-
CWen authored
Signed-off-by:cwen0 <cwenyin0@gmail.com>
Unverified07a0d501
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
# Default values for chaos-mesh.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# clusterScoped is whether chaos-mesh should manage kubernetes cluster wide chaos
# Also see rbac.create and controllerManager.serviceAccount
clusterScoped: true
# Also see clusterScoped and controllerManager.serviceAccount
rbac:
create: true
# timezone is the timezone where controller-manager, chaos-daemon and dashboard uses.
# For example: "UTC" or "Asia/Shanghai"
# This value will be set on controller-manager and dashboard container's
# environment variable TZ.
# You may need to set the timezone to be consistent with your Grafana configuration,
# otherwise the query Grafana used to retrieve event maybe in wrong timezone.
timezone: "UTC"
# enableProfiling is a flag to enable pprof in controller-manager and chaos-daemon.
enableProfiling: true
kubectlImage: bitnami/kubectl:latest
controllerManager:
hostNetwork: false
serviceAccount: chaos-controller-manager
replicaCount: 1
image: pingcap/chaos-mesh:v1.0.0
imagePullPolicy: IfNotPresent
nameOverride: ""
fullnameOverride: ""
allowedNamespaces: ""
ignoredNamespaces: ""
# targetNamespace only works with clusterScoped is false(namespace scoped mode).
# It means namespace which will be injected chaos
targetNamespace: chaos-testing
service:
type: ClusterIP
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 500m
# memory: 1024Mi
requests:
cpu: 25m
memory: 256Mi
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
chaosDaemon:
image: pingcap/chaos-daemon:v1.0.0
imagePullPolicy: IfNotPresent
grpcPort: 31767
httpPort: 31766
env: {}
hostNetwork: false
podAnnotations: {}
# runtime specifies which container runtime to use. Currently
# we only supports docker and containerd.
runtime: docker
# socketPath specifies the container runtime socket.
socketPath: /var/run/docker.sock
# If you are using Kind or using containerd as CRI, you can use the
# config below to use containerd as the runtime in chaos-daemon.
# runtime: containerd
# socketPath: /run/containerd/containerd.sock
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 500m
# memory: 1024Mi
# requests:
# cpu: 250m
# memory: 512Mi
tolerations: []
dashboard:
create: false
replicaCount: 1
serviceAccount: chaos-controller-manager
image: pingcap/chaos-dashboard:v1.0.0
imagePullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 500m
# memory: 1024Mi
requests:
cpu: 25m
memory: 256Mi
persistentVolume:
# If you are using SQLite as your DB for Chaos Dashboard, it is recommended to enable persistence.
# If enable, the chart will create a PersistenceVolumeClaim to store its state in. If you are
# using a DB other than SQLite, set this to false to avoid allocating unused storage.
# If set to false, Chaos Mesh will use an emptyDir instead, which is ephemeral.
enabled: false
# If you'd like to bring your own PVC for persisting chaos event, pass the name of the
# created + ready PVC here. If set, this Chart will not create the default PVC.
# Requires server.persistentVolume.enabled: true
#
existingClaim: ""
# Chaos Dashboard data Persistent Volume size.
size: 8Gi
# Chaos Dashboard data Persistent Volume Storage Class.
# If defined, storageClassName: <storageClass>
storageClassName: standard
# Chaos Dashboard data Persistent Volume mount root path
#
mountPath: /data
# Subdirectory of Chaos Dashboard data Persistent Volume to mount
# Useful if the volume's root directory is not empty
#
subPath: ""
# The keys within the "env" map are mounted as environment variables on the Chaos Dashboard pod.
env:
LISTEN_HOST: "0.0.0.0"
LISTEN_PORT: 2333
# If you'd like to use a DB other than SQLite (the default), set a driver + DSN here.
DATABASE_DRIVER: sqlite3
DATABASE_DATASOURCE: /data/core.sqlite
# If you are going to store build secrets in the Chaos Dashboard database, it is suggested that
# you set a database encryption secret. This must be set before any secrets are stored
# in the database.
# DATABASE_SECRET:
ingress:
## Set to true to enable ingress record generation
enabled: false
## Set this to true in order to add the corresponding annotations for cert-manager
certManager: false
## Ingress annotations done as key:value pairs
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
# annotations:
# kubernetes.io/ingress.class: nginx
## The list of hostnames to be covered with this ingress record.
## Most likely this will be just one host, but in the event more hosts are needed, this is an array
hosts:
- name: dashboard.local
paths: ["/"]
## Set this to true in order to enable TLS on the ingress record
tls: false
## Optionally specify the TLS hosts for the ingress record
## Useful when the Ingress controller supports www-redirection
## If not specified, the above host name will be used
# tlsHosts:
# - www.dashboard.local
# - dashboard.local
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: dashboard.local-tls
prometheus:
create: false
serviceAccount: prometheus
image: prom/prometheus:v2.18.1
imagePullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 500m
memory: 1024Mi
requests:
cpu: 250m
memory: 512Mi
service:
type: ClusterIP
volume:
storage: 2Gi
storageClassName: standard
webhook:
# if empty and disable certManager, Helm will auto-generate these fields
crtPEM: |
keyPEM: |
# Setup the webhook using cert-manager
certManager:
enabled: false
# FailurePolicy defines how unrecognized errors and timeout errors from the admission webhook are handled.
# https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#failure-policy
FailurePolicy: Ignore
CRDS:
- podchaos
- iochaos
- timechaos
- networkchaos
- kernelchaos
- stresschaos
- podiochaos
- podnetworkchaos
bpfki:
create: false
image: pingcap/chaos-kernel:v1.0.0
imagePullPolicy: IfNotPresent
grpcPort: 50051
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 500m
# memory: 1024Mi
# requests:
# cpu: 250m
# memory: 512Mi