diff --git a/modules/reference/pages/k-console-helm-spec.adoc b/modules/reference/pages/k-console-helm-spec.adoc index 9f5a1c64b0..ee16d88043 100644 --- a/modules/reference/pages/k-console-helm-spec.adoc +++ b/modules/reference/pages/k-console-helm-spec.adoc @@ -1,380 +1,3 @@ -= Redpanda Console Helm Chart Specification +== Redpanda Console Helm Chart -:description: Find the default values and descriptions of settings in the Redpanda Console Helm chart. - -image:https://img.shields.io/badge/Version-3.1.0-informational?style=flat-square[Version: -3.1.0] -image:https://img.shields.io/badge/Type-application-informational?style=flat-square[Type: -application] -image:https://img.shields.io/badge/AppVersion-v3.1.0-informational?style=flat-square[AppVersion: -v3.1.0] - -This page describes the official Redpanda Console Helm Chart. In -particular, this page describes the contents of the chart’s -https://github.com/redpanda-data/helm-charts/blob/main/charts/console/values.yaml[`values.yaml` -file]. Each of the settings is listed and described on this page, along -with any default values. - -The Redpanda Console Helm chart is included as a subchart in the -Redpanda Helm chart so that you can deploy and configure Redpanda and -Redpanda Console together. For instructions on how to install and use -the chart, refer to the -https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-deploy/[deployment -documentation]. For instructions on how to override and customize the -chart’s values, see -https://docs.redpanda.com/docs/manage/kubernetes/configure-helm-chart/#configure-redpanda-console[Configure -Redpanda Console]. - -''''' - -Autogenerated from chart metadata using -https://github.com/norwoodj/helm-docs/releases/v1.11.0[helm-docs -v1.11.0] - -== Source Code - -* https://github.com/redpanda-data/redpanda-operator/tree/main/charts/console - -== Requirements - -Kubernetes: `>= 1.25.0-0` - -== Settings - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=affinity++[affinity] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=annotations++[annotations] - -Annotations to add to the deployment. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=automountServiceAccountToken++[automountServiceAccountToken] - -Automount API credentials for the Service Account into the pod. Redpanda Console -does not communicate with Kubernetes API. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.enabled++[autoscaling.enabled] - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.maxReplicas++[autoscaling.maxReplicas] - -*Default:* `100` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.minReplicas++[autoscaling.minReplicas] - -*Default:* `1` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.targetCPUUtilizationPercentage++[autoscaling.targetCPUUtilizationPercentage] - -*Default:* `80` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=commonLabels++[commonLabels] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=config++[config] - -Settings for the `Config.yaml` (required). For a reference of -configuration settings, see the -https://docs.redpanda.com/docs/reference/console/config/[Redpanda -Redpanda Consoleonsole documentation]. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=configmap.create++[configmap.create] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=deployment.create++[deployment.create] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraContainers++[extraContainers] - -Add additional containers, such as for oauth2-proxy. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraEnv++[extraEnv] - -Additional environment variables for the Redpanda Console Deployment. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraEnvFrom++[extraEnvFrom] - -Additional environment variables for Redpanda Console mapped from Secret -or ConfigMap. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraVolumeMounts++[extraVolumeMounts] - -Add additional volume mounts, such as for TLS keys. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraVolumes++[extraVolumes] - -Add additional volumes, such as for TLS keys. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=fullnameOverride++[fullnameOverride] - -Override `console.fullname` template. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image++[image] - -Redpanda Console Docker image settings. - -*Default:* - -.... -{"pullPolicy":"IfNotPresent","registry":"docker.redpanda.com","repository":"redpandadata/console","tag":""} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image.pullPolicy++[image.pullPolicy] - -The imagePullPolicy. - -*Default:* `"IfNotPresent"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image.repository++[image.repository] - -Docker repository from which to pull the Redpanda Docker image. - -*Default:* `"redpandadata/console"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image.tag++[image.tag] - -The Redpanda Console version. See DockerHub for: -https://hub.docker.com/r/redpandadata/console/tags[All stable versions] -and https://hub.docker.com/r/redpandadata/console-unstable/tags[all -unstable versions]. - -*Default:* `Chart.appVersion` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=imagePullSecrets++[imagePullSecrets] - -Pull secrets may be used to provide credentials to image repositories -See -https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.annotations++[ingress.annotations] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.enabled++[ingress.enabled] - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.hosts%5B0%5D.host++[ingress.hosts[0\].host] - -*Default:* `"chart-example.local"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.hosts%5B0%5D.paths%5B0%5D.path++[ingress.hosts[0\].paths[0\].path] - -*Default:* `"/"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.hosts%5B0%5D.paths%5B0%5D.pathType++[ingress.hosts[0\].paths[0\].pathType] - -*Default:* `"ImplementationSpecific"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.tls++[ingress.tls] - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=initContainers++[initContainers] - -Any initContainers defined should be written here - -*Default:* `{"extraInitContainers":""}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=initContainers.extraInitContainers++[initContainers.extraInitContainers] - -Additional set of init containers - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=livenessProbe++[livenessProbe] - -Settings for liveness and readiness probes. For details, see the -https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes[Kubernetes -documentation]. - -*Default:* - -.... -{"failureThreshold":3,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=nameOverride++[nameOverride] - -Override `console.name` template. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=nodeSelector++[nodeSelector] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podAnnotations++[podAnnotations] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podLabels++[podLabels] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podSecurityContext.fsGroup++[podSecurityContext.fsGroup] - -*Default:* `99` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podSecurityContext.fsGroupChangePolicy++[podSecurityContext.fsGroupChangePolicy] - -*Default:* `"Always"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podSecurityContext.runAsUser++[podSecurityContext.runAsUser] - -*Default:* `99` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=priorityClassName++[priorityClassName] - -PriorityClassName given to Pods. For details, see the -https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass[Kubernetes -documentation]. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.failureThreshold++[readinessProbe.failureThreshold] - -*Default:* `3` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.initialDelaySeconds++[readinessProbe.initialDelaySeconds] - -Grant time to test connectivity to upstream services such as Kafka and -Schema Registry. - -*Default:* `10` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.periodSeconds++[readinessProbe.periodSeconds] - -*Default:* `10` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.successThreshold++[readinessProbe.successThreshold] - -*Default:* `1` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.timeoutSeconds++[readinessProbe.timeoutSeconds] - -*Default:* `1` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=replicaCount++[replicaCount] - -*Default:* `1` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=resources++[resources] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=secret++[secret] - -Create a new Kubernetes Secret for all sensitive configuration inputs. -Each provided Secret is mounted automatically and made available to the -Pod. If you want to use one or more existing Secrets, you can use the -`extraEnvFrom` list to mount environment variables from string and -secretMounts to mount files such as Certificates from Secrets. - -*Default:* - -.... -{"authentication":{"jwtSigningKey":"","oidc":{}},"create":true,"kafka":{},"license":"","redpanda":{"adminApi":{}},"schemaRegistry":{},"serde":{}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=secret.kafka++[secret.kafka] - -Kafka Secrets. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=secretMounts++[secretMounts] - -SecretMounts is an abstraction to make a Secret available in the -container’s filesystem. Under the hood it creates a volume and a volume -mount for the Redpanda Console container. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=securityContext.runAsNonRoot++[securityContext.runAsNonRoot] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=service.annotations++[service.annotations] - -Override the value in `console.config.server.listenPort` if not `nil` -targetPort: - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=service.port++[service.port] - -*Default:* `8080` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=service.type++[service.type] - -*Default:* `"ClusterIP"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.annotations++[serviceAccount.annotations] - -Annotations to add to the service account. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.automountServiceAccountToken++[serviceAccount.automountServiceAccountToken] - -Specifies whether a service account should automount API-Credentials. -Redpanda Console does not communicate with Kubernetes API. The ServiceAccount -could be used for workload identity. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.create++[serviceAccount.create] - -Specifies whether a service account should be created. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.name++[serviceAccount.name] - -The name of the service account to use. If not set and -`serviceAccount.create` is `true`, a name is generated using the -`console.fullname` template - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=strategy++[strategy] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=tests.enabled++[tests.enabled] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=tolerations++[tolerations] - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=topologySpreadConstraints++[topologySpreadConstraints] - -*Default:* `[]` +* See Chart link:./chart/README.md[README] diff --git a/modules/reference/pages/k-crd.adoc b/modules/reference/pages/k-crd.adoc index ca0197100b..e939e441f7 100644 --- a/modules/reference/pages/k-crd.adoc +++ b/modules/reference/pages/k-crd.adoc @@ -4,6 +4,8 @@ :description: Custom resource definitions for Redpanda resources. Use the Redpanda resources to create and manage Redpanda clusters, users and topics with the Redpanda Operator. :page-aliases: reference:k-topic-crd.adoc + + .Resource Types - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-console[$$Console$$] - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] @@ -17,7 +19,9 @@ [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclaccessfilter"] == ACLAccessFilter -Filter an ACL based on its access type, operation, principal, and host. +Filter an ACL based on its access + + .Appears in: - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclfilter[$$ACLFilter$$] @@ -35,11 +39,15 @@ all principals with the specified `operation` and `permissionType` + |=== + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-acloperation"] == ACLOperation (string) ACLOperation specifies the type of operation for an ACL. + + .Appears in: - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclaccessfilter[$$ACLAccessFilter$$] - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclrule[$$ACLRule$$] @@ -49,6 +57,10 @@ ACLOperation specifies the type of operation for an ACL. [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclresourcefilter"] == ACLResourceFilter + + + + .Appears in: - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclfilter[$$ACLFilter$$] @@ -203,9 +215,11 @@ AdminSASL configures credentials to connect to Redpanda cluster that has authent |=== | Field | Description | *`username`* __string__ | Specifies the username. + -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + | *`mechanism`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + -| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies token for token-based authentication (only used if no username/password are provided). + +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies the password. + +| *`authToken`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies token for token-based authentication (only used if no username/password are provided). + +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + +| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `authToken` instead + |=== @@ -504,9 +518,19 @@ CommonTLS specifies TLS configuration settings for Redpanda clusters that have a [cols="25a,75a", options="header"] |=== | Field | Description -| *`caCertSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | CaCert is the reference for certificate authority used to establish TLS connection to Redpanda + -| *`certSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Cert is the reference for client public certificate to establish mTLS connection to Redpanda + -| *`keySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Key is the reference for client private certificate to establish mTLS connection to Redpanda + +| *`enabled`* __boolean__ | Enabled tells any connections derived from this configuration to leverage TLS even if no + +certificate configuration is specified. It *only* is relevant if no other field is specified + +in the TLS configuration block, as, for backwards compatibility reasons, any CA/Cert/Key-specification + +results in attempting to create a connection using TLS - specifying "false" in such a case does + +*not* disable TLS from being used. Leveraging this option is to support the use-case where a + +connection is served by publically issued TLS certificates that don't require any additional certificate + +specification. + +| *`caCert`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | CaCert is the reference for certificate authority used to establish TLS connection to Redpanda + +| *`cert`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Cert is the reference for client public certificate to establish mTLS connection to Redpanda + +| *`key`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Key is the reference for client private certificate to establish mTLS connection to Redpanda + +| *`caCertSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: replaced by "caCert". + +| *`certSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: replaced by "cert". + +| *`keySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: replaced by "key". + | *`insecureSkipTlsVerify`* __boolean__ | InsecureSkipTLSVerify can skip verifying Redpanda self-signed certificate when establish TLS connection to Redpanda + |=== @@ -692,7 +716,7 @@ never used. Prefer Create. + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-console"] == Console -Redpanda defines the CRD for Redpanda clusters. +Console defines the CRD for Redpanda Console instances. @@ -779,17 +803,18 @@ ConsoleCreateObj represents configuration options for creating Kubernetes object | *`secretMounts`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretmount[$$SecretMount$$] array__ | | *`secret`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretconfig[$$SecretConfig$$]__ | | *`licenseSecretRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | -| *`livenessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | -| *`readinessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | -| *`deployment`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-deploymentconfig[$$DeploymentConfig$$]__ | -| *`strategy`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#deploymentstrategy-v1-apps[$$DeploymentStrategy$$]__ | -| *`cluster`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$]__ | -| *`warnings`* __string array__ | Human-readable warnings generated by the automatic migration of a Redpanda Console v2 configuration to v3. + - + -If warnings are present, they describe which fields from the original v2 configuration could not be automatically migrated and require manual intervention. These warnings help identify configuration elements that need your attention during the upgrade process. + - + -This is a read-only field. Setting this field has no effect. + -For information about migrating from Console v2 to v3, see xref:migrate:console-v3.adoc[]. + +| *`livenessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | LivenessProbe describes a health check to be performed against a container to determine whether it is + +alive. + +| *`readinessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | ReadinessProbe describes a health check to be performed against a container to determine whether it is + +ready to receive traffic. + +| *`deployment`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-deploymentconfig[$$DeploymentConfig$$]__ | +| *`strategy`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#deploymentstrategy-v1-apps[$$DeploymentStrategy$$]__ | +| *`warnings`* __string array__ | Warnings is a slice of human readable warnings generated by the automatic + +migration of a Console V2 config to a Console V3 config. If warnings are + +present, they will describe which fields from the original config have + +been dropped and why. + +Setting this field has no effect. + +| *`cluster`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$]__ | |=== @@ -863,10 +888,17 @@ constraints without accidentally polluting the defaults of the chart. | *`secretMounts`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretmount[$$SecretMount$$] array__ | | *`secret`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretconfig[$$SecretConfig$$]__ | | *`licenseSecretRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | -| *`livenessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | -| *`readinessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | +| *`livenessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | LivenessProbe describes a health check to be performed against a container to determine whether it is + +alive. + +| *`readinessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | ReadinessProbe describes a health check to be performed against a container to determine whether it is + +ready to receive traffic. + | *`deployment`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-deploymentconfig[$$DeploymentConfig$$]__ | | *`strategy`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#deploymentstrategy-v1-apps[$$DeploymentStrategy$$]__ | +| *`warnings`* __string array__ | Warnings is a slice of human readable warnings generated by the automatic + +migration of a Console V2 config to a Console V3 config. If warnings are + +present, they will describe which fields from the original config have + +been dropped and why. + +Setting this field has no effect. + |=== @@ -1054,6 +1086,23 @@ on internal listeners. + |=== +[id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalsecretkeyselector"] +== ExternalSecretKeySelector + +ExternalSecretKeySelector selects a key of an external Secret. + + + +.Appears in: +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`name`* __string__ | +|=== + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalservice"] == ExternalService @@ -1339,11 +1388,12 @@ KafkaSASL configures credentials to connect to Redpanda cluster that has authent |=== | Field | Description | *`username`* __string__ | Specifies the username. + -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies the password. + | *`mechanism`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + | *`oauth`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$]__ | | *`gssapi`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$]__ | | *`awsMskIam`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + |=== @@ -1362,9 +1412,11 @@ see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.ht |=== | Field | Description | *`accessKey`* __string__ | -| *`secretKeySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | -| *`sessionTokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | SessionToken, if non-empty, is a session / security token to use for authentication. + +| *`secretKey`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | +| *`secretKeySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `secretKey` instead + +| *`sessionToken`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | SessionToken, if non-empty, is a session / security token to use for authentication. + See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html + +| *`sessionTokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `sessionToken` instead + | *`userAgent`* __string__ | UserAgent is the user agent to for the client to use when connecting + to Kafka, overriding the default "franz-go//". + @@ -1393,7 +1445,8 @@ KafkaSASLGSSAPI represents the Kafka Kerberos config. | *`kerberosConfigPath`* __string__ | | *`serviceName`* __string__ | | *`username`* __string__ | -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + | *`realm`* __string__ | | *`enableFast`* __boolean__ | EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. + It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. + @@ -1414,7 +1467,8 @@ KafkaSASLOAuthBearer is the config struct for the SASL OAuthBearer mechanism [cols="25a,75a", options="header"] |=== | Field | Description -| *`tokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | +| *`tokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `token` instead + |=== @@ -1900,6 +1954,20 @@ into this Job's PodTemplate. + |=== +[id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration"] +== ProbeApplyConfiguration + +ProbeApplyConfiguration is a wrapper type that allows including a partial +[corev1.Probe] in a CRD. + + + +.Appears in: +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-consolespec[$$ConsoleSpec$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-consolevalues[$$ConsoleValues$$] + + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rbac"] == RBAC @@ -2527,6 +2595,8 @@ RoleStatus defines the observed state of a Redpanda role to be cleaned up. + | *`managedRole`* __boolean__ | ManagedRole returns whether the role has been created in Redpanda and needs + to be cleaned up. + +| *`managedPrincipals`* __boolean__ | ManagedPrincipals returns whether the role has managed principals (membership) + +that are being reconciled by the operator. + |=== @@ -2663,9 +2733,11 @@ SchemaRegistrySASL configures credentials to connect to Redpanda cluster that ha |=== | Field | Description | *`username`* __string__ | Specifies the username. + -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies the password. + +| *`authToken`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | | *`mechanism`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + -| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + +| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `authToken` instead + |=== @@ -2791,7 +2863,7 @@ SchemaType specifies the type of the given schema. [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref"] == SecretKeyRef -SecretKeyRef contains enough information to inspect or modify the referred Secret data +Deprecated: SecretKeyRef contains enough information to inspect or modify the referred Secret data See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. @@ -3297,6 +3369,8 @@ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api- |=== + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec"] == TopicSpec @@ -3614,3 +3688,33 @@ UsersItems configures a list of superusers in the Helm values. |=== +[id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource"] +== ValueSource + +ValueSource represents where a value can be pulled from + + + +.Appears in: +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminsasl[$$AdminSASL$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-commontls[$$CommonTLS$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-schemaregistrysasl[$$SchemaRegistrySASL$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`inline`* __string__ | Inline is the raw value specified inline. + +| *`configMapKeyRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#configmapkeyselector-v1-core[$$ConfigMapKeySelector$$]__ | If the value is supplied by a kubernetes object reference, coordinates are embedded here. + +For target values, the string value fetched from the source will be treated as + +a raw string. + +| *`secretKeyRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | Should the value be contained in a k8s secret rather than configmap, we can refer + +to it here. + +| *`externalSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalsecretkeyselector[$$ExternalSecretKeySelector$$]__ | If the value is supplied by an external source, coordinates are embedded here. + +Note: we interpret all fetched external secrets as raw string values + +|=== + + diff --git a/modules/reference/pages/k-operator-helm-spec.adoc b/modules/reference/pages/k-operator-helm-spec.adoc index ec1d071025..749621994f 100644 --- a/modules/reference/pages/k-operator-helm-spec.adoc +++ b/modules/reference/pages/k-operator-helm-spec.adoc @@ -2,12 +2,12 @@ :description: Find the default values and descriptions of settings in the Redpanda Operator Helm chart. -image:https://img.shields.io/badge/Version-v25.1.1--beta3-informational?style=flat-square[Version: -v25.1.1-beta3] +image:https://img.shields.io/badge/Version-25.2.1-informational?style=flat-square[Version: +25.2.1] image:https://img.shields.io/badge/Type-application-informational?style=flat-square[Type: application] -image:https://img.shields.io/badge/AppVersion-v25.1.1--beta3-informational?style=flat-square[AppVersion: -v25.1.1-beta3] +image:https://img.shields.io/badge/AppVersion-v25.2.1-informational?style=flat-square[AppVersion: +v25.2.1] This page describes the official Redpanda Operator Helm Chart. In particular, this page describes the contents of the chart’s @@ -156,6 +156,29 @@ Sets the port for the webhook server to listen on. *Default:* `9443` +=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=crds++[crds] + +Flags to control CRD installation. + +*Default:* + +.... +{"enabled":false,"experimental":false} +.... + +=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=crds.enabled++[crds.enabled] + +Specifies whether to install stable CRDs + +*Default:* `false` + +=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=crds.experimental++[crds.experimental] + +Specifies whether to install experimental CRDs. If this is true both +experimental and stable CRDs will be installed. + +*Default:* `false` + === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=fullnameOverride++[fullnameOverride] Overrides the `redpanda-operator.fullname` template. @@ -272,7 +295,7 @@ Operator. *Default:* .... -{"create":true,"createAdditionalControllerCRs":true,"createRPKBundleCRs":true} +{"create":true,"createAdditionalControllerCRs":true} .... === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=rbac.create++[rbac.create] @@ -289,13 +312,6 @@ operator from deploying certain configurations of redpanda. *Default:* `true` -=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=rbac.createRPKBundleCRs++[rbac.createRPKBundleCRs] - -Create ClusterRoles needed for the Redpanda Helm chart’s -`rbac.rpkDebugBundle' feature. - -*Default:* `true` - === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=replicaCount++[replicaCount] Sets the number of instances of the Redpanda Operator to deploy. Each @@ -314,16 +330,6 @@ remove the curly braces after `resources`. *Default:* `{}` -=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=scope++[scope] - -Sets the scope of the Redpanda Operator. Valid values are `Cluster` or -`Namespace`. The Cluster scope is deprecated because it deploys the -deprecated version of the Redpanda Operator. Use the default Namespace -scope. In the Namespace scope, the Redpanda Operator manages Redpanda -resources that are deployed in the same namespace as itself. - -*Default:* `"Namespace"` - === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=serviceAccount++[serviceAccount] Service account management. diff --git a/modules/reference/pages/k-redpanda-helm-spec.adoc b/modules/reference/pages/k-redpanda-helm-spec.adoc index 9d51082fcb..631b26a568 100644 --- a/modules/reference/pages/k-redpanda-helm-spec.adoc +++ b/modules/reference/pages/k-redpanda-helm-spec.adoc @@ -1,1347 +1,3 @@ -= Redpanda Helm Chart Specification +== Redpanda Helm Chart -:description: Find the default values and descriptions of settings in the Redpanda Helm chart. - -image:https://img.shields.io/badge/Version-25.1.1--beta3-informational?style=flat-square[Version: -25.1.1-beta3] -image:https://img.shields.io/badge/Type-application-informational?style=flat-square[Type: -application] -image:https://img.shields.io/badge/AppVersion-v25.1.2-informational?style=flat-square[AppVersion: -v25.1.2] - -This page describes the official Redpanda Helm Chart. In particular, -this page describes the contents of the chart’s -https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/values.yaml[`values.yaml` -file]. Each of the settings is listed and described on this page, along -with any default values. - -For instructions on how to install and use the chart, including how to -override and customize the chart’s values, refer to the -https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-deploy/[deployment -documentation]. - -''''' - -Autogenerated from chart metadata using -https://github.com/norwoodj/helm-docs/releases/v1.11.0[helm-docs -v1.11.0] - -== Source Code - -* https://github.com/redpanda-data/redpanda-operator/tree/main/charts/redpanda - -== Requirements - -Kubernetes: `>= 1.25.0-0` - -[cols=",,",options="header",] -|=== -|Repository |Name |Version -|file://../console |console |>=3.1.0-0 -|=== - -== Settings - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging++[auditLogging] - -Audit logging for a redpanda cluster, must have enabled sasl and have -one kafka listener supporting sasl authentication for audit logging to -work. Note this feature is only available for redpanda versions >= -v23.3.0. - -*Default:* - -.... -{"clientMaxBufferSize":16777216,"enabled":false,"enabledEventTypes":null,"excludedPrincipals":null,"excludedTopics":null,"listener":"internal","partitions":12,"queueDrainIntervalMs":500,"queueMaxBufferSizePerShard":1048576,"replicationFactor":null} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.clientMaxBufferSize++[auditLogging.clientMaxBufferSize] - -Defines the number of bytes (in bytes) allocated by the internal audit -client for audit messages. - -*Default:* `16777216` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.enabled++[auditLogging.enabled] - -Enable or disable audit logging, for production clusters we suggest you -enable, however, this will only work if you also enable sasl and a -listener with sasl enabled. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.enabledEventTypes++[auditLogging.enabledEventTypes] - -Event types that should be captured by audit logs, default is [`admin`, -`authenticate`, `management`]. - -*Default:* `nil` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.excludedPrincipals++[auditLogging.excludedPrincipals] - -List of principals to exclude from auditing, default is null. - -*Default:* `nil` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.excludedTopics++[auditLogging.excludedTopics] - -List of topics to exclude from auditing, default is null. - -*Default:* `nil` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.listener++[auditLogging.listener] - -Kafka listener name, note that it must have `authenticationMethod` set -to `sasl`. For external listeners, use the external listener name, such -as `default`. - -*Default:* `"internal"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.partitions++[auditLogging.partitions] - -Integer value defining the number of partitions used by a newly created -audit topic. - -*Default:* `12` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.queueDrainIntervalMs++[auditLogging.queueDrainIntervalMs] - -In ms, frequency in which per shard audit logs are batched to client for -write to audit log. - -*Default:* `500` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.queueMaxBufferSizePerShard++[auditLogging.queueMaxBufferSizePerShard] - -Defines the maximum amount of memory used (in bytes) by the audit buffer -in each shard. - -*Default:* `1048576` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.replicationFactor++[auditLogging.replicationFactor] - -Defines the replication factor for a newly created audit log topic. This -configuration applies only to the audit log topic and may be different -from the cluster or other topic configurations. This cannot be altered -for existing audit log topics. Setting this value is optional. If a -value is not provided, Redpanda will use the -`internal_topic_replication_factor cluster` config value. Default is -`null` - -*Default:* `nil` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth++[auth] - -Authentication settings. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/[SASL -documentation]. - -*Default:* - -.... -{"sasl":{"bootstrapUser":{"mechanism":"SCRAM-SHA-256"},"enabled":false,"mechanism":"SCRAM-SHA-512","secretRef":"redpanda-users","users":[]}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.bootstrapUser++[auth.sasl.bootstrapUser] - -Details about how to create the bootstrap user for the cluster. The -secretKeyRef is optionally specified. If it is specified, the chart will -use a password written to that secret when creating the -``kubernetes-controller'' bootstrap user. If it is unspecified, then the -secret will be generated and stored in the secret -``releasename''-bootstrap-user, with the key ``password''. - -*Default:* - -.... -{"mechanism":"SCRAM-SHA-256"} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.bootstrapUser.mechanism++[auth.sasl.bootstrapUser.mechanism] - -The authentication mechanism to use for the bootstrap user. Options are -`SCRAM-SHA-256` and `SCRAM-SHA-512`. - -*Default:* `"SCRAM-SHA-256"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.enabled++[auth.sasl.enabled] - -Enable SASL authentication. If you enable SASL authentication, you must -provide a Secret in `auth.sasl.secretRef`. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.mechanism++[auth.sasl.mechanism] - -The authentication mechanism to use for the superuser. Options are -`SCRAM-SHA-256` and `SCRAM-SHA-512`. - -*Default:* `"SCRAM-SHA-512"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.secretRef++[auth.sasl.secretRef] - -A Secret that contains your superuser credentials. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/#use-secrets[SASL -documentation]. - -*Default:* `"redpanda-users"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.users++[auth.sasl.users] - -Optional list of superusers. These superusers will be created in the -Secret whose name is defined in `auth.sasl.secretRef`. If this list is -empty, the Secret in `auth.sasl.secretRef` must already exist in the -cluster before you deploy the chart. Uncomment the sample list if you -wish to try adding sample sasl users or override to use your own. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=clusterDomain++[clusterDomain] - -Default Kubernetes cluster domain. - -*Default:* `"cluster.local."` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=commonLabels++[commonLabels] - -Additional labels to add to all Kubernetes objects. For example, -`my.k8s.service: redpanda`. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config++[config] - -This section contains various settings supported by Redpanda that may -not work correctly in a Kubernetes cluster. Changing these settings -comes with some risk. Use these settings to customize various Redpanda -configurations that are not covered in other sections. These values have -no impact on the configuration or behavior of the Kubernetes objects -deployed by Helm, and therefore should not be modified for the purpose -of configuring those objects. Instead, these settings get passed -directly to the Redpanda binary at startup. For descriptions of these -properties, see the -https://docs.redpanda.com/docs/cluster-administration/configuration/[configuration -documentation]. - -*Default:* - -.... -{"cluster":{},"extraClusterConfiguration":{},"node":{"crash_loop_limit":5},"pandaproxy_client":{},"rpk":{},"schema_registry_client":{},"tunable":{"compacted_log_segment_size":67108864,"kafka_connection_rate_limit":1000,"log_segment_size_max":268435456,"log_segment_size_min":16777216,"max_compacted_log_segment_size":536870912}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.cluster++[config.cluster] - -https://docs.redpanda.com/current/reference/properties/cluster-properties/[Cluster -Configuration Properties] - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.node++[config.node] - -https://docs.redpanda.com/docs/reference/broker-properties/[Broker -(node) Configuration Properties]. - -*Default:* `{"crash_loop_limit":5}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.node.crash_loop_limit++[config.node.crash_loop_limit] - -Crash loop limit A limit on the number of consecutive times a broker can -crash within one hour before its crash-tracking logic is reset. This -limit prevents a broker from getting stuck in an infinite cycle of -crashes. User can disable this crash loop limit check by the following -action: * One hour elapses since the last crash * The node configuration -file, redpanda.yaml, is updated via config.cluster or config.node or -config.tunable objects * The startup_log file in the node’s -data_directory is manually deleted Default to 5 REF: -https://docs.redpanda.com/current/reference/broker-properties/#crash_loop_limit - -*Default:* `5` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable++[config.tunable] - -Tunable cluster properties. Deprecated: all settings here may be -specified via `config.cluster`. - -*Default:* - -.... -{"compacted_log_segment_size":67108864,"kafka_connection_rate_limit":1000,"log_segment_size_max":268435456,"log_segment_size_min":16777216,"max_compacted_log_segment_size":536870912} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.compacted_log_segment_size++[config.tunable.compacted_log_segment_size] - -See the -https://docs.redpanda.com/docs/reference/cluster-properties/#compacted_log_segment_size[property -reference documentation]. - -*Default:* `67108864` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.kafka_connection_rate_limit++[config.tunable.kafka_connection_rate_limit] - -See the -https://docs.redpanda.com/docs/reference/cluster-properties/#kafka_connection_rate_limit[property -reference documentation]. - -*Default:* `1000` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.log_segment_size_max++[config.tunable.log_segment_size_max] - -See the -https://docs.redpanda.com/docs/reference/cluster-properties/#log_segment_size_max[property -reference documentation]. - -*Default:* `268435456` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.log_segment_size_min++[config.tunable.log_segment_size_min] - -See the -https://docs.redpanda.com/docs/reference/cluster-properties/#log_segment_size_min[property -reference documentation]. - -*Default:* `16777216` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.max_compacted_log_segment_size++[config.tunable.max_compacted_log_segment_size] - -See the -https://docs.redpanda.com/docs/reference/cluster-properties/#max_compacted_log_segment_size[property -reference documentation]. - -*Default:* `536870912` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=console++[console] - -Redpanda Console settings. For a reference of configuration settings, -see the -https://docs.redpanda.com/docs/reference/console/config/[Redpanda -Console documentation]. - -*Default:* - -.... -{"config":{},"configmap":{"create":false},"deployment":{"create":false},"enabled":true,"secret":{"create":false}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=enterprise++[enterprise] - -Enterprise (optional) For details, see the -https://docs.redpanda.com/docs/get-started/licenses/?platform=kubernetes#redpanda-enterprise-edition[License -documentation]. - -*Default:* - -.... -{"license":"","licenseSecretRef":null} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=enterprise.license++[enterprise.license] - -license (optional). - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=enterprise.licenseSecretRef++[enterprise.licenseSecretRef] - -Secret name and key where the license key is stored. - -*Default:* `nil` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external++[external] - -External access settings. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/networking/networking-and-connectivity/[Networking -and Connectivity documentation]. - -*Default:* - -.... -{"enabled":true,"service":{"enabled":true},"type":"NodePort"} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.enabled++[external.enabled] - -Enable external access for each Service. You can toggle external access -for each listener in -`listeners..external..enabled`. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.service++[external.service] - -Service allows you to manage the creation of an external kubernetes -service object - -*Default:* `{"enabled":true}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.service.enabled++[external.service.enabled] - -Enabled if set to false will not create the external service type You -can still set your cluster with external access but not create the -supporting service (NodePort/LoadBalander). Set this to false if you -rather manage your own service. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.type++[external.type] - -External access type. Only `NodePort` and `LoadBalancer` are supported. -If undefined, then advertised listeners will be configured in Redpanda, -but the helm chart will not create a Service. You must create a Service -manually. Warning: If you use LoadBalancers, you will likely experience -higher latency and increased packet loss. NodePort is recommended in -cases where latency is a priority. - -*Default:* `"NodePort"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=fullnameOverride++[fullnameOverride] - -Override `redpanda.fullname` template. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=image++[image] - -Redpanda Docker image settings. - -*Default:* - -.... -{"repository":"docker.redpanda.com/redpandadata/redpanda","tag":""} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=image.repository++[image.repository] - -Docker repository from which to pull the Redpanda Docker image. - -*Default:* - -.... -"docker.redpanda.com/redpandadata/redpanda" -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=image.tag++[image.tag] - -The Redpanda version. See DockerHub for: -https://hub.docker.com/r/redpandadata/redpanda/tags[All stable versions] -and https://hub.docker.com/r/redpandadata/redpanda-unstable/tags[all -unstable versions]. - -*Default:* `Chart.appVersion`. - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners++[listeners] - -Listener settings. Override global settings configured above for -individual listeners. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/networking/configure-listeners/[listeners -documentation]. - -*Default:* - -.... -{"admin":{"external":{"default":{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}}},"port":9644,"tls":{"cert":"default","requireClientAuth":false}},"http":{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30082],"authenticationMethod":null,"port":8083,"tls":{"cert":"external","requireClientAuth":false}}},"port":8082,"tls":{"cert":"default","requireClientAuth":false}},"kafka":{"authenticationMethod":null,"external":{"default":{"advertisedPorts":[31092],"authenticationMethod":null,"port":9094,"tls":{"cert":"external"}}},"port":9093,"tls":{"cert":"default","requireClientAuth":false}},"rpc":{"port":33145,"tls":{"cert":"default","requireClientAuth":false}},"schemaRegistry":{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30081],"authenticationMethod":null,"port":8084,"tls":{"cert":"external","requireClientAuth":false}}},"port":8081,"tls":{"cert":"default","requireClientAuth":false}}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin++[listeners.admin] - -Admin API listener (only one). - -*Default:* - -.... -{"external":{"default":{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}}},"port":9644,"tls":{"cert":"default","requireClientAuth":false}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.external++[listeners.admin.external] - -Optional external access settings. - -*Default:* - -.... -{"default":{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.external.default++[listeners.admin.external.default] - -Name of the external listener. - -*Default:* - -.... -{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.external.default.tls++[listeners.admin.external.default.tls] - -The port advertised to this listener’s external clients. List one port -if you want to use the same port for each broker (would be the case when -using NodePort service). Otherwise, list the port you want to use for -each broker in order of StatefulSet replicas. If undefined, -`listeners.admin.port` is used. - -*Default:* `{"cert":"external"}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.port++[listeners.admin.port] - -The port for both internal and external connections to the Admin API. - -*Default:* `9644` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.tls++[listeners.admin.tls] - -Optional TLS section (required if global TLS is enabled) - -*Default:* - -.... -{"cert":"default","requireClientAuth":false} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.tls.cert++[listeners.admin.tls.cert] - -Name of the Certificate used for TLS (must match a Certificate name that -is registered in tls.certs). - -*Default:* `"default"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.tls.requireClientAuth++[listeners.admin.tls.requireClientAuth] - -If true, the truststore file for this listener is included in the -ConfigMap. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.http++[listeners.http] - -HTTP API listeners (aka PandaProxy). - -*Default:* - -.... -{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30082],"authenticationMethod":null,"port":8083,"tls":{"cert":"external","requireClientAuth":false}}},"port":8082,"tls":{"cert":"default","requireClientAuth":false}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka++[listeners.kafka] - -Kafka API listeners. - -*Default:* - -.... -{"authenticationMethod":null,"external":{"default":{"advertisedPorts":[31092],"authenticationMethod":null,"port":9094,"tls":{"cert":"external"}}},"port":9093,"tls":{"cert":"default","requireClientAuth":false}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka.external.default.advertisedPorts++[listeners.kafka.external.default.advertisedPorts] - -If undefined, `listeners.kafka.external.default.port` is used. - -*Default:* `[31092]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka.external.default.port++[listeners.kafka.external.default.port] - -The port used for external client connections. - -*Default:* `9094` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka.port++[listeners.kafka.port] - -The port for internal client connections. - -*Default:* `9093` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.rpc++[listeners.rpc] - -RPC listener (this is never externally accessible). - -*Default:* - -.... -{"port":33145,"tls":{"cert":"default","requireClientAuth":false}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.schemaRegistry++[listeners.schemaRegistry] - -Schema registry listeners. - -*Default:* - -.... -{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30081],"authenticationMethod":null,"port":8084,"tls":{"cert":"external","requireClientAuth":false}}},"port":8081,"tls":{"cert":"default","requireClientAuth":false}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=logging++[logging] - -Log-level settings. - -*Default:* - -.... -{"logLevel":"info","usageStats":{"enabled":true}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=logging.logLevel++[logging.logLevel] - -Log level Valid values (from least to most verbose) are: `warn`, `info`, -`debug`, and `trace`. - -*Default:* `"info"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=logging.usageStats++[logging.usageStats] - -Send usage statistics back to Redpanda Data. For details, see the -https://docs.redpanda.com/docs/cluster-administration/monitoring/#stats-reporting[stats -reporting documentation]. - -*Default:* `{"enabled":true}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=monitoring++[monitoring] - -Monitoring. This will create a ServiceMonitor that can be used by -Prometheus-Operator or VictoriaMetrics-Operator to scrape the metrics. - -*Default:* - -.... -{"enabled":false,"labels":{},"scrapeInterval":"30s"} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=nameOverride++[nameOverride] - -Override `redpanda.name` template. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=podTemplate.annotations++[podTemplate.annotations] - -Annotations to apply (or overwrite the default) to all Pods of this -Chart. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=podTemplate.labels++[podTemplate.labels] - -Labels to apply (or overwrite the default) to all Pods of this Chart. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=podTemplate.spec++[podTemplate.spec] - -A subset of Kubernetes’ PodSpec type that will be merged into the -PodSpec of all Pods for this Chart. See link:#merging-semantics[Merge -Semantics] for details. - -*Default:* - -.... -{"imagePullSecrets":[],"securityContext":{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":101}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=podTemplate.spec.imagePullSecrets++[podTemplate.spec.imagePullSecrets] - -Pull secrets may be used to provide credentials to image repositories -See the -https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/[Kubernetes -documentation]. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.enabled++[post_install_job.enabled] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.podTemplate.annotations++[post_install_job.podTemplate.annotations] - -Annotations to apply (or overwrite the default) to the Pods of this Job. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.podTemplate.labels++[post_install_job.podTemplate.labels] - -Labels to apply (or overwrite the default) to the Pods of this Job. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.podTemplate.spec++[post_install_job.podTemplate.spec] - -A subset of Kubernetes’ PodSpec type that will be merged into the final -PodSpec. See link:#merging-semantics[Merge Semantics] for details. - -*Default:* - -.... -{"containers":[{"env":[],"name":"post-install","securityContext":{}}],"securityContext":{}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rackAwareness++[rackAwareness] - -Rack Awareness settings. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/kubernetes-rack-awareness/[Rack -Awareness documentation]. - -*Default:* - -.... -{"enabled":false,"nodeAnnotation":"topology.kubernetes.io/zone"} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rackAwareness.enabled++[rackAwareness.enabled] - -When running in multiple racks or availability zones, use a Kubernetes -Node annotation value as the Redpanda rack value. Enabling this requires -running with a service account with ``get'' Node permissions. To have -the Helm chart configure these permissions, set -`serviceAccount.create=true` and `rbac.enabled=true`. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rackAwareness.nodeAnnotation++[rackAwareness.nodeAnnotation] - -The common well-known annotation to use as the rack ID. Override this -only if you use a custom Node annotation. - -*Default:* - -.... -"topology.kubernetes.io/zone" -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rbac++[rbac] - -Role Based Access Control. - -*Default:* - -.... -{"annotations":{},"enabled":true,"rpkDebugBundle":true} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rbac.annotations++[rbac.annotations] - -Annotations to add to the `rbac` resources. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rbac.enabled++[rbac.enabled] - -Controls whether or not Roles, ClusterRoles, and bindings thereof will -be generated. Disabling this very likely result in a non-functional -deployment. If you use the Redpanda Operator, you must deploy it with -the `--set rbac.createRPKBundleCRs=true` flag to give it the required -ClusterRoles. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rbac.rpkDebugBundle++[rbac.rpkDebugBundle] - -Controls whether or not a Role and RoleBinding will be generated for the -permissions required by `rpk debug bundle`. Disabling will not affect -the redpanda deployment itself but a bundle is required to engage with -our support. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources++[resources] - -Pod resource management. This section simplifies resource allocation for -the redpanda container by providing a single location where resources -are defined. - -Resources may be specified by either setting `resources.cpu` and -`resources.memory` (the default) or by setting `resources.requests` and -`resources.limits`. - -For details on `resources.cpu` and `resources.memory`, see their -respective documentation below. - -When `resources.limits` and `resources.requests` are set, the redpanda -container’s resources will be set to exactly the provided values. This -allows users to granularly control limits and requests to best suit -their use case. For example: `resources.requests.cpu` may be set without -setting `resources.limits.cpu` to avoid the potential of CPU throttling. - -Redpanda’s resource related CLI flags will then be calculated as -follows: * -`--smp max(1, floor(coalesce(resources.requests.cpu, resources.limits.cpu)))` -* -`--memory coalesce(resources.requests.memory, resources.limits.memory) * 90%` -* `--reserve-memory 0` * -`--overprovisioned coalesce(resources.requests.cpu, resources.limits.cpu) < 1000m` - -If neither a request nor a limit is provided for cpu or memory, the -corresponding flag will be omitted. As a result, setting -`resources.limits` and `resources.requests` to `{}` will result in -redpanda being run without `--smp` or `--memory`. (This is not -recommended). - -If the computed CLI flags are undesirable, they may be overridden by -specifying the desired value through -`statefulset.additionalRedpandaCmdFlags`. - -The default values are for a development environment. Production-level -values and other considerations are documented, where those values are -different from the default. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/[Pod -resources documentation]. - -*Default:* - -.... -{"cpu":{"cores":1},"memory":{"container":{"max":"2.5Gi"}}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.cpu++[resources.cpu] - -CPU resources. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/#configure-cpu-resources[Pod -resources documentation]. - -*Default:* `{"cores":1}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.cpu.cores++[resources.cpu.cores] - -Redpanda makes use of a thread per core model. For details, see this -https://redpanda.com/blog/tpc-buffers[blog]. For this reason, Redpanda -should only be given full cores. Note: You can increase cores, but -decreasing cores is supported only from 24.3 Redpanda version. This -setting is equivalent to `--smp`, `resources.requests.cpu`, and -`resources.limits.cpu`. For production, use `4` or greater. To maximize -efficiency, use the `static` CPU manager policy by specifying an even -integer for CPU resource requests and limits. This policy gives the Pods -running Redpanda brokers access to exclusive CPUs on the node. See -https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy. - -*Default:* `1` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.memory++[resources.memory] - -Memory resources For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/#configure-memory-resources[Pod -resources documentation]. - -*Default:* - -.... -{"container":{"max":"2.5Gi"}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.memory.container++[resources.memory.container] - -Enables memory locking. For production, set to `true`. -enable_memory_locking: false It is recommended to have at least 2Gi of -memory per core for the Redpanda binary. This memory is taken from the -total memory given to each container. The Helm chart allocates 80% of -the container’s memory to Redpanda, leaving the rest for other container -processes. So at least 2.5Gi per core is recommended in order to ensure -Redpanda has a full 2Gi. These values affect `--memory` and -`--reserve-memory` flags passed to Redpanda and the memory -requests/limits in the StatefulSet. Valid suffixes: k, M, G, T, P, Ki, -Mi, Gi, Ti, Pi To create `Guaranteed` Pod QoS for Redpanda brokers, -provide both container max and min values for the container. For -details, see -https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed -* Every container in the Pod must have a memory limit and a memory -request. * For every container in the Pod, the memory limit must equal -the memory request. - -*Default:* `{"max":"2.5Gi"}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.memory.container.max++[resources.memory.container.max] - -Maximum memory count for each Redpanda broker. Equivalent to -`resources.limits.memory`. For production, use `10Gi` or greater. - -*Default:* `"2.5Gi"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount++[serviceAccount] - -Service account management. - -*Default:* - -.... -{"annotations":{},"create":true,"name":""} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount.annotations++[serviceAccount.annotations] - -Annotations to add to the service account. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount.create++[serviceAccount.create] - -Specifies whether a service account should be created. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount.name++[serviceAccount.name] - -The name of the service account to use. If not set and -`serviceAccount.create` is `true`, a name is generated using the -`redpanda.fullname` template. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.additionalRedpandaCmdFlags++[statefulset.additionalRedpandaCmdFlags] - -Additional flags to pass to redpanda, - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.additionalSelectorLabels++[statefulset.additionalSelectorLabels] - -Additional labels to be added to statefulset label selector. For -example, `my.k8s.service: redpanda`. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.budget.maxUnavailable++[statefulset.budget.maxUnavailable] - -*Default:* `1` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainerImage.repository++[statefulset.initContainerImage.repository] - -*Default:* `"busybox"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainerImage.tag++[statefulset.initContainerImage.tag] - -*Default:* `"latest"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.configurator.additionalCLIArgs++[statefulset.initContainers.configurator.additionalCLIArgs] - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.fsValidator.enabled++[statefulset.initContainers.fsValidator.enabled] - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.fsValidator.expectedFS++[statefulset.initContainers.fsValidator.expectedFS] - -*Default:* `"xfs"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.setDataDirOwnership.enabled++[statefulset.initContainers.setDataDirOwnership.enabled] - -In environments where root is not allowed, you cannot change the -ownership of files and directories. Enable `setDataDirOwnership` when -using default minikube cluster configuration. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.custom++[statefulset.podAntiAffinity.custom] - -Change `podAntiAffinity.type` to `custom` and provide your own -podAntiAffinity rules here. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.topologyKey++[statefulset.podAntiAffinity.topologyKey] - -The topologyKey to be used. Can be used to spread across different -nodes, AZs, regions etc. - -*Default:* `"kubernetes.io/hostname"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.type++[statefulset.podAntiAffinity.type] - -Valid anti-affinity types are `soft`, `hard`, or `custom`. Use `custom` -if you want to supply your own anti-affinity rules in the -`podAntiAffinity.custom` object. - -*Default:* `"hard"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.weight++[statefulset.podAntiAffinity.weight] - -Weight for `soft` anti-affinity rules. Does not apply to other -anti-affinity types. - -*Default:* `100` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.annotations++[statefulset.podTemplate.annotations] - -Additional annotations to apply to the Pods of the StatefulSet. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.labels++[statefulset.podTemplate.labels] - -Additional labels to apply to the Pods of the StatefulSet. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.spec++[statefulset.podTemplate.spec] - -A subset of Kubernetes’ PodSpec type that will be merged into the final -PodSpec. See link:#merging-semantics[Merge Semantics] for details. - -*Default:* - -.... -{"affinity":{"podAntiAffinity":{"requiredDuringSchedulingIgnoredDuringExecution":[{"labelSelector":{"matchLabels":{"app.kubernetes.io/component":"{{ include \"redpanda.name\" . }}-statefulset","app.kubernetes.io/instance":"{{ .Release.Name }}","app.kubernetes.io/name":"{{ include \"redpanda.name\" . }}"}},"topologyKey":"kubernetes.io/hostname"}]}},"nodeSelector":{},"priorityClassName":"","securityContext":{},"terminationGracePeriodSeconds":90,"tolerations":[],"topologySpreadConstraints":[{"labelSelector":{"matchLabels":{"app.kubernetes.io/component":"{{ include \"redpanda.name\" . }}-statefulset","app.kubernetes.io/instance":"{{ .Release.Name }}","app.kubernetes.io/name":"{{ include \"redpanda.name\" . }}"}},"maxSkew":1,"topologyKey":"topology.kubernetes.io/zone","whenUnsatisfiable":"ScheduleAnyway"}]} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.spec.nodeSelector++[statefulset.podTemplate.spec.nodeSelector] - -Node selection constraints for scheduling Pods of this StatefulSet. -These constraints override the global `nodeSelector` value. For details, -see the -https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector[Kubernetes -documentation]. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.spec.priorityClassName++[statefulset.podTemplate.spec.priorityClassName] - -PriorityClassName given to Pods of this StatefulSet. For details, see -the -https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass[Kubernetes -documentation]. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.spec.terminationGracePeriodSeconds++[statefulset.podTemplate.spec.terminationGracePeriodSeconds] - -Termination grace period in seconds is time required to execute preStop -hook which puts particular Redpanda Pod (process/container) into -maintenance mode. Before settle down on particular value please put -Redpanda under load and perform rolling upgrade or rolling restart. That -value needs to accommodate two processes: * preStop hook needs to put -Redpanda into maintenance mode * after preStop hook Redpanda needs to -handle gracefully SIGTERM signal Both processes are executed -sequentially where preStop hook has hard deadline in the middle of -terminationGracePeriodSeconds. REF: -https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution -https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination - -*Default:* `90` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.spec.tolerations++[statefulset.podTemplate.spec.tolerations] - -Taints to be tolerated by Pods of this StatefulSet. These tolerations -override the global tolerations value. For details, see the -https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/[Kubernetes -documentation]. - -*Default:* `[]` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.replicas++[statefulset.replicas] - -Number of Redpanda brokers (Redpanda Data recommends setting this to the -number of worker nodes in the cluster) - -*Default:* `3` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.brokerDecommissioner.decommissionAfter++[statefulset.sideCars.brokerDecommissioner.decommissionAfter] - -*Default:* `"60s"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.brokerDecommissioner.decommissionRequeueTimeout++[statefulset.sideCars.brokerDecommissioner.decommissionRequeueTimeout] - -*Default:* `"10s"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.brokerDecommissioner.enabled++[statefulset.sideCars.brokerDecommissioner.enabled] - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.configWatcher.enabled++[statefulset.sideCars.configWatcher.enabled] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.createRBAC++[statefulset.sideCars.controllers.createRBAC] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.enabled++[statefulset.sideCars.controllers.enabled] - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.healthProbeAddress++[statefulset.sideCars.controllers.healthProbeAddress] - -*Default:* `":8085"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.metricsAddress++[statefulset.sideCars.controllers.metricsAddress] - -*Default:* `":9082"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.pprofAddress++[statefulset.sideCars.controllers.pprofAddress] - -*Default:* `":9083"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.run%5B0%5D++[statefulset.sideCars.controllers.run[0]] - -*Default:* `"all"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.image.repository++[statefulset.sideCars.image.repository] - -*Default:* - -.... -"docker.redpanda.com/redpandadata/redpanda-operator" -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.image.tag++[statefulset.sideCars.image.tag] - -*Default:* `"v25.1.1-beta3"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.pvcUnbinder.enabled++[statefulset.sideCars.pvcUnbinder.enabled] - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.pvcUnbinder.unbindAfter++[statefulset.sideCars.pvcUnbinder.unbindAfter] - -*Default:* `"60s"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.updateStrategy.type++[statefulset.updateStrategy.type] - -*Default:* `"RollingUpdate"` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage++[storage] - -Persistence settings. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/configure-storage/[storage -documentation]. - -*Default:* - -.... -{"hostPath":"","persistentVolume":{"annotations":{},"enabled":true,"labels":{},"nameOverwrite":"","size":"20Gi","storageClass":""},"tiered":{"config":{"cloud_storage_cache_size":5368709120,"cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false},"credentialsSecretRef":{"accessKey":{"configurationKey":"cloud_storage_access_key"},"secretKey":{"configurationKey":"cloud_storage_secret_key"}},"hostPath":"","mountType":"none","persistentVolume":{"annotations":{},"labels":{},"storageClass":""}}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.hostPath++[storage.hostPath] - -Absolute path on the host to store Redpanda’s data. If unspecified, then -an `emptyDir` volume is used. If specified but -`persistentVolume.enabled` is true, `storage.hostPath` has no effect. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume++[storage.persistentVolume] - -If `persistentVolume.enabled` is true, a PersistentVolumeClaim is -created and used to store Redpanda’s data. Otherwise, `storage.hostPath` -is used. - -*Default:* - -.... -{"annotations":{},"enabled":true,"labels":{},"nameOverwrite":"","size":"20Gi","storageClass":""} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.annotations++[storage.persistentVolume.annotations] - -Additional annotations to apply to the created PersistentVolumeClaims. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.labels++[storage.persistentVolume.labels] - -Additional labels to apply to the created PersistentVolumeClaims. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.nameOverwrite++[storage.persistentVolume.nameOverwrite] - -Option to change volume claim template name for tiered storage -persistent volume if tiered.mountType is set to `persistentVolume` - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.storageClass++[storage.persistentVolume.storageClass] - -To disable dynamic provisioning, set to `-`. If undefined or empty -(default), then no storageClassName spec is set, and the default dynamic -provisioner is chosen (gp2 on AWS, standard on GKE, AWS & OpenStack). - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config++[storage.tiered.config] - -Tiered Storage settings Requires `enterprise.licenseKey` or -`enterprised.licenseSecretRef` For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/[Tiered -Storage documentation]. For a list of properties, see -https://docs.redpanda.com/current/reference/properties/object-storage-properties/[Object -Storage Properties]. - -*Default:* - -.... -{"cloud_storage_cache_size":5368709120,"cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_cache_size++[storage.tiered.config.cloud_storage_cache_size] - -Maximum size of the disk cache used by Tiered Storage. Default is 20 -GiB. See the -https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_cache_size[property -reference documentation]. - -*Default:* `5368709120` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_enable_remote_read++[storage.tiered.config.cloud_storage_enable_remote_read] - -Cluster level default remote read configuration for new topics. See the -https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enable_remote_read[property -reference documentation]. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_enable_remote_write++[storage.tiered.config.cloud_storage_enable_remote_write] - -Cluster level default remote write configuration for new topics. See the -https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enable_remote_write[property -reference documentation]. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_enabled++[storage.tiered.config.cloud_storage_enabled] - -Global flag that enables Tiered Storage if a license key is provided. -See the -https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enabled[property -reference documentation]. - -*Default:* `false` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.hostPath++[storage.tiered.hostPath] - -Absolute path on the host to store Redpanda’s Tiered Storage cache. - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.persistentVolume.annotations++[storage.tiered.persistentVolume.annotations] - -Additional annotations to apply to the created PersistentVolumeClaims. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.persistentVolume.labels++[storage.tiered.persistentVolume.labels] - -Additional labels to apply to the created PersistentVolumeClaims. - -*Default:* `{}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.persistentVolume.storageClass++[storage.tiered.persistentVolume.storageClass] - -To disable dynamic provisioning, set to ``-''. If undefined or empty -(default), then no storageClassName spec is set, and the default dynamic -provisioner is chosen (gp2 on AWS, standard on GKE, AWS & OpenStack). - -*Default:* `""` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tests.enabled++[tests.enabled] - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls++[tls] - -TLS settings. For details, see the -https://docs.redpanda.com/docs/manage/kubernetes/security/kubernetes-tls/[TLS -documentation]. - -*Default:* - -.... -{"certs":{"default":{"caEnabled":true},"external":{"caEnabled":true}},"enabled":true} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs++[tls.certs] - -List all Certificates here, then you can reference a specific -Certificate’s name in each listener’s -`listeners..tls.cert` setting. - -*Default:* - -.... -{"default":{"caEnabled":true},"external":{"caEnabled":true}} -.... - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.default++[tls.certs.default] - -This key is the Certificate name. To apply the Certificate to a specific -listener, reference the Certificate’s name in -`listeners..tls.cert`. - -*Default:* `{"caEnabled":true}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.default.caEnabled++[tls.certs.default.caEnabled] - -Indicates whether or not the Secret holding this certificate includes a -`ca.crt` key. When `true`, chart managed clients, such as rpk, will use -`ca.crt` for certificate verification and listeners with -`require_client_auth` and no explicit `truststore` will use `ca.crt` as -their `truststore_file` for verification of client certificates. When -`false`, chart managed clients will use `tls.crt` for certificate -verification and listeners with `require_client_auth` and no explicit -`truststore` will use the container’s CA certificates. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.external++[tls.certs.external] - -Example external tls configuration uncomment and set the right key to -the listeners that require them also enable the tls setting for those -listeners. - -*Default:* `{"caEnabled":true}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.external.caEnabled++[tls.certs.external.caEnabled] - -Indicates whether or not the Secret holding this certificate includes a -`ca.crt` key. When `true`, chart managed clients, such as rpk, will use -`ca.crt` for certificate verification and listeners with -`require_client_auth` and no explicit `truststore` will use `ca.crt` as -their `truststore_file` for verification of client certificates. When -`false`, chart managed clients will use `tls.crt` for certificate -verification and listeners with `require_client_auth` and no explicit -`truststore` will use the container’s CA certificates. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.enabled++[tls.enabled] - -Enable TLS globally for all listeners. Each listener must include a -Certificate name in its `.tls` object. To allow you to enable -TLS for individual listeners, Certificates in `auth.tls.certs` are -always loaded, even if `tls.enabled` is `false`. See -`listeners..tls.enabled`. - -*Default:* `true` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tuning++[tuning] - -Redpanda tuning settings. Each is set to their default values in -Redpanda. - -*Default:* `{"tune_aio_events":true}` - -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tuning.tune_aio_events++[tuning.tune_aio_events] - -Increase the maximum number of outstanding asynchronous IO operations if -the current value is below a certain threshold. This allows Redpanda to -make as many simultaneous IO requests as possible, increasing -throughput. When this option is enabled, Helm creates a privileged -container. If your security profile does not allow this, you can disable -this container by setting `tune_aio_events` to `false`. For more -details, see the -https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-tune-workers/[tuning -documentation]. - -*Default:* `true` - -== Merging Semantics - -The redpanda chart implements a form of object merging that’s roughly a -middleground of -https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment[JSON -Merge Patch] and -https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#use-a-strategic-merge-patch-to-update-a-deployment[Kubernetes’ -Strategic Merge Patch]. This is done to aid end users in setting or -overriding fields that are not directly exposed via the chart. - -* Directives are not supported. -* List fields that are merged by a unique key in Kubernetes’ SMP (e.g. -`containers`, `env`) will be merged in a similar awy. -* Only fields explicitly allowed by the chart’s JSON schema will be -merged. -* Additional containers that are not present in the original value will -NOT be added. +* See Chart link:./chart/README.md[README]