kimo/test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial metrics-server values

Browse Source
This commit is contained in:
kimo
2026-03-01 02:52:07 +00:00
parent 9155a63d96
commit bb10e23626
1 changed files with 245 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

245
metrics-server/values.yaml Normal file
View File

@@ -0,0 +1,245 @@
# Default values for metrics-server.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
image:
repository: registry.k8s.io/metrics-server/metrics-server
# Overrides the image tag whose default is v{{ .Chart.AppVersion }}
tag: ""
pullPolicy: IfNotPresent
imagePullSecrets: []
# - name: registrySecretName
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
# The list of secrets mountable by this service account.
# See https://kubernetes.io/docs/reference/labels-annotations-taints/#enforce-mountable-secrets
secrets: []
rbac:
# Specifies whether RBAC resources should be created
create: true
# Note: PodSecurityPolicy will not be created when Kubernetes version is 1.25 or later.
pspEnabled: false
apiService:
# Specifies if the v1beta1.metrics.k8s.io API service should be created.
#
# You typically want this enabled! If you disable API service creation you have to
# manage it outside of this chart for e.g horizontal pod autoscaling to
# work with this release.
create: true
# Annotations to add to the API service
annotations: {}
# Specifies whether to skip TLS verification
insecureSkipTLSVerify: false
# The PEM encoded CA bundle for TLS verification
caBundle: ""
commonLabels: {}
podLabels: {}
podAnnotations: {}
podSecurityContext: {}
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
priorityClassName: system-cluster-critical
containerPort: 10250
hostNetwork:
# Specifies if metrics-server should be started in hostNetwork mode.
#
# You would require this enabled if you use alternate overlay networking for pods and
# API server unable to communicate with metrics-server. As an example, this is required
# if you use Weave network on EKS
enabled: false
replicas: 1
revisionHistoryLimit:
updateStrategy: {}
# type: RollingUpdate
# rollingUpdate:
# maxSurge: 0
# maxUnavailable: 1
podDisruptionBudget:
# https://kubernetes.io/docs/tasks/run-application/configure-pdb/
enabled: false
minAvailable:
maxUnavailable:
unhealthyPodEvictionPolicy:
defaultArgs:
- --cert-dir=/tmp
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- --kubelet-use-node-status-port
- --metric-resolution=15s
args: []
livenessProbe:
httpGet:
path: /livez
port: https
scheme: HTTPS
initialDelaySeconds: 0
periodSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /readyz
port: https
scheme: HTTPS
initialDelaySeconds: 20
periodSeconds: 10
failureThreshold: 3
service:
type: ClusterIP
port: 443
annotations: {}
labels: {}
# Add these labels to have metrics-server show up in `kubectl cluster-info`
# kubernetes.io/cluster-service: "true"
# kubernetes.io/name: "Metrics-server"
addonResizer:
enabled: false
image:
repository: registry.k8s.io/autoscaling/addon-resizer
tag: 1.8.23
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
resources:
requests:
cpu: 40m
memory: 25Mi
limits:
cpu: 40m
memory: 25Mi
nanny:
cpu: 0m
extraCpu: 1m
memory: 0Mi
extraMemory: 2Mi
minClusterSize: 100
pollPeriod: 300000
threshold: 5
metrics:
enabled: false
serviceMonitor:
enabled: false
additionalLabels: {}
interval: 1m
scrapeTimeout: 10s
metricRelabelings: []
relabelings: []
# See https://github.com/kubernetes-sigs/metrics-server#scaling
resources:
requests:
cpu: 100m
memory: 200Mi
# limits:
# cpu:
# memory:
extraVolumeMounts: []
extraVolumes: []
nodeSelector: {}
tolerations: []
affinity: {}
topologySpreadConstraints: []
dnsConfig: {}
# Annotations to add to the deployment
deploymentAnnotations: {}
schedulerName: ""
tmpVolume:
emptyDir: {}
tls:
# Set the TLS method to use. Supported values:
# - `metrics-server` : Metrics-server will generate a self-signed certificate
# - `helm` : Helm will generate a self-signed certificate
# - `cert-manager` : Use cert-manager.io to create and maintain the certificate
# - `existingSecret` : Reuse an existing secret. No new secret will be created
type: "cert-manager"
# Kubernetes cluster domain. Used to configure Subject Alt Names for the certificate
clusterDomain: cluster.local
certManager:
# Automatically add the cert-manager.io/inject-ca-from annotation to the APIService resource.
# See https://cert-manager.io/docs/concepts/ca-injector
addInjectorAnnotations: true
existingIssuer:
# Use an existing cert-manager issuer
enabled: false
# Kind of the existing cert-manager issuer
kind: "Issuer"
# Name of the existing cert-manager issuer
name: "my-issuer"
# Set the requested duration (i.e. lifetime) of the Certificate.
# See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec
duration: ""
# How long before the currently issued certificates expiry cert-manager should renew the certificate.
# See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec
renewBefore: ""
# Add extra annotations to the Certificate resource
annotations: {}
# Add extra labels to the Certificate resource
labels: {}
helm:
# Use helm lookup function to reuse Secret created in previous helm install
lookup: true
# Cert validity duration in days
certDurationDays: 365
existingSecret:
# Name of the existing Secret to use for TLS
name: ""
# Use helm lookup function to provision `apiService.caBundle`
lookup: true