernetes.etcd.hosts.ip
- Description
.spec.kubernetes.etcd.hosts.name
- Description
.spec.kubernetes.loadBalancers
- Properties
.spec.kubernetes.loadBalancers.additionalConfig
- Description
.spec.kubernetes.loadBalancers.enabled
- Description
.spec.kubernetes.loadBalancers.hosts
- Properties
.spec.kubernetes.loadBalancers.hosts.ip
- Description
.spec.kubernetes.loadBalancers.hosts.name
- Description
.spec.kubernetes.loadBalancers.keepalived
- Properties
.spec.kubernetes.loadBalancers.keepalived.enabled
- Description
.spec.kubernetes.loadBalancers.keepalived.interface
- Description
.spec.kubernetes.loadBalancers.keepalived.ip
- Description
.spec.kubernetes.loadBalancers.keepalived.passphrase
- Description
- Constraints
.spec.kubernetes.loadBalancers.keepalived.virtualRouterId
- Description
.spec.kubernetes.loadBalancers.stats
- Properties
- Description
.spec.kubernetes.loadBalancers.stats.password
- Description
.spec.kubernetes.loadBalancers.stats.username
- Description
.spec.kubernetes.masters
- Properties
- Description
.spec.kubernetes.masters.annotations
- Description
.spec.kubernetes.masters.hosts
- Properties
.spec.kubernetes.masters.hosts.ip
- Description
.spec.kubernetes.masters.hosts.name
- Description
.spec.kubernetes.masters.kubeletConfiguration
- Description
.spec.kubernetes.masters.labels
- Description
.spec.kubernetes.nodes
- Properties
- Description
.spec.kubernetes.nodes.annotations
- Description
.spec.kubernetes.nodes.hosts
- Properties
- Constraints
.spec.kubernetes.nodes.hosts.ip
- Description
.spec.kubernetes.nodes.hosts.name
- Description
.spec.kubernetes.nodes.kubeletConfiguration
- Description
.spec.kubernetes.nodes.labels
- Description
.spec.kubernetes.nodes.name
- Description
.spec.kubernetes.nodes.taints
- Properties
.spec.kubernetes.nodes.taints.effect
- Constraints
.spec.kubernetes.nodes.taints.key
.spec.kubernetes.nodes.taints.value
.spec.kubernetes.pkiFolder
- Description
.spec.kubernetes.podCidr
- Description
- Constraints
.spec.kubernetes.proxy
- Properties
.spec.kubernetes.proxy.http
- Description
- Constraints
.spec.kubernetes.proxy.https
- Description
- Constraints
.spec.kubernetes.proxy.noProxy
- Description
.spec.kubernetes.ssh
- Properties
- Description
.spec.kubernetes.ssh.keyPath
- Description
.spec.kubernetes.ssh.username
- Description
.spec.kubernetes.svcCidr
- Description
- Constraints
.spec.plugins
- Properties
.spec.plugins.helm
- Properties
.spec.plugins.helm.releases
- Properties
.spec.plugins.helm.releases.chart
- Description
.spec.plugins.helm.releases.disableValidationOnInstall
- Description
.spec.plugins.helm.releases.name
- Description
.spec.plugins.helm.releases.namespace
- Description
.spec.plugins.helm.releases.set
- Properties
.spec.plugins.helm.releases.set.name
- Description
.spec.plugins.helm.releases.set.value
- Description
.spec.plugins.helm.releases.values
- Description
.spec.plugins.helm.releases.version
- Description
.spec.plugins.helm.repositories
- Properties
.spec.plugins.helm.repositories.name
- Description
.spec.plugins.helm.repositories.url
- Description
.spec.plugins.kustomize
- Properties
.spec.plugins.kustomize.folder
- Description
.spec.plugins.kustomize.name
- Description

Properties​

Description​

.apiVersion​

Constraints​

.kind​

Constraints​

.metadata​

Properties​

.metadata.name​

Description​

Constraints​

.spec​

Properties​

.spec.distribution​

Properties​

.spec.distribution.common​

Properties​

Description​

.spec.distribution.common.networkPoliciesEnabled​

Description​

.spec.distribution.common.nodeSelector​

Description​

.spec.distribution.common.provider​

Properties​

.spec.distribution.common.provider.type​

Description​

.spec.distribution.common.registry​

Description​

.spec.distribution.common.relativeVendorPath​

Description​

.spec.distribution.common.tolerations​

Properties​

Description​

.spec.distribution.common.tolerations.effect​

Constraints​

.spec.distribution.common.tolerations.key​

Description​

.spec.distribution.common.tolerations.operator​

Constraints​

.spec.distribution.common.tolerations.value​

Description​

.spec.distribution.customPatches​

Properties​

.spec.distribution.customPatches.configMapGenerator​

Properties​

.spec.distribution.customPatches.configMapGenerator.behavior​

Description​

Constraints​

.spec.distribution.customPatches.configMapGenerator.envs​

Description​

.spec.distribution.customPatches.configMapGenerator.files​

Description​

.spec.distribution.customPatches.configMapGenerator.literals​

Description​

.spec.distribution.customPatches.configMapGenerator.name​

Description​

.spec.distribution.customPatches.configMapGenerator.namespace​

Description​

.spec.distribution.customPatches.configMapGenerator.options​

Properties​

.spec.distribution.customPatches.configMapGenerator.options.annotations​

Description​

.spec.distribution.customPatches.configMapGenerator.options.disableNameSuffixHash​

Description​

.spec.distribution.customPatches.configMapGenerator.options.immutable​

Description​

.spec.distribution.customPatches.configMapGenerator.options.labels​

Description​

.spec.distribution.customPatches.images​

Description​

.spec.distribution.customPatches.patches​

Properties​

.spec.distribution.customPatches.patches.options​

Properties​

.spec.distribution.customPatches.patches.options.allowKindChange​

Description​

.spec.distribution.customPatches.patches.options.allowNameChange​

Description​

.spec.distribution.customPatches.patches.patch​

Description​

Properties

Description

.apiVersion

Constraints

.kind

Constraints

.metadata

Properties

.metadata.name

Description

Constraints

.spec

Properties

.spec.distribution

Properties

.spec.distribution.common

Properties

Description

.spec.distribution.common.networkPoliciesEnabled

Description

.spec.distribution.common.nodeSelector

Description

.spec.distribution.common.provider

Properties

.spec.distribution.common.provider.type

Description

.spec.distribution.common.registry

Description

.spec.distribution.common.relativeVendorPath

Description

.spec.distribution.common.tolerations

Properties

Description

.spec.distribution.common.tolerations.effect

Constraints

.spec.distribution.common.tolerations.key

Description

.spec.distribution.common.tolerations.operator

Constraints

.spec.distribution.common.tolerations.value

Description

.spec.distribution.customPatches

Properties

.spec.distribution.customPatches.configMapGenerator

Properties

.spec.distribution.customPatches.configMapGenerator.behavior

Description

Constraints

.spec.distribution.customPatches.configMapGenerator.envs

Description

.spec.distribution.customPatches.configMapGenerator.files

Description

.spec.distribution.customPatches.configMapGenerator.literals

Description

.spec.distribution.customPatches.configMapGenerator.name

Description

.spec.distribution.customPatches.configMapGenerator.namespace

Description

.spec.distribution.customPatches.configMapGenerator.options

Properties

.spec.distribution.customPatches.configMapGenerator.options.annotations

Description

.spec.distribution.customPatches.configMapGenerator.options.disableNameSuffixHash

Description

.spec.distribution.customPatches.configMapGenerator.options.immutable

Description

.spec.distribution.customPatches.configMapGenerator.options.labels

Description

.spec.distribution.customPatches.images

Description

.spec.distribution.customPatches.patches

Properties

.spec.distribution.customPatches.patches.options

Properties

.spec.distribution.customPatches.patches.options.allowKindChange

Description

.spec.distribution.customPatches.patches.options.allowNameChange

Description

.spec.distribution.customPatches.patches.patch

Description