Deploy Harbor Operator
Homepage: https://github.com/goharbor/harbor-operator
| Key | Type | Default | Description |
|---|---|---|---|
| affinity | object | {} |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#affinity-v1-core For example: { "nodeAffinity": { "requiredDuringSchedulingIgnoredDuringExecution": { "nodeSelectorTerms": [ { "matchExpressions": [ { "key": "foo.bar.com/role", "operator": "In", "values": [ "master" ] } ] } ] } } } |
| allowPrivilegeEscalation | bool | false |
Allow privilege escalation for the controller Pods |
| autoscaling.enabled | bool | false |
Whether to enabled Horizontal Pod Autoscaling |
| autoscaling.maxReplicas | int | 100 |
Maximum conroller replicas |
| autoscaling.minReplicas | int | 1 |
Minimum conroller replicas |
| autoscaling.targetCPUUtilizationPercentage | int | 80 |
CPU usage target for autoscaling |
| autoscaling.targetMemoryUtilizationPercentage | int | No target | Memory usage target for autoscaling |
| controllers.chartmuseum.maxReconcile | int | 1 |
Max parallel reconciliation for ChartMuseum controller |
| controllers.common.classname | string | "" |
Harbor class handled by the operator. An empty class means watch all resources |
| controllers.common.networkPolicies | bool | false |
Whether the operator should manage network policies |
| controllers.common.watchChildren | bool | true |
Whether the operator should watch children |
| controllers.core.maxReconcile | int | 1 |
Max parallel reconciliation for Core controller |
| controllers.harbor.maxReconcile | int | 1 |
Max parallel reconciliation for Harbor controller |
| controllers.harborConfiguration.maxReconcile | int | 1 |
Max parallel reconciliation for HarborConfiguration controller |
| controllers.harborProject.maxReconcile | int | 1 |
Max parallel reconciliation for HarborProject controller |
| controllers.harborProject.requeueAfterMinutes | int | 5 |
How often to reconcile HarborProjects |
| controllers.harborcluster.maxReconcile | int | 1 |
Max parallel reconciliation for HarborCluster controller |
| controllers.jobservice.maxReconcile | int | 1 |
Max parallel reconciliation for JobService controller |
| controllers.notaryserver.maxReconcile | int | 1 |
Max parallel reconciliation for NotaryServer controller |
| controllers.notarysigner.maxReconcile | int | 1 |
Max parallel reconciliation for NotarySigner controller |
| controllers.portal.maxReconcile | int | 1 |
Max parallel reconciliation for Portal controller |
| controllers.registry.maxReconcile | int | 1 |
Max parallel reconciliation for Registry controller |
| controllers.registryctl.maxReconcile | int | 1 |
Max parallel reconciliation for RegistryCtl controller |
| controllers.trivy.maxReconcile | int | 1 |
Max parallel reconciliation for Trivy controller |
| deploymentAnnotations | object | {} |
Additional annotations to add to the controller Deployment |
| fullnameOverride | string | "" |
|
| harborClass | string | "" |
Class name of the Harbor operator |
| image.pullPolicy | string | "IfNotPresent" |
The image pull policy for the controller. |
| image.registry | string | "docker.io" |
The image registry whose default is docker.io. |
| image.repository | string | "goharbor/harbor-operator" |
The image repository whose default is the chart appVersion. |
| image.tag | string | "dev" |
The image tag whose default is the chart appVersion. |
| imagePullSecrets | list | [] |
Reference to one or more secrets to be used when pulling images https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ For example: [ {"name":"image-pull-secret"} ] |
| installCRDs | bool | false |
If true, CRD resources will be installed as part of the Helm chart. If enabled, when uninstalling CRD resources will be deleted causing all installed custom resources to be DELETED |
| leaderElection.namespace | string | "kube-system" |
The namespace used to store the ConfigMap for leader election |
| logLevel | int | 4 |
Set the verbosity of controller. Range of 0 - 6 with 6 being the most verbose. Info level is 4. |
| minio-operator.enabled | bool | false |
Whether to enabled MinIO Operator |
| nameOverride | string | "" |
|
| nodeSelector | object | {} |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#nodeselector-v1-core For example: [ { "matchExpressions": [ { "key": "kubernetes.io/e2e-az-name", "operator": "In", "values": [ "e2e-az1", "e2e-az2" ] } ] } ] |
| podAnnotations | object | {} |
Additional annotations to add to the controller Pods |
| podLabels | object | {} |
Additional labels to add to the controller Pods |
| podSecurityContext | object | {"runAsNonRoot":true,"runAsUser":65532} |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podsecuritycontext-v1-core For example: { "fsGroup": 2000, "runAsUser": 1000, "runAsNonRoot": true } |
| postgres-operator.configKubernetes.secret_name_template | string | "{username}.{cluster}.credentials" |
|
| postgres-operator.enabled | bool | false |
Whether to enabled Postgres operator |
| priorityClassName | string | "" |
priority class to be used for the harbor-operator pods |
| rbac.create | bool | true |
Whether to install Role Based Access Control |
| redis-operator.enabled | bool | false |
Whether to enabled Redis Operator |
| redis-operator.image.tag | string | "v1.2.0" |
|
| replicaCount | int | 1 |
Number of replicas for the controller |
| resources | object | {"limits":{"cpu":"500m","memory":"300Mi"},"requests":{"cpu":"300m","memory":"200Mi"}} |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#resourcerequirements-v1-core |
| service.port | int | 443 |
Expose port for WebHook controller |
| service.type | string | "ClusterIP" |
Service type to use |
| serviceAccount.annotations | object | {} |
Annotations to add to the service account |
| serviceAccount.create | bool | true |
Specifies whether a service account should be created |
| serviceAccount.name | string | "" |
The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
| strategy | object | {} |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#deploymentstrategy-v1-apps For example: { "type": "RollingUpdate", "rollingUpdate": { "maxSurge": 0, "maxUnavailable": 1 } } |
| tolerations | list | [] |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#toleration-v1-core For example: [ { "key": "foo.bar.com/role", "operator": "Equal", "value": "master", "effect": "NoSchedule" } ] |
| volumeMounts | list | [] |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#volumemount-v1-core For example: [ { "mountPath": "/test-ebs", "name": "test-volume" } ] |
| volumes | list | [] |
Expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#volume-v1-core For example: [ { "name": "test-volume", "awsElasticBlockStore": { "volumeID": "<volume-id>", "fsType": "ext4" } } ] |