From e97fb0c1e66ed7c8077f506c7dc95a699511a45f Mon Sep 17 00:00:00 2001 From: Yusuke Kadowaki Date: Tue, 27 Feb 2024 16:58:42 +0900 Subject: [PATCH] Add `index-operator` template implementation (#2375) * improve Backport Pull Request Title & Description Quality (#2373) Signed-off-by: kpango Co-authored-by: Kosuke Morimoto * [bugfix] fix backport github value bypass failure (#2378) Signed-off-by: kpango * [bugfix] fix backport github value bypass failure (#2381) Signed-off-by: kpango * Add index operator boilerplate * Add k8s controller * Add pod and job controllers * Add annotations in the pod reconciler * Update auto indexing service configurations * Update WithOnReconcileFunc signature to include context * Refactor debugging log * Refactor reconcile funcs * add nolint * remove unused parameters * lint * Add dockerfile and build ci * remove params * Add index-operator image build command to Makefile * Add index operator k8s templates * Update helm schema * Update readme * Add internal/k8s as a trigger for images that depends on controller-runtime * remove comment * Update pkg/index/operator/service/operator.go Co-authored-by: Yusuke Kato Signed-off-by: Yusuke Kadowaki * Update pkg/index/operator/service/operator.go Co-authored-by: Yusuke Kato Signed-off-by: Yusuke Kadowaki * Refactor * Add build commands * Refactor Co-authored-by: Yusuke Kato --------- Signed-off-by: kpango Signed-off-by: Yusuke Kadowaki Co-authored-by: Yusuke Kato Co-authored-by: Kosuke Morimoto --- .github/workflows/dockers-agent-ngt-image.yml | 6 +- .github/workflows/dockers-index-operator.yml | 77 + .../workflows/dockers-readreplica-rotate.yml | 6 +- Makefile | 1 + Makefile.d/build.mk | 14 +- Makefile.d/docker.mk | 11 + Makefile.d/k8s.mk | 31 +- .../vald-helm-operator/crds/valdrelease.yaml | 745 +++++++ charts/vald/README.md | 1860 +++++++++-------- .../templates/discoverer/clusterrole.yaml | 8 + .../templates/index/operator/configmap.yaml | 48 + .../templates/index/operator/deployment.yaml | 138 ++ .../index/operator/priorityclass.yaml | 33 + charts/vald/values.schema.json | 1238 +++++++++++ charts/vald/values.yaml | 172 ++ cmd/index/operator/main.go | 59 + cmd/index/operator/sample.yaml | 105 + dockers/index/operator/Dockerfile | 98 + internal/config/index_operator.go | 32 + internal/k8s/pod/option.go | 4 +- internal/k8s/pod/pod.go | 38 +- pkg/discoverer/k8s/service/discover.go | 2 +- pkg/index/operator/config/config.go | 71 + pkg/index/operator/service/operator.go | 141 ++ pkg/index/operator/service/options.go | 32 + pkg/index/operator/usecase/operator.go | 152 ++ 26 files changed, 4171 insertions(+), 951 deletions(-) create mode 100644 .github/workflows/dockers-index-operator.yml create mode 100644 charts/vald/templates/index/operator/configmap.yaml create mode 100644 charts/vald/templates/index/operator/deployment.yaml create mode 100644 charts/vald/templates/index/operator/priorityclass.yaml create mode 100644 cmd/index/operator/main.go create mode 100644 cmd/index/operator/sample.yaml create mode 100644 dockers/index/operator/Dockerfile create mode 100644 internal/config/index_operator.go create mode 100644 pkg/index/operator/config/config.go create mode 100644 pkg/index/operator/service/operator.go create mode 100644 pkg/index/operator/service/options.go create mode 100644 pkg/index/operator/usecase/operator.go diff --git a/.github/workflows/dockers-agent-ngt-image.yml b/.github/workflows/dockers-agent-ngt-image.yml index 59507e5fbf..a00ebe4158 100644 --- a/.github/workflows/dockers-agent-ngt-image.yml +++ b/.github/workflows/dockers-agent-ngt-image.yml @@ -34,7 +34,7 @@ on: - "internal/**" - "!internal/**/*_test.go" - "!internal/db/**" - - "!internal/k8s/**" + - "internal/k8s/**" - "apis/grpc/**" - "pkg/agent/core/ngt/**" - "cmd/agent/core/ngt/**" @@ -51,7 +51,7 @@ on: - "internal/**" - "!internal/**/*_test.go" - "!internal/db/**" - - "!internal/k8s/**" + - "internal/k8s/**" - "apis/grpc/**" - "pkg/agent/core/ngt/**" - "cmd/agent/core/ngt/**" @@ -68,7 +68,7 @@ on: - "internal/**" - "!internal/**/*_test.go" - "!internal/db/**" - - "!internal/k8s/**" + - "internal/k8s/**" - "apis/grpc/**" - "pkg/agent/core/ngt/**" - "cmd/agent/core/ngt/**" diff --git a/.github/workflows/dockers-index-operator.yml b/.github/workflows/dockers-index-operator.yml new file mode 100644 index 0000000000..a743b639ed --- /dev/null +++ b/.github/workflows/dockers-index-operator.yml @@ -0,0 +1,77 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Build docker image: index-operator" +on: + push: + branches: + - main + tags: + - "*.*.*" + - "v*.*.*" + - "*.*.*-*" + - "v*.*.*-*" + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/dockers-index-operator.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/operator/**" + - "cmd/index/operator/**" + - "dockers/index/operator/Dockerfile" + - "versions/GO_VERSION" + pull_request: + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/_docker-image.yaml" + - ".github/workflows/dockers-index-operator.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/operator/**" + - "cmd/index/operator/**" + - "dockers/index/operator/Dockerfile" + - "versions/GO_VERSION" + pull_request_target: + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/_docker-image.yaml" + - ".github/workflows/dockers-index-operator.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/operator/**" + - "cmd/index/operator/**" + - "dockers/index/operator/Dockerfile" + - "versions/GO_VERSION" +jobs: + build: + uses: ./.github/workflows/_docker-image.yaml + with: + target: index-operator + secrets: inherit diff --git a/.github/workflows/dockers-readreplica-rotate.yml b/.github/workflows/dockers-readreplica-rotate.yml index 0c2b3dca9b..23019dc82c 100644 --- a/.github/workflows/dockers-readreplica-rotate.yml +++ b/.github/workflows/dockers-readreplica-rotate.yml @@ -31,7 +31,7 @@ on: - "internal/**" - "!internal/**/*_test.go" - "!internal/db/**" - - "!internal/k8s/**" + - "internal/k8s/**" - "apis/grpc/**" - "pkg/index/job/readreplica/rotate/**" - "cmd/index/job/readreplica/rotate/**" @@ -47,7 +47,7 @@ on: - "internal/**" - "!internal/**/*_test.go" - "!internal/db/**" - - "!internal/k8s/**" + - "internal/k8s/**" - "apis/grpc/**" - "pkg/index/job/readreplica/rotate/**" - "cmd/index/job/readreplica/rotate/**" @@ -63,7 +63,7 @@ on: - "internal/**" - "!internal/**/*_test.go" - "!internal/db/**" - - "!internal/k8s/**" + - "internal/k8s/**" - "apis/grpc/**" - "pkg/index/job/readreplica/rotate/**" - "cmd/index/job/readreplica/rotate/**" diff --git a/Makefile b/Makefile index 1b6821d242..bb432c9a28 100644 --- a/Makefile +++ b/Makefile @@ -35,6 +35,7 @@ LOADTEST_IMAGE = $(NAME)-loadtest INDEX_CORRECTION_IMAGE = $(NAME)-index-correction INDEX_CREATION_IMAGE = $(NAME)-index-creation INDEX_SAVE_IMAGE = $(NAME)-index-save +INDEX_OPERATOR_IMAGE = $(NAME)-index-operator READREPLICA_ROTATE_IMAGE = $(NAME)-readreplica-rotate MANAGER_INDEX_IMAGE = $(NAME)-manager-index BENCHMARK_JOB_IMAGE = $(NAME)-benchmark-job diff --git a/Makefile.d/build.mk b/Makefile.d/build.mk index 677324bfde..28c75214d4 100644 --- a/Makefile.d/build.mk +++ b/Makefile.d/build.mk @@ -30,7 +30,8 @@ binary/build: \ cmd/index/job/save/index-save \ cmd/manager/index/index \ cmd/tools/benchmark/job/job \ - cmd/tools/benchmark/operator/operator + cmd/tools/benchmark/operator/operator \ + cmd/index/operator/index-operator cmd/agent/core/ngt/ngt: \ @@ -83,6 +84,10 @@ cmd/index/job/readreplica/rotate/readreplica-rotate: $(eval CGO_ENABLED = 0) $(call go-build,index/job/readreplica/rotate,,-static,,,$@) +cmd/index/operator/index-operator: + $(eval CGO_ENABLED = 0) + $(call go-build,index/operator,,-static,,,$@) + cmd/tools/benchmark/job/job: $(call go-build,tools/benchmark/job,-linkmode 'external',-static -fPIC -pthread -fopenmp -std=gnu++20 -lhdf5 -lhdf5_hl -lm -ldl, cgo,$(HDF5_VERSION),$@) @@ -104,7 +109,8 @@ binary/build/zip: \ artifacts/vald-lb-gateway-$(GOOS)-$(GOARCH).zip \ artifacts/vald-manager-index-$(GOOS)-$(GOARCH).zip \ artifacts/vald-mirror-gateway-$(GOOS)-$(GOARCH).zip \ - artifacts/vald-readreplica-rotate-$(GOOS)-$(GOARCH).zip + artifacts/vald-readreplica-rotate-$(GOOS)-$(GOARCH).zip \ + artifacts/vald-index-operator-$(GOOS)-$(GOARCH).zip artifacts/vald-agent-ngt-$(GOOS)-$(GOARCH).zip: cmd/agent/core/ngt/ngt $(call mkdir, $(dir $@)) @@ -161,3 +167,7 @@ artifacts/vald-index-save-$(GOOS)-$(GOARCH).zip: cmd/index/job/save/index-save artifacts/vald-readreplica-rotate-$(GOOS)-$(GOARCH).zip: cmd/index/job/readreplica/rotate/readreplica-rotate $(call mkdir, $(dir $@)) zip --junk-paths $@ $< + +artifacts/vald-index-operator-$(GOOS)-$(GOARCH).zip: cmd/index/operator/index-operator + $(call mkdir, $(dir $@)) + zip --junk-paths $@ $< diff --git a/Makefile.d/docker.mk b/Makefile.d/docker.mk index 7ecadeb5b7..9987e03664 100644 --- a/Makefile.d/docker.mk +++ b/Makefile.d/docker.mk @@ -242,6 +242,17 @@ docker/build/index-save: IMAGE=$(INDEX_SAVE_IMAGE) \ docker/build/image +.PHONY: docker/name/index-operator +docker/name/index-operator: + @echo "$(ORG)/$(INDEX_OPERATOR_IMAGE)" + +.PHONY: docker/build/index-operator +## build index-operator image +docker/build/index-operator: + @make DOCKERFILE="$(ROOTDIR)/dockers/index/operator/Dockerfile" \ + IMAGE=$(INDEX_OPERATOR_IMAGE) \ + docker/build/image + .PHONY: docker/name/readreplica-rotate docker/name/readreplica-rotate: @echo "$(ORG)/$(READREPLICA_ROTATE_IMAGE)" diff --git a/Makefile.d/k8s.mk b/Makefile.d/k8s.mk index ba22bf9b28..32e831f27b 100644 --- a/Makefile.d/k8s.mk +++ b/Makefile.d/k8s.mk @@ -47,6 +47,7 @@ k8s/manifest/update: \ mv $(TEMP_DIR)/vald/templates/discoverer k8s/discoverer mv $(TEMP_DIR)/vald/templates/gateway k8s/gateway mv $(TEMP_DIR)/vald/templates/manager/index k8s/manager/index + mv $(TEMP_DIR)/vald/templates/index/operator k8s/index/operator mv $(TEMP_DIR)/vald/templates/index/job/correction k8s/index/job/correction mv $(TEMP_DIR)/vald/templates/index/job/creation k8s/index/job/creation mv $(TEMP_DIR)/vald/templates/index/job/save k8s/index/job/save @@ -120,6 +121,7 @@ k8s/vald/deploy: --set manager.index.image.repository=$(CRORG)/$(MANAGER_INDEX_IMAGE) \ --set manager.index.creator.image.repository=$(CRORG)/$(INDEX_CREATION_IMAGE) \ --set manager.index.saver.image.repository=$(CRORG)/$(INDEX_SAVE_IMAGE) \ + --set manager.index.operator.image.repository=$(CRORG)/$(INDEX_OPERATOR_IMAGE) \ $(HELM_EXTRA_OPTIONS) \ --include-crds \ --output-dir $(TEMP_DIR) \ @@ -138,6 +140,7 @@ k8s/vald/deploy: kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/creation || true kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/save || true kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate || true + kubectl apply -f $(TEMP_DIR)/vald/templates/index/operator || true rm -rf $(TEMP_DIR) kubectl get pods -o jsonpath="{.items[*].spec.containers[*].image}" | tr " " "\n" @@ -154,24 +157,26 @@ k8s/vald/delete: --set gateway.lb.image.repository=$(CRORG)/$(LB_GATEWAY_IMAGE) \ --set gateway.mirror.image.repository=$(CRORG)/$(MIRROR_GATEWAY_IMAGE) \ --set manager.index.image.repository=$(CRORG)/$(MANAGER_INDEX_IMAGE) \ + --set manager.index.operator.image.repository=$(CRORG)/$(INDEX_OPERATOR_IMAGE) \ --include-crds \ --output-dir $(TEMP_DIR) \ charts/vald - kubectl delete -f $(TEMP_DIR)/vald/templates/gateway/mirror - kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate - kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/save - kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/creation - kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/correction - kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/creation - kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/save - kubectl delete -f $(TEMP_DIR)/vald/templates/gateway - kubectl delete -f $(TEMP_DIR)/vald/templates/gateway/lb - kubectl delete -f $(TEMP_DIR)/vald/templates/manager/index - kubectl delete -f $(TEMP_DIR)/vald/templates/discoverer + kubectl delete -f $(TEMP_DIR)/vald/templates/gateway/mirror || true + kubectl delete -f $(TEMP_DIR)/vald/templates/index/operator || true + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate || true + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/save || true + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/creation || true + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/correction || true + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/creation || true + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/save || true + kubectl delete -f $(TEMP_DIR)/vald/templates/gateway || true + kubectl delete -f $(TEMP_DIR)/vald/templates/gateway/lb || true + kubectl delete -f $(TEMP_DIR)/vald/templates/manager/index || true + kubectl delete -f $(TEMP_DIR)/vald/templates/discoverer || true kubectl delete -f $(TEMP_DIR)/vald/templates/agent/readreplica || true kubectl delete -f $(TEMP_DIR)/vald/templates/agent/ngt || true - kubectl delete -f $(TEMP_DIR)/vald/templates/agent - kubectl delete -f $(TEMP_DIR)/vald/crds + kubectl delete -f $(TEMP_DIR)/vald/templates/agent || true + kubectl delete -f $(TEMP_DIR)/vald/crds || true rm -rf $(TEMP_DIR) .PHONY: k8s/multi/vald/deploy diff --git a/charts/vald-helm-operator/crds/valdrelease.yaml b/charts/vald-helm-operator/crds/valdrelease.yaml index 6e7776f91d..273f6cc4ca 100644 --- a/charts/vald-helm-operator/crds/valdrelease.yaml +++ b/charts/vald-helm-operator/crds/valdrelease.yaml @@ -9852,6 +9852,751 @@ spec: properties: enabled: type: boolean + operator: + type: object + properties: + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + annotations: + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + type: boolean + env: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + image: + type: object + properties: + pullPolicy: + type: string + enum: + - Always + - Never + - IfNotPresent + repository: + type: string + tag: + type: string + initContainers: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + kind: + type: string + enum: + - Deployment + - DaemonSet + logging: + type: object + properties: + format: + type: string + enum: + - raw + - json + level: + type: string + enum: + - debug + - info + - warn + - error + - fatal + logger: + type: string + enum: + - glg + - zap + name: + type: string + namespace: + type: string + nodeName: + type: string + nodeSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + observability: + type: object + properties: + enabled: + type: boolean + metrics: + type: object + properties: + enable_cgo: + type: boolean + enable_goroutine: + type: boolean + enable_memory: + type: boolean + enable_version_info: + type: boolean + version_info_labels: + type: array + items: + type: string + enum: + - vald_version + - server_name + - git_commit + - build_time + - go_version + - go_os + - go_arch + - cgo_enabled + - algorithm_info + - build_cpu_info_flags + otlp: + type: object + properties: + attribute: + type: object + properties: + namespace: + type: string + node_name: + type: string + pod_name: + type: string + service_name: + type: string + collector_endpoint: + type: string + metrics_export_interval: + type: string + metrics_export_timeout: + type: string + trace_batch_timeout: + type: string + trace_export_timeout: + type: string + trace_max_export_batch_size: + type: integer + trace_max_queue_size: + type: integer + trace: + type: object + properties: + enabled: + type: boolean + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podPriority: + type: object + properties: + enabled: + type: boolean + value: + type: integer + podSecurityContext: + type: object + x-kubernetes-preserve-unknown-fields: true + progressDeadlineSeconds: + type: integer + replicas: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + x-kubernetes-preserve-unknown-fields: true + requests: + type: object + x-kubernetes-preserve-unknown-fields: true + revisionHistoryLimit: + type: integer + minimum: 0 + rollingUpdate: + type: object + properties: + maxSurge: + type: string + maxUnavailable: + type: string + securityContext: + type: object + x-kubernetes-preserve-unknown-fields: true + server_config: + type: object + properties: + full_shutdown_duration: + type: string + healths: + type: object + properties: + liveness: + type: object + properties: + enabled: + type: boolean + host: + type: string + livenessProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + readiness: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + readinessProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + startup: + type: object + properties: + enabled: + type: boolean + port: + type: integer + maximum: 65535 + minimum: 0 + startupProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + metrics: + type: object + properties: + pprof: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + servers: + type: object + properties: + grpc: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + grpc: + type: object + properties: + bidirectional_stream_concurrency: + type: integer + connection_timeout: + type: string + enable_admin: + type: boolean + enable_reflection: + type: boolean + header_table_size: + type: integer + initial_conn_window_size: + type: integer + initial_window_size: + type: integer + interceptors: + type: array + items: + type: string + enum: + - RecoverInterceptor + - AccessLogInterceptor + - TraceInterceptor + - MetricInterceptor + keepalive: + type: object + properties: + max_conn_age: + type: string + max_conn_age_grace: + type: string + max_conn_idle: + type: string + min_time: + type: string + permit_without_stream: + type: boolean + time: + type: string + timeout: + type: string + max_header_list_size: + type: integer + max_receive_message_size: + type: integer + max_send_message_size: + type: integer + read_buffer_size: + type: integer + write_buffer_size: + type: integer + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + restart: + type: boolean + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + rest: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + tls: + type: object + properties: + ca: + type: string + cert: + type: string + enabled: + type: boolean + insecure_skip_verify: + type: boolean + key: + type: string + terminationGracePeriodSeconds: + type: integer + minimum: 0 + time_zone: + type: string + tolerations: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + topologySpreadConstraints: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + pattern: ^v[0-9]+\.[0-9]+\.[0-9]$ + volumeMounts: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + volumes: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true podAnnotations: type: object x-kubernetes-preserve-unknown-fields: true diff --git a/charts/vald/README.md b/charts/vald/README.md index 9c3e7cfd1a..6dff052984 100644 --- a/charts/vald/README.md +++ b/charts/vald/README.md @@ -44,913 +44,953 @@ Run the following command to install the chart, ### Parameters -| Key | Type | Default | Description | -| ----------------------------------------------------------------------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| agent.algorithm | string | `"ngt"` | agent algorithm type. it should be `ngt` or `faiss`. | -| agent.annotations | object | `{}` | deployment annotations | -| agent.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| agent.clusterRole.name | string | `"agent"` | name of clusterRole | -| agent.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| agent.clusterRoleBinding.name | string | `"agent"` | name of clusterRoleBinding | -| agent.enabled | bool | `true` | agent enabled | -| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.hpa.enabled | bool | `false` | HPA enabled | -| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| agent.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | -| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.initContainers | list | `[]` | init containers | -| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | -| agent.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | -| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| agent.name | string | `"vald-agent"` | name of agent deployment | -| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | -| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | -| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | -| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | -| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | -| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | -| agent.ngt.creation_edge_size | int | `50` | creation edge size | -| agent.ngt.default_epsilon | float | `0.05` | default epsilon used for search | -| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | -| agent.ngt.default_radius | float | `-1` | default radius used for search | -| agent.ngt.dimension | int | `4096` | vector dimension | -| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | -| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | -| agent.ngt.enable_export_index_info_to_k8s | bool | `false` | enable export index info to k8s | -| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | -| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | -| agent.ngt.error_buffer_limit | int | `10` | maximum number of core ngt error buffer pool size limit | -| agent.ngt.export_index_info_duration | string | `"1m"` | duration of exporting index info | -| agent.ngt.index_path | string | `""` | path to index data | -| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | -| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | -| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | -| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | -| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | -| agent.ngt.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of myself | -| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | -| agent.ngt.pod_name | string | `"_MY_POD_NAME_"` | pod name of myself | -| agent.ngt.search_edge_size | int | `50` | search edge size | -| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | -| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | -| agent.nodeName | string | `""` | node name | -| agent.nodeSelector | object | `{}` | node selector | -| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent"}}}` | observability config (overrides defaults.observability) | -| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | -| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | -| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | -| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | -| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | -| agent.podAnnotations | object | `{}` | pod annotations | -| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | -| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | -| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | -| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| agent.readreplica | object | `{"component_name":"agent-readreplica","enabled":false,"hpa":{"enabled":false,"targetCPUUtilizationPercentage":80},"label_key":"vald-readreplica-id","maxReplicas":3,"minReplicas":1,"name":"vald-agent-ngt-readreplica","service":{"annotations":{}},"snapshot_classname":"","volume_name":"vald-agent-ngt-readreplica-pvc"}` | readreplica deployment annotations | -| agent.readreplica.component_name | string | `"agent-readreplica"` | app.kubernetes.io/component name of agent readreplica | -| agent.readreplica.enabled | bool | `false` | [This feature is WORK IN PROGRESS]enable agent readreplica | -| agent.readreplica.hpa.enabled | bool | `false` | HPA enabled | -| agent.readreplica.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| agent.readreplica.label_key | string | `"vald-readreplica-id"` | label key to identify read replica resources | -| agent.readreplica.maxReplicas | int | `3` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| agent.readreplica.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| agent.readreplica.name | string | `"vald-agent-ngt-readreplica"` | name of agent readreplica | -| agent.readreplica.service | object | `{"annotations":{}}` | service settings for read replica service resources | -| agent.readreplica.service.annotations | object | `{}` | readreplica deployment annotations | -| agent.readreplica.snapshot_classname | string | `""` | snapshot class name for snapshotter used for read replica | -| agent.readreplica.volume_name | string | `"vald-agent-ngt-readreplica-pvc"` | name of clone volume of agent pvc for read replica | -| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | -| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | -| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| agent.service.annotations | object | `{}` | service annotations | -| agent.service.labels | object | `{}` | service labels | -| agent.serviceAccount.enabled | bool | `true` | creates service account | -| agent.serviceAccount.name | string | `"agent-ngt"` | name of service account | -| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | -| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | -| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | -| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | -| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | -| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | -| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | -| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | -| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | -| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | -| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | -| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | -| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | -| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | -| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | -| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | -| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | -| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | -| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | -| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | -| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | -| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | -| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | -| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | -| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | -| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | -| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | -| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | -| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | -| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | -| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | -| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | -| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | -| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | -| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | -| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | -| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | -| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | -| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | -| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | -| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | -| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | -| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | -| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | -| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | -| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | -| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | -| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | -| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | -| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | -| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | -| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | -| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | -| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | -| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | -| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | -| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | -| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | -| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | -| agent.sidecar.enabled | bool | `false` | sidecar enabled | -| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | -| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | -| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | -| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | -| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | -| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | -| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | -| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | -| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | -| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | -| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.time_zone | string | `""` | Time zone | -| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | -| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | -| agent.time_zone | string | `""` | Time zone | -| agent.tolerations | list | `[]` | tolerations | -| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | -| agent.version | string | `"v0.0.0"` | version of agent config | -| agent.volumeMounts | list | `[]` | volume mounts | -| agent.volumes | list | `[]` | volumes | -| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | -| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | -| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | -| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | -| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | -| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | -| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | -| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | -| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | -| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | -| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | -| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | -| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | -| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | -| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | -| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | -| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | -| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | -| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | -| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | -| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | -| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | -| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | -| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | -| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | -| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | -| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | -| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | -| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | -| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | -| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | -| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | -| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | -| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | -| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | -| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | -| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | -| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | -| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | -| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | -| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | -| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | -| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | -| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.image.tag | string | `"v1.7.12"` | docker image tag | -| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | -| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | -| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | -| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | -| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | -| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | -| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | -| defaults.observability.enabled | bool | `false` | observability features enabled | -| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | -| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | -| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | -| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | -| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","algorithm_info"]` | enabled label names of version info | -| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | -| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | -| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | -| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | -| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | -| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | -| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | -| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | -| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | -| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | -| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | -| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | -| defaults.observability.trace.enabled | bool | `false` | trace enabled | -| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | -| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | -| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | -| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | -| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | -| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | -| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | -| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | -| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | -| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | -| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | -| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | -| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | -| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | -| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | -| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | -| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | -| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | -| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | -| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | -| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | -| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | -| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | -| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | -| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | -| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | -| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | -| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | -| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | -| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | -| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | -| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | -| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | -| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | -| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | -| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | -| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | -| defaults.server_config.healths.startup.port | int | `3000` | startup server port | -| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | -| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | -| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | -| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | -| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | -| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | -| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | -| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | -| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | -| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | -| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | -| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | -| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | -| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | -| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | -| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | -| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | -| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | -| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | -| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | -| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | -| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | -| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | -| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | -| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | -| defaults.server_config.servers.grpc.server.grpc.enable_admin | bool | `true` | gRPC server admin option | -| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | -| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | -| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | -| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | -| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | -| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | -| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | -| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | -| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | -| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | -| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | -| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | -| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | -| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | -| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | -| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | -| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | -| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | -| defaults.server_config.servers.rest.port | int | `8080` | REST server port | -| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | -| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | -| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | -| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | -| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | -| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | -| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | -| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | -| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | -| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | -| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.time_zone | string | `"UTC"` | Time zone | -| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| discoverer.annotations | object | `{}` | deployment annotations | -| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | -| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | -| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | -| discoverer.discoverer.name | string | `""` | name to discovery | -| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | -| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | -| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | -| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | -| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | -| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | -| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | -| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | -| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | -| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}},"service":{"fields":{},"labels":{}}}` | k8s resource selectors | -| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | -| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | -| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | -| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | -| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | -| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | -| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | -| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.service | object | `{"fields":{},"labels":{}}` | k8s resource selectors for service discovery | -| discoverer.discoverer.selectors.service.fields | object | `{}` | k8s field selectors for service discovery | -| discoverer.discoverer.selectors.service.labels | object | `{}` | k8s label selectors for service discovery | -| discoverer.enabled | bool | `true` | discoverer enabled | -| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| discoverer.hpa.enabled | bool | `false` | HPA enabled | -| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | -| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | -| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| discoverer.initContainers | list | `[]` | init containers | -| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | -| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | -| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | -| discoverer.nodeName | string | `""` | node name | -| discoverer.nodeSelector | object | `{}` | node selector | -| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | -| discoverer.podAnnotations | object | `{}` | pod annotations | -| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | -| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | -| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | -| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| discoverer.service.annotations | object | `{}` | service annotations | -| discoverer.service.labels | object | `{}` | service labels | -| discoverer.serviceAccount.enabled | bool | `true` | creates service account | -| discoverer.serviceAccount.name | string | `"vald"` | name of service account | -| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| discoverer.time_zone | string | `""` | Time zone | -| discoverer.tolerations | list | `[]` | tolerations | -| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | -| discoverer.version | string | `"v0.0.0"` | version of discoverer config | -| discoverer.volumeMounts | list | `[]` | volume mounts | -| discoverer.volumes | list | `[]` | volumes | -| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.filter.annotations | object | `{}` | deployment annotations | -| gateway.filter.enabled | bool | `false` | gateway enabled | -| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | -| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | -| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | -| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | -| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | -| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | -| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | -| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | -| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | -| gateway.filter.nodeName | string | `""` | node name | -| gateway.filter.nodeSelector | object | `{}` | node selector | -| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.filter.podAnnotations | object | `{}` | pod annotations | -| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.filter.service.annotations | object | `{}` | service annotations | -| gateway.filter.service.labels | object | `{}` | service labels | -| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.filter.time_zone | string | `""` | Time zone | -| gateway.filter.tolerations | list | `[]` | tolerations | -| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | -| gateway.filter.volumeMounts | list | `[]` | volume mounts | -| gateway.filter.volumes | list | `[]` | volumes | -| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.lb.annotations | object | `{}` | deployment annotations | -| gateway.lb.enabled | bool | `true` | gateway enabled | -| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | -| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | -| gateway.lb.gateway_config.discoverer.read_client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | -| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | -| gateway.lb.gateway_config.node_name | string | `""` | node name | -| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | -| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | -| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | -| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | -| gateway.lb.nodeName | string | `""` | node name | -| gateway.lb.nodeSelector | object | `{}` | node selector | -| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.lb.podAnnotations | object | `{}` | pod annotations | -| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.lb.service.annotations | object | `{}` | service annotations | -| gateway.lb.service.labels | object | `{}` | service labels | -| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.lb.time_zone | string | `""` | Time zone | -| gateway.lb.tolerations | list | `[]` | tolerations | -| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | -| gateway.lb.volumeMounts | list | `[]` | volume mounts | -| gateway.lb.volumes | list | `[]` | volumes | -| gateway.mirror.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.mirror.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.mirror.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.mirror.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.mirror.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-mirror-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.mirror.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.mirror.annotations | object | `{}` | deployment annotations | -| gateway.mirror.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| gateway.mirror.clusterRole.name | string | `"gateway-mirror"` | name of clusterRole | -| gateway.mirror.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| gateway.mirror.clusterRoleBinding.name | string | `"gateway-mirror"` | name of clusterRoleBinding | -| gateway.mirror.enabled | bool | `false` | gateway enabled | -| gateway.mirror.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.mirror.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.mirror.gateway_config.client | object | `{}` | gRPC client (overrides defaults.grpc.client) | -| gateway.mirror.gateway_config.colocation | string | `"dc1"` | colocation name | -| gateway.mirror.gateway_config.discovery_duration | string | `"1s"` | duration to discovery | -| gateway.mirror.gateway_config.gateway_addr | string | `""` | address for lb-gateway | -| gateway.mirror.gateway_config.group | string | `""` | mirror group name | -| gateway.mirror.gateway_config.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | -| gateway.mirror.gateway_config.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | -| gateway.mirror.gateway_config.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | -| gateway.mirror.gateway_config.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | -| gateway.mirror.gateway_config.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | -| gateway.mirror.gateway_config.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | -| gateway.mirror.gateway_config.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | -| gateway.mirror.gateway_config.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| gateway.mirror.gateway_config.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| gateway.mirror.gateway_config.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| gateway.mirror.gateway_config.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| gateway.mirror.gateway_config.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| gateway.mirror.gateway_config.net.socket_option.tcp_defer_accept | bool | `true` | server listen socket option for tcp_defer_accept functionality | -| gateway.mirror.gateway_config.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| gateway.mirror.gateway_config.net.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| gateway.mirror.gateway_config.net.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| gateway.mirror.gateway_config.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| gateway.mirror.gateway_config.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| gateway.mirror.gateway_config.net.tls.enabled | bool | `false` | TLS enabled | -| gateway.mirror.gateway_config.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| gateway.mirror.gateway_config.net.tls.key | string | `"/path/to/key"` | TLS key path | -| gateway.mirror.gateway_config.pod_name | string | `"_MY_POD_NAME_"` | self mirror gateway pod name | -| gateway.mirror.gateway_config.register_duration | string | `"1s"` | duration to register mirror-gateway. | -| gateway.mirror.gateway_config.self_mirror_addr | string | `""` | address for self mirror-gateway | -| gateway.mirror.hpa.enabled | bool | `true` | HPA enabled | -| gateway.mirror.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.mirror.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.mirror.image.repository | string | `"vdaas/vald-mirror-gateway"` | image repository | -| gateway.mirror.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.mirror.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.mirror.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.mirror.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.mirror.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.mirror.ingress.host | string | `"mirror.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.mirror.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.mirror.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.mirror.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | -| gateway.mirror.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.mirror.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.mirror.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.mirror.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.mirror.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.mirror.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.mirror.name | string | `"vald-mirror-gateway"` | name of gateway deployment | -| gateway.mirror.nodeName | string | `""` | node name | -| gateway.mirror.nodeSelector | object | `{}` | node selector | -| gateway.mirror.observability | object | `{"otlp":{"attribute":{"service_name":"vald-mirror-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.mirror.podAnnotations | object | `{}` | pod annotations | -| gateway.mirror.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.mirror.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.mirror.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.mirror.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.mirror.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.mirror.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.mirror.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.mirror.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.mirror.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.mirror.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.mirror.service.annotations | object | `{}` | service annotations | -| gateway.mirror.service.labels | object | `{}` | service labels | -| gateway.mirror.serviceAccount.enabled | bool | `true` | creates service account | -| gateway.mirror.serviceAccount.name | string | `"gateway-mirror"` | name of service account | -| gateway.mirror.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.mirror.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.mirror.time_zone | string | `""` | Time zone | -| gateway.mirror.tolerations | list | `[]` | tolerations | -| gateway.mirror.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.mirror.version | string | `"v0.0.0"` | version of gateway config | -| gateway.mirror.volumeMounts | list | `[]` | volume mounts | -| gateway.mirror.volumes | list | `[]` | volumes | -| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | -| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| manager.index.annotations | object | `{}` | deployment annotations | -| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | -| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.corrector.image.pullPolicy | string | `"Always"` | | -| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | -| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | -| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | -| manager.index.corrector.node_name | string | `""` | node name | -| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | -| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | -| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | -| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | -| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.creator.concurrency | int | `1` | concurrency for indexing | -| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | -| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.creator.image.pullPolicy | string | `"Always"` | | -| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | -| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | -| manager.index.creator.node_name | string | `""` | node name | -| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | -| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | -| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | -| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.enabled | bool | `true` | index manager enabled | -| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | -| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | -| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | -| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | -| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | -| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | -| manager.index.indexer.concurrency | int | `1` | concurrency | -| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.indexer.node_name | string | `""` | node name | -| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | -| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | -| manager.index.nodeName | string | `""` | node name | -| manager.index.nodeSelector | object | `{}` | node selector | -| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | -| manager.index.podAnnotations | object | `{}` | pod annotations | -| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | -| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | -| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| manager.index.readreplica.rotator | object | `{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}},"podSecurityContext":{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"read_replica_id":"_MY_TARGET_REPLICA_ID_","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}` | [This feature is work in progress] readreplica agents rotation job | -| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | -| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | -| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | -| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | -| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | -| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}}` | observability config (overrides defaults.observability) | -| manager.index.readreplica.rotator.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | -| manager.index.readreplica.rotator.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | -| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | -| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | -| manager.index.replicas | int | `1` | number of replicas | -| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | -| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.saver.concurrency | int | `1` | concurrency for index saving | -| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.saver.enabled | bool | `false` | enable index save CronJob | -| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.saver.image.pullPolicy | string | `"Always"` | | -| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | -| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | -| manager.index.saver.node_name | string | `""` | node name | -| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | -| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | -| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | -| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.service.annotations | object | `{}` | service annotations | -| manager.index.service.labels | object | `{}` | service labels | -| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| manager.index.time_zone | string | `""` | Time zone | -| manager.index.tolerations | list | `[]` | tolerations | -| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | -| manager.index.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.volumeMounts | list | `[]` | volume mounts | -| manager.index.volumes | list | `[]` | volumes | +| Key | Type | Default | Description | +| ------------------------------------------------------------------------------------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| agent.algorithm | string | `"ngt"` | agent algorithm type. it should be `ngt` or `faiss`. | +| agent.annotations | object | `{}` | deployment annotations | +| agent.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| agent.clusterRole.name | string | `"agent"` | name of clusterRole | +| agent.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| agent.clusterRoleBinding.name | string | `"agent"` | name of clusterRoleBinding | +| agent.enabled | bool | `true` | agent enabled | +| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.hpa.enabled | bool | `false` | HPA enabled | +| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| agent.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | +| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.initContainers | list | `[]` | init containers | +| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | +| agent.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | +| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| agent.name | string | `"vald-agent"` | name of agent deployment | +| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | +| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | +| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | +| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | +| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | +| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | +| agent.ngt.creation_edge_size | int | `50` | creation edge size | +| agent.ngt.default_epsilon | float | `0.05` | default epsilon used for search | +| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | +| agent.ngt.default_radius | float | `-1` | default radius used for search | +| agent.ngt.dimension | int | `4096` | vector dimension | +| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | +| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | +| agent.ngt.enable_export_index_info_to_k8s | bool | `false` | enable export index info to k8s | +| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | +| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | +| agent.ngt.error_buffer_limit | int | `10` | maximum number of core ngt error buffer pool size limit | +| agent.ngt.export_index_info_duration | string | `"1m"` | duration of exporting index info | +| agent.ngt.index_path | string | `""` | path to index data | +| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | +| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | +| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | +| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | +| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | +| agent.ngt.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of myself | +| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | +| agent.ngt.pod_name | string | `"_MY_POD_NAME_"` | pod name of myself | +| agent.ngt.search_edge_size | int | `50` | search edge size | +| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | +| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | +| agent.nodeName | string | `""` | node name | +| agent.nodeSelector | object | `{}` | node selector | +| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent"}}}` | observability config (overrides defaults.observability) | +| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | +| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | +| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | +| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | +| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | +| agent.podAnnotations | object | `{}` | pod annotations | +| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | +| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | +| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | +| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| agent.readreplica | object | `{"component_name":"agent-readreplica","enabled":false,"hpa":{"enabled":false,"targetCPUUtilizationPercentage":80},"label_key":"vald-readreplica-id","maxReplicas":3,"minReplicas":1,"name":"vald-agent-ngt-readreplica","service":{"annotations":{}},"snapshot_classname":"","volume_name":"vald-agent-ngt-readreplica-pvc"}` | readreplica deployment annotations | +| agent.readreplica.component_name | string | `"agent-readreplica"` | app.kubernetes.io/component name of agent readreplica | +| agent.readreplica.enabled | bool | `false` | [This feature is WORK IN PROGRESS]enable agent readreplica | +| agent.readreplica.hpa.enabled | bool | `false` | HPA enabled | +| agent.readreplica.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| agent.readreplica.label_key | string | `"vald-readreplica-id"` | label key to identify read replica resources | +| agent.readreplica.maxReplicas | int | `3` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| agent.readreplica.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| agent.readreplica.name | string | `"vald-agent-ngt-readreplica"` | name of agent readreplica | +| agent.readreplica.service | object | `{"annotations":{}}` | service settings for read replica service resources | +| agent.readreplica.service.annotations | object | `{}` | readreplica deployment annotations | +| agent.readreplica.snapshot_classname | string | `""` | snapshot class name for snapshotter used for read replica | +| agent.readreplica.volume_name | string | `"vald-agent-ngt-readreplica-pvc"` | name of clone volume of agent pvc for read replica | +| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | +| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | +| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| agent.service.annotations | object | `{}` | service annotations | +| agent.service.labels | object | `{}` | service labels | +| agent.serviceAccount.enabled | bool | `true` | creates service account | +| agent.serviceAccount.name | string | `"agent-ngt"` | name of service account | +| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | +| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | +| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | +| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | +| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | +| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | +| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | +| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | +| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | +| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | +| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | +| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | +| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | +| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | +| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | +| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | +| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | +| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | +| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | +| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | +| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | +| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | +| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | +| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | +| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | +| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | +| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | +| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | +| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | +| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | +| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | +| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | +| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | +| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | +| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | +| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | +| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | +| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | +| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | +| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | +| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | +| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | +| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | +| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | +| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | +| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | +| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | +| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | +| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | +| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | +| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | +| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | +| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | +| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | +| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | +| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | +| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | +| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | +| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | +| agent.sidecar.enabled | bool | `false` | sidecar enabled | +| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | +| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | +| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | +| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | +| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | +| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | +| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | +| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | +| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | +| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | +| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.time_zone | string | `""` | Time zone | +| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | +| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | +| agent.time_zone | string | `""` | Time zone | +| agent.tolerations | list | `[]` | tolerations | +| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | +| agent.version | string | `"v0.0.0"` | version of agent config | +| agent.volumeMounts | list | `[]` | volume mounts | +| agent.volumes | list | `[]` | volumes | +| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | +| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | +| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | +| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | +| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | +| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | +| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | +| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | +| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | +| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | +| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | +| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | +| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | +| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | +| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | +| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | +| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | +| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | +| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | +| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | +| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | +| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | +| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | +| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | +| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | +| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | +| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | +| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | +| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | +| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | +| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | +| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | +| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | +| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | +| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | +| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | +| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | +| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | +| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | +| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | +| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | +| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | +| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | +| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.image.tag | string | `"v1.7.12"` | docker image tag | +| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | +| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | +| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | +| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | +| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | +| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | +| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | +| defaults.observability.enabled | bool | `false` | observability features enabled | +| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | +| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | +| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | +| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | +| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","algorithm_info"]` | enabled label names of version info | +| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | +| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | +| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | +| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | +| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | +| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | +| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | +| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | +| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | +| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | +| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | +| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | +| defaults.observability.trace.enabled | bool | `false` | trace enabled | +| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | +| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | +| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | +| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | +| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | +| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | +| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | +| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | +| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | +| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | +| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | +| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | +| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | +| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | +| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | +| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | +| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | +| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | +| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | +| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | +| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | +| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | +| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | +| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | +| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | +| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | +| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | +| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | +| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | +| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | +| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | +| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | +| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | +| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | +| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | +| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | +| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | +| defaults.server_config.healths.startup.port | int | `3000` | startup server port | +| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | +| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | +| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | +| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | +| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | +| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | +| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | +| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | +| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | +| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | +| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | +| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | +| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | +| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | +| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | +| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | +| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | +| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | +| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | +| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | +| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | +| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | +| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | +| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | +| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | +| defaults.server_config.servers.grpc.server.grpc.enable_admin | bool | `true` | gRPC server admin option | +| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | +| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | +| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | +| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | +| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | +| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | +| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | +| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | +| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | +| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | +| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | +| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | +| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | +| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | +| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | +| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | +| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | +| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | +| defaults.server_config.servers.rest.port | int | `8080` | REST server port | +| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | +| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | +| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | +| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | +| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | +| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | +| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | +| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | +| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | +| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | +| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.time_zone | string | `"UTC"` | Time zone | +| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| discoverer.annotations | object | `{}` | deployment annotations | +| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | +| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | +| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | +| discoverer.discoverer.name | string | `""` | name to discovery | +| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | +| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | +| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | +| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | +| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | +| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | +| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | +| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | +| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | +| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}},"service":{"fields":{},"labels":{}}}` | k8s resource selectors | +| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | +| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | +| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | +| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | +| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | +| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | +| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | +| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.service | object | `{"fields":{},"labels":{}}` | k8s resource selectors for service discovery | +| discoverer.discoverer.selectors.service.fields | object | `{}` | k8s field selectors for service discovery | +| discoverer.discoverer.selectors.service.labels | object | `{}` | k8s label selectors for service discovery | +| discoverer.enabled | bool | `true` | discoverer enabled | +| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| discoverer.hpa.enabled | bool | `false` | HPA enabled | +| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | +| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | +| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| discoverer.initContainers | list | `[]` | init containers | +| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | +| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | +| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | +| discoverer.nodeName | string | `""` | node name | +| discoverer.nodeSelector | object | `{}` | node selector | +| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | +| discoverer.podAnnotations | object | `{}` | pod annotations | +| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | +| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | +| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | +| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| discoverer.service.annotations | object | `{}` | service annotations | +| discoverer.service.labels | object | `{}` | service labels | +| discoverer.serviceAccount.enabled | bool | `true` | creates service account | +| discoverer.serviceAccount.name | string | `"vald"` | name of service account | +| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| discoverer.time_zone | string | `""` | Time zone | +| discoverer.tolerations | list | `[]` | tolerations | +| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | +| discoverer.version | string | `"v0.0.0"` | version of discoverer config | +| discoverer.volumeMounts | list | `[]` | volume mounts | +| discoverer.volumes | list | `[]` | volumes | +| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.filter.annotations | object | `{}` | deployment annotations | +| gateway.filter.enabled | bool | `false` | gateway enabled | +| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | +| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | +| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | +| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | +| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | +| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | +| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | +| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | +| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | +| gateway.filter.nodeName | string | `""` | node name | +| gateway.filter.nodeSelector | object | `{}` | node selector | +| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.filter.podAnnotations | object | `{}` | pod annotations | +| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.filter.service.annotations | object | `{}` | service annotations | +| gateway.filter.service.labels | object | `{}` | service labels | +| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.filter.time_zone | string | `""` | Time zone | +| gateway.filter.tolerations | list | `[]` | tolerations | +| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | +| gateway.filter.volumeMounts | list | `[]` | volume mounts | +| gateway.filter.volumes | list | `[]` | volumes | +| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.lb.annotations | object | `{}` | deployment annotations | +| gateway.lb.enabled | bool | `true` | gateway enabled | +| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | +| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | +| gateway.lb.gateway_config.discoverer.read_client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | +| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | +| gateway.lb.gateway_config.node_name | string | `""` | node name | +| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | +| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | +| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | +| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | +| gateway.lb.nodeName | string | `""` | node name | +| gateway.lb.nodeSelector | object | `{}` | node selector | +| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.lb.podAnnotations | object | `{}` | pod annotations | +| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.lb.service.annotations | object | `{}` | service annotations | +| gateway.lb.service.labels | object | `{}` | service labels | +| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.lb.time_zone | string | `""` | Time zone | +| gateway.lb.tolerations | list | `[]` | tolerations | +| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | +| gateway.lb.volumeMounts | list | `[]` | volume mounts | +| gateway.lb.volumes | list | `[]` | volumes | +| gateway.mirror.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.mirror.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.mirror.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.mirror.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.mirror.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-mirror-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.mirror.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.mirror.annotations | object | `{}` | deployment annotations | +| gateway.mirror.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| gateway.mirror.clusterRole.name | string | `"gateway-mirror"` | name of clusterRole | +| gateway.mirror.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| gateway.mirror.clusterRoleBinding.name | string | `"gateway-mirror"` | name of clusterRoleBinding | +| gateway.mirror.enabled | bool | `false` | gateway enabled | +| gateway.mirror.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.mirror.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.mirror.gateway_config.client | object | `{}` | gRPC client (overrides defaults.grpc.client) | +| gateway.mirror.gateway_config.colocation | string | `"dc1"` | colocation name | +| gateway.mirror.gateway_config.discovery_duration | string | `"1s"` | duration to discovery | +| gateway.mirror.gateway_config.gateway_addr | string | `""` | address for lb-gateway | +| gateway.mirror.gateway_config.group | string | `""` | mirror group name | +| gateway.mirror.gateway_config.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | +| gateway.mirror.gateway_config.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | +| gateway.mirror.gateway_config.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | +| gateway.mirror.gateway_config.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | +| gateway.mirror.gateway_config.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | +| gateway.mirror.gateway_config.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | +| gateway.mirror.gateway_config.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | +| gateway.mirror.gateway_config.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| gateway.mirror.gateway_config.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| gateway.mirror.gateway_config.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| gateway.mirror.gateway_config.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| gateway.mirror.gateway_config.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| gateway.mirror.gateway_config.net.socket_option.tcp_defer_accept | bool | `true` | server listen socket option for tcp_defer_accept functionality | +| gateway.mirror.gateway_config.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| gateway.mirror.gateway_config.net.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| gateway.mirror.gateway_config.net.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| gateway.mirror.gateway_config.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| gateway.mirror.gateway_config.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| gateway.mirror.gateway_config.net.tls.enabled | bool | `false` | TLS enabled | +| gateway.mirror.gateway_config.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| gateway.mirror.gateway_config.net.tls.key | string | `"/path/to/key"` | TLS key path | +| gateway.mirror.gateway_config.pod_name | string | `"_MY_POD_NAME_"` | self mirror gateway pod name | +| gateway.mirror.gateway_config.register_duration | string | `"1s"` | duration to register mirror-gateway. | +| gateway.mirror.gateway_config.self_mirror_addr | string | `""` | address for self mirror-gateway | +| gateway.mirror.hpa.enabled | bool | `true` | HPA enabled | +| gateway.mirror.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.mirror.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.mirror.image.repository | string | `"vdaas/vald-mirror-gateway"` | image repository | +| gateway.mirror.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.mirror.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.mirror.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.mirror.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.mirror.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.mirror.ingress.host | string | `"mirror.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.mirror.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.mirror.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.mirror.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | +| gateway.mirror.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.mirror.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.mirror.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.mirror.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.mirror.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.mirror.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.mirror.name | string | `"vald-mirror-gateway"` | name of gateway deployment | +| gateway.mirror.nodeName | string | `""` | node name | +| gateway.mirror.nodeSelector | object | `{}` | node selector | +| gateway.mirror.observability | object | `{"otlp":{"attribute":{"service_name":"vald-mirror-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.mirror.podAnnotations | object | `{}` | pod annotations | +| gateway.mirror.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.mirror.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.mirror.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.mirror.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.mirror.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.mirror.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.mirror.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.mirror.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.mirror.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.mirror.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.mirror.service.annotations | object | `{}` | service annotations | +| gateway.mirror.service.labels | object | `{}` | service labels | +| gateway.mirror.serviceAccount.enabled | bool | `true` | creates service account | +| gateway.mirror.serviceAccount.name | string | `"gateway-mirror"` | name of service account | +| gateway.mirror.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.mirror.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.mirror.time_zone | string | `""` | Time zone | +| gateway.mirror.tolerations | list | `[]` | tolerations | +| gateway.mirror.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.mirror.version | string | `"v0.0.0"` | version of gateway config | +| gateway.mirror.volumeMounts | list | `[]` | volume mounts | +| gateway.mirror.volumes | list | `[]` | volumes | +| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | +| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| manager.index.annotations | object | `{}` | deployment annotations | +| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | +| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.corrector.image.pullPolicy | string | `"Always"` | | +| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | +| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | +| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | +| manager.index.corrector.node_name | string | `""` | node name | +| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | +| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | +| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | +| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | +| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.creator.concurrency | int | `1` | concurrency for indexing | +| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | +| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.creator.image.pullPolicy | string | `"Always"` | | +| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | +| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | +| manager.index.creator.node_name | string | `""` | node name | +| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | +| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | +| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | +| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.enabled | bool | `true` | index manager enabled | +| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | +| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | +| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | +| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | +| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | +| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | +| manager.index.indexer.concurrency | int | `1` | concurrency | +| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.indexer.node_name | string | `""` | node name | +| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | +| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | +| manager.index.nodeName | string | `""` | node name | +| manager.index.nodeSelector | object | `{}` | node selector | +| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | +| manager.index.operator | object | `{"affinity":{"nodeAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[],"requiredDuringSchedulingIgnoredDuringExecution":{"nodeSelectorTerms":[]}},"podAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[],"requiredDuringSchedulingIgnoredDuringExecution":[]},"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-index-operator"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}],"requiredDuringSchedulingIgnoredDuringExecution":[]}},"annotations":{},"enabled":false,"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-index-operator","tag":""},"initContainers":[],"kind":"Deployment","logging":{},"name":"vald-index-operator","namespace":"_MY_POD_NAMESPACE_","nodeName":"","nodeSelector":{},"observability":{"otlp":{"attribute":{"service_name":"vald-index-operator"}}},"podAnnotations":{},"podPriority":{"enabled":true,"value":1000000},"podSecurityContext":{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"progressDeadlineSeconds":600,"replicas":1,"resources":{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}},"revisionHistoryLimit":2,"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"terminationGracePeriodSeconds":30,"time_zone":"","tolerations":[],"topologySpreadConstraints":[],"version":"v0.0.0","volumeMounts":[],"volumes":[]}` | [THIS FEATURE IS WIP] operator that manages vald index | +| manager.index.operator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| manager.index.operator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| manager.index.operator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| manager.index.operator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| manager.index.operator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-index-operator"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| manager.index.operator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| manager.index.operator.annotations | object | `{}` | deployment annotations | +| manager.index.operator.enabled | bool | `false` | index operator enabled | +| manager.index.operator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.operator.image.pullPolicy | string | `"Always"` | image pull policy | +| manager.index.operator.image.repository | string | `"vdaas/vald-index-operator"` | image repository | +| manager.index.operator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.operator.initContainers | list | `[]` | init containers | +| manager.index.operator.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| manager.index.operator.logging | object | `{}` | logging config (overrides defaults.logging) | +| manager.index.operator.name | string | `"vald-index-operator"` | name of manager.index.operator deployment | +| manager.index.operator.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | +| manager.index.operator.nodeName | string | `""` | node name | +| manager.index.operator.nodeSelector | object | `{}` | node selector | +| manager.index.operator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-operator"}}}` | observability config (overrides defaults.observability) | +| manager.index.operator.podAnnotations | object | `{}` | pod annotations | +| manager.index.operator.podPriority.enabled | bool | `true` | manager.index.operator pod PriorityClass enabled | +| manager.index.operator.podPriority.value | int | `1000000` | manager.index.operator pod PriorityClass value | +| manager.index.operator.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.operator.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| manager.index.operator.replicas | int | `1` | number of replicas. | +| manager.index.operator.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | +| manager.index.operator.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| manager.index.operator.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| manager.index.operator.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| manager.index.operator.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.operator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.operator.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| manager.index.operator.time_zone | string | `""` | Time zone | +| manager.index.operator.tolerations | list | `[]` | tolerations | +| manager.index.operator.topologySpreadConstraints | list | `[]` | topology spread constraints of manager.index.operator pods | +| manager.index.operator.version | string | `"v0.0.0"` | version of index operator config | +| manager.index.operator.volumeMounts | list | `[]` | volume mounts | +| manager.index.operator.volumes | list | `[]` | volumes | +| manager.index.podAnnotations | object | `{}` | pod annotations | +| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | +| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | +| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| manager.index.readreplica.rotator | object | `{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}},"podSecurityContext":{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"read_replica_id":"_MY_TARGET_REPLICA_ID_","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532},"server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}` | [This feature is work in progress] readreplica agents rotation job | +| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | +| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | +| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | +| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | +| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | +| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotate"}}}` | observability config (overrides defaults.observability) | +| manager.index.readreplica.rotator.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | +| manager.index.readreplica.rotator.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | +| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | +| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | +| manager.index.replicas | int | `1` | number of replicas | +| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | +| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.saver.concurrency | int | `1` | concurrency for index saving | +| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.saver.enabled | bool | `false` | enable index save CronJob | +| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.saver.image.pullPolicy | string | `"Always"` | | +| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | +| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | +| manager.index.saver.node_name | string | `""` | node name | +| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | +| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | +| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | +| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.service.annotations | object | `{}` | service annotations | +| manager.index.service.labels | object | `{}` | service labels | +| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| manager.index.time_zone | string | `""` | Time zone | +| manager.index.tolerations | list | `[]` | tolerations | +| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | +| manager.index.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.volumeMounts | list | `[]` | volume mounts | +| manager.index.volumes | list | `[]` | volumes | diff --git a/charts/vald/templates/discoverer/clusterrole.yaml b/charts/vald/templates/discoverer/clusterrole.yaml index 6acfec265d..e2156198dd 100644 --- a/charts/vald/templates/discoverer/clusterrole.yaml +++ b/charts/vald/templates/discoverer/clusterrole.yaml @@ -59,4 +59,12 @@ rules: verbs: - get - list + - apiGroups: + - batch + resources: + - jobs + verbs: + - get + - list + - watch {{- end }} diff --git a/charts/vald/templates/index/operator/configmap.yaml b/charts/vald/templates/index/operator/configmap.yaml new file mode 100644 index 0000000000..8f977c0acb --- /dev/null +++ b/charts/vald/templates/index/operator/configmap.yaml @@ -0,0 +1,48 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $operator := .Values.manager.index.operator -}} +{{- $agent := .Values.agent -}} +{{- if $operator.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $operator.name }}-config + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: index-operator +data: + config.yaml: | + --- + version: {{ $operator.version }} + time_zone: {{ default .Values.defaults.time_zone $operator.time_zone }} + logging: + {{- $logging := dict "Values" $operator.logging "default" .Values.defaults.logging }} + {{- include "vald.logging" $logging | nindent 6 }} + server_config: + {{- $servers := dict "Values" $operator.server_config "default" .Values.defaults.server_config }} + {{- include "vald.servers" $servers | nindent 6 }} + observability: + {{- $observability := dict "Values" $operator.observability "default" .Values.defaults.observability }} + {{- include "vald.observability" $observability | nindent 6 }} + operator: + agent_name: {{ $agent.name }} + agent_namespace: {{ $agent.namespace }} + concurrency: 1 +{{- end }} diff --git a/charts/vald/templates/index/operator/deployment.yaml b/charts/vald/templates/index/operator/deployment.yaml new file mode 100644 index 0000000000..119bfe3c29 --- /dev/null +++ b/charts/vald/templates/index/operator/deployment.yaml @@ -0,0 +1,138 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $operator := .Values.manager.index.operator -}} +{{- $valdServiceAccount := .Values.discoverer.serviceAccount -}} +{{- if and $operator.enabled (eq $operator.kind "Deployment") }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $operator.name }} + labels: + app: {{ $operator.name }} + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: index-operator + {{- if $operator.annotations }} + annotations: + {{- toYaml $operator.annotations | nindent 4 }} + {{- end }} +spec: + progressDeadlineSeconds: {{ $operator.progressDeadlineSeconds }} + replicas: {{ $operator.replicas }} + revisionHistoryLimit: {{ $operator.revisionHistoryLimit }} + selector: + matchLabels: + app: {{ $operator.name }} + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: {{ $operator.rollingUpdate.maxSurge }} + maxUnavailable: {{ $operator.rollingUpdate.maxUnavailable }} + template: + metadata: + creationTimestamp: null + labels: + app: {{ $operator.name }} + app.kubernetes.io/name: {{ include "vald.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: operator + annotations: + checksum/configmap: {{ include (print $.Template.BasePath "/index/operator/configmap.yaml") . | sha256sum }} + {{- if $operator.podAnnotations }} + {{- toYaml $operator.podAnnotations | nindent 8 }} + {{- end }} + {{- $pprof := default .Values.defaults.server_config.metrics.pprof $operator.server_config.metrics.pprof }} + {{- if $pprof.enabled }} + pyroscope.io/scrape: "true" + pyroscope.io/application-name: {{ $operator.name }} + pyroscope.io/profile-cpu-enabled: "true" + pyroscope.io/profile-mem-enabled: "true" + pyroscope.io/port: "{{ $pprof.port }}" + {{- end }} + spec: + {{- if $operator.initContainers }} + initContainers: + {{- $initContainers := dict "initContainers" $operator.initContainers "Values" .Values "namespace" .Release.Namespace -}} + {{- include "vald.initContainers" $initContainers | trim | nindent 8 }} + {{- end }} + affinity: + {{- include "vald.affinity" $operator.affinity | nindent 8 }} + {{- if $operator.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml $operator.topologySpreadConstraints | nindent 8 }} + {{- end }} + containers: + - name: {{ $operator.name }} + image: "{{ $operator.image.repository }}:{{ default .Values.defaults.image.tag $operator.image.tag }}" + imagePullPolicy: {{ $operator.image.pullPolicy }} + {{- $servers := dict "Values" $operator.server_config "default" .Values.defaults.server_config -}} + {{- include "vald.containerPorts" $servers | trim | nindent 10 }} + resources: + {{- toYaml $operator.resources | nindent 12 }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + {{- if $operator.securityContext }} + securityContext: + {{- toYaml $operator.securityContext | nindent 12 }} + {{- end }} + {{- if $operator.env }} + env: + {{- toYaml $operator.env | nindent 12 }} + {{- end }} + volumeMounts: + - name: {{ $operator.name }}-config + mountPath: /etc/server/ + {{- if $operator.volumeMounts }} + {{- toYaml $operator.volumeMounts | nindent 12 }} + {{- end }} + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + serviceAccountName: {{ $valdServiceAccount.name }} + {{- if $operator.podSecurityContext }} + securityContext: + {{- toYaml $operator.podSecurityContext | nindent 8 }} + {{- end }} + terminationGracePeriodSeconds: {{ $operator.terminationGracePeriodSeconds }} + volumes: + - name: {{ $operator.name }}-config + configMap: + defaultMode: 420 + name: {{ $operator.name }}-config + {{- if $operator.volumes }} + {{- toYaml $operator.volumes | nindent 8 }} + {{- end }} + {{- if $operator.nodeName }} + nodeName: {{ $operator.nodeName }} + {{- end }} + {{- if $operator.nodeSelector }} + nodeSelector: + {{- toYaml $operator.nodeSelector | nindent 8 }} + {{- end }} + {{- if $operator.tolerations }} + tolerations: + {{- toYaml $operator.tolerations | nindent 8 }} + {{- end }} + {{- if $operator.podPriority }} + {{- if $operator.podPriority.enabled }} + priorityClassName: {{ .Release.Namespace }}-{{ $operator.name }}-priority + {{- end }} + {{- end }} +status: +{{- end }} diff --git a/charts/vald/templates/index/operator/priorityclass.yaml b/charts/vald/templates/index/operator/priorityclass.yaml new file mode 100644 index 0000000000..23f8d0c9e8 --- /dev/null +++ b/charts/vald/templates/index/operator/priorityclass.yaml @@ -0,0 +1,33 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $operator := .Values.manager.index.operator -}} +{{- if and $operator.enabled $operator.podPriority.enabled }} +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: {{ .Release.Namespace }}-{{ $operator.name }}-priority + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: index-operator +value: {{ $operator.podPriority.value }} +preemptionPolicy: Never +globalDefault: false +description: "A priority class for Vald index operator." +{{- end }} diff --git a/charts/vald/values.schema.json b/charts/vald/values.schema.json index 285a78aa2a..b4e27fe0d1 100644 --- a/charts/vald/values.schema.json +++ b/charts/vald/values.schema.json @@ -16647,6 +16647,1244 @@ } } }, + "operator": { + "type": "object", + "description": "[THIS FEATURE IS WIP] operator that manages vald index", + "properties": { + "affinity": { + "type": "object", + "properties": { + "nodeAffinity": { + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "type": "array", + "description": "node affinity preferred scheduling terms", + "items": { "type": "object" } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "type": "object", + "properties": { + "nodeSelectorTerms": { + "type": "array", + "description": "node affinity required node selectors", + "items": { "type": "object" } + } + } + } + } + }, + "podAffinity": { + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "type": "array", + "description": "pod affinity preferred scheduling terms", + "items": { "type": "object" } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "type": "array", + "description": "pod affinity required scheduling terms", + "items": { "type": "object" } + } + } + }, + "podAntiAffinity": { + "type": "object", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "type": "array", + "description": "pod anti-affinity preferred scheduling terms", + "items": { "type": "object" } + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "type": "array", + "description": "pod anti-affinity required scheduling terms", + "items": { "type": "object" } + } + } + } + } + }, + "annotations": { + "type": "object", + "description": "deployment annotations" + }, + "enabled": { + "type": "boolean", + "description": "index operator enabled" + }, + "env": { + "type": "array", + "description": "environment variables", + "items": { "type": "object" } + }, + "image": { + "type": "object", + "properties": { + "pullPolicy": { + "type": "string", + "description": "image pull policy", + "enum": ["Always", "Never", "IfNotPresent"] + }, + "repository": { + "type": "string", + "description": "image repository" + }, + "tag": { + "type": "string", + "description": "image tag (overrides defaults.image.tag)" + } + } + }, + "initContainers": { + "type": "array", + "description": "init containers", + "items": { "type": "object" } + }, + "kind": { + "type": "string", + "description": "deployment kind: Deployment or DaemonSet", + "enum": ["Deployment", "DaemonSet"] + }, + "logging": { + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "logging format. logging format must be `raw` or `json`", + "enum": ["raw", "json"] + }, + "level": { + "type": "string", + "description": "logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`.", + "enum": ["debug", "info", "warn", "error", "fatal"] + }, + "logger": { + "type": "string", + "description": "logger name. currently logger must be `glg` or `zap`.", + "enum": ["glg", "zap"] + } + } + }, + "name": { + "type": "string", + "description": "name of manager.index.operator deployment" + }, + "namespace": { + "type": "string", + "description": "namespace to discovery" + }, + "nodeName": { "type": "string", "description": "node name" }, + "nodeSelector": { + "type": "object", + "description": "node selector" + }, + "observability": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "observability features enabled" + }, + "metrics": { + "type": "object", + "properties": { + "enable_cgo": { + "type": "boolean", + "description": "CGO metrics enabled" + }, + "enable_goroutine": { + "type": "boolean", + "description": "goroutine metrics enabled" + }, + "enable_memory": { + "type": "boolean", + "description": "memory metrics enabled" + }, + "enable_version_info": { + "type": "boolean", + "description": "version info metrics enabled" + }, + "version_info_labels": { + "type": "array", + "description": "enabled label names of version info", + "items": { + "type": "string", + "enum": [ + "vald_version", + "server_name", + "git_commit", + "build_time", + "go_version", + "go_os", + "go_arch", + "cgo_enabled", + "algorithm_info", + "build_cpu_info_flags" + ] + } + } + } + }, + "otlp": { + "type": "object", + "properties": { + "attribute": { + "type": "object", + "description": "default resource attribute", + "properties": { + "namespace": { + "type": "string", + "description": "namespace" + }, + "node_name": { + "type": "string", + "description": "node name" + }, + "pod_name": { + "type": "string", + "description": "pod name" + }, + "service_name": { + "type": "string", + "description": "service name" + } + } + }, + "collector_endpoint": { + "type": "string", + "description": "OpenTelemetry Collector endpoint" + }, + "metrics_export_interval": { + "type": "string", + "description": "metrics export interval" + }, + "metrics_export_timeout": { + "type": "string", + "description": "metrics export timeout" + }, + "trace_batch_timeout": { + "type": "string", + "description": "trace batch timeout" + }, + "trace_export_timeout": { + "type": "string", + "description": "trace export timeout" + }, + "trace_max_export_batch_size": { + "type": "integer", + "description": "trace maximum export batch size" + }, + "trace_max_queue_size": { + "type": "integer", + "description": "trace maximum queue size" + } + } + }, + "trace": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "trace enabled" + } + } + } + } + }, + "podAnnotations": { + "type": "object", + "description": "pod annotations" + }, + "podPriority": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "gateway pod PriorityClass enabled" + }, + "value": { + "type": "integer", + "description": "gateway pod PriorityClass value" + } + } + }, + "podSecurityContext": { + "type": "object", + "description": "security context for pod" + }, + "progressDeadlineSeconds": { + "type": "integer", + "description": "progress deadline seconds" + }, + "replicas": { + "type": "integer", + "description": "number of replicas.", + "minimum": 0 + }, + "resources": { + "type": "object", + "description": "compute resources", + "properties": { + "limits": { "type": "object" }, + "requests": { "type": "object" } + } + }, + "revisionHistoryLimit": { + "type": "integer", + "description": "number of old history to retain to allow rollback", + "minimum": 0 + }, + "rollingUpdate": { + "type": "object", + "properties": { + "maxSurge": { + "type": "string", + "description": "max surge of rolling update" + }, + "maxUnavailable": { + "type": "string", + "description": "max unavailable of rolling update" + } + } + }, + "securityContext": { + "type": "object", + "description": "security context for container" + }, + "server_config": { + "type": "object", + "properties": { + "full_shutdown_duration": { + "type": "string", + "description": "server full shutdown duration" + }, + "healths": { + "type": "object", + "properties": { + "liveness": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "liveness server enabled" + }, + "host": { + "type": "string", + "description": "liveness server host" + }, + "livenessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "liveness probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "liveness probe path" + }, + "port": { + "type": "string", + "description": "liveness probe port" + }, + "scheme": { + "type": "string", + "description": "liveness probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "liveness probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "liveness probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "liveness probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "liveness probe timeout seconds" + } + } + }, + "port": { + "type": "integer", + "description": "liveness server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "liveness server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "readiness": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "readiness server enabled" + }, + "host": { + "type": "string", + "description": "readiness server host" + }, + "port": { + "type": "integer", + "description": "readiness server port", + "maximum": 65535, + "minimum": 0 + }, + "readinessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "readiness probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "readiness probe path" + }, + "port": { + "type": "string", + "description": "readiness probe port" + }, + "scheme": { + "type": "string", + "description": "readiness probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "readiness probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "readiness probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "readiness probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "readiness probe timeout seconds" + } + } + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "readiness server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "startup": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "startup server enabled" + }, + "port": { + "type": "integer", + "description": "startup server port", + "maximum": 65535, + "minimum": 0 + }, + "startupProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "startup probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "startup probe path" + }, + "port": { + "type": "string", + "description": "startup probe port" + }, + "scheme": { + "type": "string", + "description": "startup probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "startup probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "startup probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "startup probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "startup probe timeout seconds" + } + } + } + } + } + } + }, + "metrics": { + "type": "object", + "properties": { + "pprof": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "pprof server enabled" + }, + "host": { + "type": "string", + "description": "pprof server host" + }, + "port": { + "type": "integer", + "description": "pprof server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "pprof server service port", + "maximum": 65535, + "minimum": 0 + } + } + } + } + }, + "servers": { + "type": "object", + "properties": { + "grpc": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "gRPC server enabled" + }, + "host": { + "type": "string", + "description": "gRPC server host" + }, + "port": { + "type": "integer", + "description": "gRPC server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "grpc": { + "type": "object", + "properties": { + "bidirectional_stream_concurrency": { + "type": "integer", + "description": "gRPC server bidirectional stream concurrency" + }, + "connection_timeout": { + "type": "string", + "description": "gRPC server connection timeout" + }, + "enable_admin": { + "type": "boolean", + "description": "gRPC server admin option" + }, + "enable_reflection": { + "type": "boolean", + "description": "gRPC server reflection option" + }, + "header_table_size": { + "type": "integer", + "description": "gRPC server header table size" + }, + "initial_conn_window_size": { + "type": "integer", + "description": "gRPC server initial connection window size" + }, + "initial_window_size": { + "type": "integer", + "description": "gRPC server initial window size" + }, + "interceptors": { + "type": "array", + "description": "gRPC server interceptors", + "items": { + "type": "string", + "enum": [ + "RecoverInterceptor", + "AccessLogInterceptor", + "TraceInterceptor", + "MetricInterceptor" + ] + } + }, + "keepalive": { + "type": "object", + "properties": { + "max_conn_age": { + "type": "string", + "description": "gRPC server keep alive max connection age" + }, + "max_conn_age_grace": { + "type": "string", + "description": "gRPC server keep alive max connection age grace" + }, + "max_conn_idle": { + "type": "string", + "description": "gRPC server keep alive max connection idle" + }, + "min_time": { + "type": "string", + "description": "gRPC server keep alive min_time" + }, + "permit_without_stream": { + "type": "boolean", + "description": "gRPC server keep alive permit_without_stream" + }, + "time": { + "type": "string", + "description": "gRPC server keep alive time" + }, + "timeout": { + "type": "string", + "description": "gRPC server keep alive timeout" + } + } + }, + "max_header_list_size": { + "type": "integer", + "description": "gRPC server max header list size" + }, + "max_receive_message_size": { + "type": "integer", + "description": "gRPC server max receive message size" + }, + "max_send_message_size": { + "type": "integer", + "description": "gRPC server max send message size" + }, + "read_buffer_size": { + "type": "integer", + "description": "gRPC server read buffer size" + }, + "write_buffer_size": { + "type": "integer", + "description": "gRPC server write buffer size" + } + } + }, + "mode": { + "type": "string", + "description": "gRPC server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "gRPC server probe wait time" + }, + "restart": { + "type": "boolean", + "description": "gRPC server restart" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "gRPC server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "rest": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "REST server enabled" + }, + "host": { + "type": "string", + "description": "REST server host" + }, + "port": { + "type": "integer", + "description": "REST server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "REST server service port", + "maximum": 65535, + "minimum": 0 + } + } + } + } + }, + "tls": { + "type": "object", + "properties": { + "ca": { + "type": "string", + "description": "TLS ca path" + }, + "cert": { + "type": "string", + "description": "TLS cert path" + }, + "enabled": { + "type": "boolean", + "description": "TLS enabled" + }, + "insecure_skip_verify": { + "type": "boolean", + "description": "enable/disable skip SSL certificate verification" + }, + "key": { + "type": "string", + "description": "TLS key path" + } + } + } + } + }, + "terminationGracePeriodSeconds": { + "type": "integer", + "description": "duration in seconds pod needs to terminate gracefully", + "minimum": 0 + }, + "time_zone": { "type": "string", "description": "Time zone" }, + "tolerations": { + "type": "array", + "description": "tolerations", + "items": { "type": "object" } + }, + "topologySpreadConstraints": { + "type": "array", + "description": "topology spread constraints of gateway pods", + "items": { "type": "object" } + }, + "version": { + "type": "string", + "description": "version of gateway config", + "pattern": "^v[0-9]+\\.[0-9]+\\.[0-9]$" + }, + "volumeMounts": { + "type": "array", + "description": "volume mounts", + "items": { "type": "object" } + }, + "volumes": { + "type": "array", + "description": "volumes", + "items": { "type": "object" } + } + } + }, "podAnnotations": { "type": "object", "description": "pod annotations" diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index 01598eff32..5cca7418fe 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -3502,3 +3502,175 @@ manager: # @schema {"name": "manager.index.readreplica.rotator.clusterRoleBinding.name", "type": "string"} # manager.index.readreplica.rotator.clusterRoleBinding.name -- name of clusterRoleBinding name: vald-readreplica-rotate + # @schema {"name": "manager.index.operator", "type": "object"} + # manager.index.operator -- [THIS FEATURE IS WIP] operator that manages vald index + operator: + # @schema {"name": "manager.index.operator.enabled", "type": "boolean"} + # manager.index.operator.enabled -- index operator enabled + enabled: false + # @schema {"name": "manager.index.operator.version", "alias": "version"} + # manager.index.operator.version -- version of index operator config + version: v0.0.0 + # @schema {"name": "manager.index.operator.time_zone", "type": "string"} + # manager.index.operator.time_zone -- Time zone + time_zone: "" + # @schema {"name": "manager.index.operator.logging", "alias": "logging"} + # manager.index.operator.logging -- logging config (overrides defaults.logging) + logging: {} + # @schema {"name": "manager.index.operator.name", "type": "string"} + # manager.index.operator.name -- name of manager.index.operator deployment + name: vald-index-operator + # @schema {"name": "manager.index.operator.kind", "type": "string", "enum": ["Deployment", "DaemonSet"]} + # manager.index.operator.kind -- deployment kind: Deployment or DaemonSet + kind: Deployment + # @schema {"name": "manager.index.operator.progressDeadlineSeconds", "type": "integer"} + # manager.index.operator.progressDeadlineSeconds -- progress deadline seconds + progressDeadlineSeconds: 600 + # @schema {"name": "manager.index.operator.replicas", "type": "integer", "minimum": 0} + # manager.index.operator.replicas -- number of replicas. + replicas: 1 + # @schema {"name": "manager.index.operator.revisionHistoryLimit", "type": "integer", "minimum": 0} + # manager.index.operator.revisionHistoryLimit -- number of old history to retain to allow rollback + revisionHistoryLimit: 2 + # @schema {"name": "manager.index.operator.terminationGracePeriodSeconds", "type": "integer", "minimum": 0} + # manager.index.operator.terminationGracePeriodSeconds -- duration in seconds pod needs to terminate gracefully + terminationGracePeriodSeconds: 30 + # @schema {"name": "manager.index.operator.podSecurityContext", "type": "object"} + # manager.index.operator.podSecurityContext -- security context for pod + podSecurityContext: + runAsUser: 65532 + runAsNonRoot: true + runAsGroup: 65532 + fsGroup: 65532 + fsGroupChangePolicy: "OnRootMismatch" + # @schema {"name": "manager.index.operator.securityContext", "type": "object"} + # manager.index.operator.securityContext -- security context for container + securityContext: + runAsUser: 65532 + runAsNonRoot: true + runAsGroup: 65532 + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + # @schema {"name": "manager.index.operator.podPriority", "alias": "podPriority"} + podPriority: + # manager.index.operator.podPriority.enabled -- manager.index.operator pod PriorityClass enabled + enabled: true + # manager.index.operator.podPriority.value -- manager.index.operator pod PriorityClass value + value: 1000000 + # @schema {"name": "manager.index.operator.annotations", "type": "object"} + # manager.index.operator.annotations -- deployment annotations + annotations: {} + # @schema {"name": "manager.index.operator.podAnnotations", "type": "object"} + # manager.index.operator.podAnnotations -- pod annotations + podAnnotations: {} + # @schema {"name": "manager.index.operator.image", "alias": "image"} + image: + # manager.index.operator.image.repository -- image repository + repository: vdaas/vald-index-operator + # manager.index.operator.image.tag -- image tag (overrides defaults.image.tag) + tag: "" + # manager.index.operator.image.pullPolicy -- image pull policy + pullPolicy: Always + # @schema {"name": "manager.index.operator.rollingUpdate", "alias": "rollingUpdate"} + rollingUpdate: + # manager.index.operator.rollingUpdate.maxSurge -- max surge of rolling update + maxSurge: 25% + # manager.index.operator.rollingUpdate.maxUnavailable -- max unavailable of rolling update + maxUnavailable: 25% + # @schema {"name": "manager.index.operator.initContainers", "alias": "initContainers"} + # manager.index.operator.initContainers -- init containers + initContainers: [] + # @schema {"name": "manager.index.operator.env", "alias": "env"} + # manager.index.operator.env -- environment variables + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # @schema {"name": "manager.index.operator.volumeMounts", "alias": "volumeMounts"} + # manager.index.operator.volumeMounts -- volume mounts + volumeMounts: [] + # @schema {"name": "manager.index.operator.volumes", "alias": "volumes"} + # manager.index.operator.volumes -- volumes + volumes: [] + # @schema {"name": "manager.index.operator.nodeName", "type": "string"} + # manager.index.operator.nodeName -- node name + nodeName: "" + # @schema {"name": "manager.index.operator.nodeSelector", "alias": "nodeSelector"} + # manager.index.operator.nodeSelector -- node selector + nodeSelector: {} + # @schema {"name": "manager.index.operator.tolerations", "alias": "tolerations"} + # manager.index.operator.tolerations -- tolerations + tolerations: [] + # @schema {"name": "manager.index.operator.affinity", "alias": "affinity"} + affinity: + nodeAffinity: + # manager.index.operator.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution -- node affinity preferred scheduling terms + preferredDuringSchedulingIgnoredDuringExecution: [] + requiredDuringSchedulingIgnoredDuringExecution: + # manager.index.operator.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms -- node affinity required node selectors + nodeSelectorTerms: [] + podAffinity: + # manager.index.operator.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution -- pod affinity preferred scheduling terms + preferredDuringSchedulingIgnoredDuringExecution: [] + # manager.index.operator.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution -- pod affinity required scheduling terms + requiredDuringSchedulingIgnoredDuringExecution: [] + podAntiAffinity: + # manager.index.operator.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution -- pod anti-affinity preferred scheduling terms + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: kubernetes.io/hostname + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - vald-index-operator + # manager.index.operator.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution -- pod anti-affinity required scheduling terms + requiredDuringSchedulingIgnoredDuringExecution: [] + # @schema {"name": "manager.index.operator.topologySpreadConstraints", "alias": "topologySpreadConstraints"} + # manager.index.operator.topologySpreadConstraints -- topology spread constraints of manager.index.operator pods + topologySpreadConstraints: [] + # @schema {"name": "manager.index.operator.server_config", "alias": "server_config"} + # manager.index.operator.server_config -- server config (overrides defaults.server_config) + server_config: + servers: + rest: {} + grpc: {} + healths: + liveness: {} + readiness: {} + startup: {} + metrics: + pprof: {} + # @schema {"name": "manager.index.operator.observability", "alias": "observability"} + # manager.index.operator.observability -- observability config (overrides defaults.observability) + observability: + otlp: + attribute: + service_name: vald-index-operator + # @schema {"name": "manager.index.operator.resources", "alias": "resources"} + # manager.index.operator.resources -- compute resources + resources: + requests: + cpu: 200m + memory: 65Mi + limits: + cpu: 600m + memory: 200Mi + # @schema {"name": "manager.index.operator.namespace", "type": "string"} + # manager.index.operator.namespace -- namespace to discovery + namespace: _MY_POD_NAMESPACE_ diff --git a/cmd/index/operator/main.go b/cmd/index/operator/main.go new file mode 100644 index 0000000000..d09c1dfb78 --- /dev/null +++ b/cmd/index/operator/main.go @@ -0,0 +1,59 @@ +// Copyright (C) 2019-2024 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package main + +import ( + "context" + + "github.com/vdaas/vald/internal/errors" + "github.com/vdaas/vald/internal/info" + "github.com/vdaas/vald/internal/log" + "github.com/vdaas/vald/internal/runner" + "github.com/vdaas/vald/internal/safety" + "github.com/vdaas/vald/pkg/index/operator/config" + "github.com/vdaas/vald/pkg/index/operator/usecase" +) + +const ( + maxVersion = "v0.0.10" + minVersion = "v0.0.0" + name = "index operator" +) + +func main() { + if err := safety.RecoverFunc(func() error { + return runner.Do( + context.Background(), + runner.WithName(name), + runner.WithVersion(info.Version, maxVersion, minVersion), + runner.WithConfigLoader(func(path string) (interface{}, *config.GlobalConfig, error) { + cfg, err := config.NewConfig(path) + if err != nil { + return nil, nil, errors.Wrap(err, "failed to load "+name+"'s configuration") + } + return cfg, &cfg.GlobalConfig, nil + }), + runner.WithDaemonInitializer(func(cfg interface{}) (runner.Runner, error) { + c, ok := cfg.(*config.Data) + if !ok { + return nil, errors.ErrInvalidConfig + } + return usecase.New(c) + }), + ) + })(); err != nil { + log.Fatal(err, info.Get()) + return + } +} diff --git a/cmd/index/operator/sample.yaml b/cmd/index/operator/sample.yaml new file mode 100644 index 0000000000..9eb0ea6d34 --- /dev/null +++ b/cmd/index/operator/sample.yaml @@ -0,0 +1,105 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +version: v0.0.0 +time_zone: JST +logging: + format: raw + level: debug + logger: glg +server_config: + servers: + - name: grpc + host: 0.0.0.0 + port: 8081 + grpc: + bidirectional_stream_concurrency: 20 + connection_timeout: "" + header_table_size: 0 + initial_conn_window_size: 0 + initial_window_size: 0 + interceptors: [] + keepalive: + max_conn_age: "" + max_conn_age_grace: "" + max_conn_idle: "" + time: "" + timeout: "" + max_header_list_size: 0 + max_receive_message_size: 0 + max_send_message_size: 0 + read_buffer_size: 0 + write_buffer_size: 0 + mode: GRPC + probe_wait_time: 3s + restart: true + health_check_servers: + - name: readiness + host: 0.0.0.0 + port: 3001 + http: + handler_timeout: "" + idle_timeout: "" + read_header_timeout: "" + read_timeout: "" + shutdown_duration: 0s + write_timeout: "" + mode: "" + probe_wait_time: 3s + metrics_servers: + startup_strategy: + - grpc + - readiness + full_shutdown_duration: 600s + tls: + ca: /path/to/ca + cert: /path/to/cert + enabled: false + key: /path/to/key +operator: + agent_name: "vald-agent" + agent_namespace: "default" + concurrency: 1 +observability: + enabled: false + otlp: + collector_endpoint: "otel-collector.monitoring.svc.cluster.local:4317" + trace_batch_timeout: "1s" + trace_export_timeout: "1m" + trace_max_export_batch_size: 1024 + trace_max_queue_size: 256 + metrics_export_interval: "1s" + metrics_export_timeout: "1m" + attribute: + namespace: "_MY_POD_NAMESPACE_" + pod_name: "_MY_POD_NAME_" + node_name: "_MY_NODE_NAME_" + service_name: "vald-index-creation" + metrics: + enable_cgo: true + enable_goroutine: true + enable_memory: true + enable_version_info: true + version_info_labels: + - vald_version + - server_name + - git_commit + - build_time + - go_version + - go_os + - go_arch + - algorithm_info + trace: + enabled: true diff --git a/dockers/index/operator/Dockerfile b/dockers/index/operator/Dockerfile new file mode 100644 index 0000000000..ab3a2d4a5c --- /dev/null +++ b/dockers/index/operator/Dockerfile @@ -0,0 +1,98 @@ +# syntax = docker/dockerfile:latest +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +ARG DISTROLESS_IMAGE=gcr.io/distroless/static +ARG DISTROLESS_IMAGE_TAG=nonroot +ARG MAINTAINER="vdaas.org vald team " + +FROM --platform=${TARGETPLATFORM} ubuntu:devel AS builder + +ARG GO_VERSION +ARG TARGETARCH +ARG TARGETOS + +ENV GO111MODULE on +ENV DEBIAN_FRONTEND noninteractive +ENV INITRD No +ENV LANG en_US.UTF-8 +ENV GOROOT /opt/go +ENV GOPATH /go +ENV PATH ${PATH}:${GOROOT}/bin:${GOPATH}/bin +ENV ORG vdaas +ENV REPO vald +ENV PKG index/operator +ENV APP_NAME index-operator + + +# skipcq: DOK-DL3008 +RUN apt-get update && apt-get install -y --no-install-recommends \ + ca-certificates \ + build-essential \ + curl \ + upx \ + git \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/Makefile.d +COPY Makefile.d . +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO} +COPY Makefile . +COPY .git . +COPY go.mod . +COPY go.sum . + +RUN --mount=type=cache,target="${GOPATH}/pkg",id="go-build-${TARGETARCH}" \ + --mount=type=cache,target="${HOME}/.cache/go-build",id="go-build-${TARGETARCH}" \ + make GO_VERSION=${GO_VERSION} go/install \ + && make go/download + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/internal +COPY internal . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/apis/grpc +COPY apis/grpc . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/pkg/${PKG} +COPY pkg/${PKG} . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/cmd/${PKG} +COPY cmd/${PKG} . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/versions +COPY versions . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO} +RUN --mount=type=cache,target="${GOPATH}/pkg",id="go-build-${TARGETARCH}" \ + --mount=type=cache,target="${HOME}/.cache/go-build",id="go-build-${TARGETARCH}" \ + make GOARCH=${TARGETARCH} GOOS=${TARGETOS} REPO=${ORG} NAME=${REPO} cmd/${PKG}/${APP_NAME} \ + && mv "cmd/${PKG}/${APP_NAME}" "/usr/bin/${APP_NAME}" + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/cmd/${PKG} +RUN cp sample.yaml /tmp/config.yaml + +FROM --platform=${TARGETPLATFORM} ${DISTROLESS_IMAGE}:${DISTROLESS_IMAGE_TAG} +LABEL maintainer="${MAINTAINER}" + +ENV APP_NAME index-operator + +COPY --from=builder /usr/bin/${APP_NAME} /go/bin/${APP_NAME} +COPY --from=builder /tmp/config.yaml /etc/server/config.yaml + +USER nonroot:nonroot + +ENTRYPOINT ["/go/bin/index-operator"] diff --git a/internal/config/index_operator.go b/internal/config/index_operator.go new file mode 100644 index 0000000000..053941603b --- /dev/null +++ b/internal/config/index_operator.go @@ -0,0 +1,32 @@ +// Copyright (C) 2019-2024 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package config + +// IndexCreation represents the configurations for index creation. +type IndexOperator struct { + // AgentName represent agents meta_name for service discovery + AgentName string `json:"agent_name" yaml:"agent_name"` + + // AgentNamespace represent agent namespace location + AgentNamespace string `json:"agent_namespace" yaml:"agent_namespace"` + + // Concurrency represents indexing concurrency. + Concurrency int `json:"concurrency" yaml:"concurrency"` +} + +func (ic *IndexOperator) Bind() *IndexOperator { + ic.AgentName = GetActualValue(ic.AgentName) + ic.AgentNamespace = GetActualValue(ic.AgentNamespace) + return ic +} diff --git a/internal/k8s/pod/option.go b/internal/k8s/pod/option.go index de78fb592c..3952d648f8 100644 --- a/internal/k8s/pod/option.go +++ b/internal/k8s/pod/option.go @@ -18,6 +18,8 @@ package pod import ( + "context" + "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/manager" ) @@ -47,7 +49,7 @@ func WithOnErrorFunc(f func(err error)) Option { } } -func WithOnReconcileFunc(f func(podList map[string][]Pod)) Option { +func WithOnReconcileFunc(f func(ctx context.Context, podList map[string][]Pod)) Option { return func(r *reconciler) error { r.onReconcile = f return nil diff --git a/internal/k8s/pod/pod.go b/internal/k8s/pod/pod.go index 197bfeb142..4828a2a47c 100644 --- a/internal/k8s/pod/pod.go +++ b/internal/k8s/pod/pod.go @@ -40,19 +40,20 @@ type reconciler struct { name string namespace string onError func(err error) - onReconcile func(podList map[string][]Pod) + onReconcile func(ctx context.Context, podList map[string][]Pod) lopts []client.ListOption } type Pod struct { - Name string - NodeName string - Namespace string - IP string - CPULimit float64 - CPURequest float64 - MemLimit float64 - MemRequest float64 + Name string + NodeName string + Namespace string + IP string + CPULimit float64 + CPURequest float64 + MemLimit float64 + MemRequest float64 + Annotations map[string]string } func New(opts ...Option) PodWatcher { @@ -142,19 +143,20 @@ func (r *reconciler) Reconcile(ctx context.Context, _ reconcile.Request) (res re } pods[podName] = append(pods[podName], Pod{ - Name: pod.GetName(), - NodeName: pod.Spec.NodeName, - Namespace: pod.GetNamespace(), - IP: pod.Status.PodIP, - CPULimit: cpuLimit, - CPURequest: cpuRequest, - MemLimit: memLimit, - MemRequest: memRequest, + Name: pod.GetName(), + NodeName: pod.Spec.NodeName, + Namespace: pod.GetNamespace(), + IP: pod.Status.PodIP, + CPULimit: cpuLimit, + CPURequest: cpuRequest, + MemLimit: memLimit, + MemRequest: memRequest, + Annotations: pod.GetAnnotations(), }) } if r.onReconcile != nil { - r.onReconcile(pods) + r.onReconcile(ctx, pods) } return } diff --git a/pkg/discoverer/k8s/service/discover.go b/pkg/discoverer/k8s/service/discover.go index bf99994773..32f81e8893 100644 --- a/pkg/discoverer/k8s/service/discover.go +++ b/pkg/discoverer/k8s/service/discover.go @@ -137,7 +137,7 @@ func New(selector *config.Selectors, opts ...Option) (dsc Discoverer, err error) pod.WithOnErrorFunc(func(err error) { log.Error("failed to reconcile:", err) }), - pod.WithOnReconcileFunc(func(podList map[string][]pod.Pod) { + pod.WithOnReconcileFunc(func(_ context.Context, podList map[string][]pod.Pod) { log.Debugf("pod resource reconciled\t%#v", podList) for name, pods := range podList { if len(pods) > d.maxPods { diff --git a/pkg/index/operator/config/config.go b/pkg/index/operator/config/config.go new file mode 100644 index 0000000000..fcf0eb4700 --- /dev/null +++ b/pkg/index/operator/config/config.go @@ -0,0 +1,71 @@ +// Copyright (C) 2019-2024 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package config + +import ( + "github.com/vdaas/vald/internal/config" + "github.com/vdaas/vald/internal/errors" +) + +// GlobalConfig is a type alias of config.GlobalConfig representing application base configurations. +type GlobalConfig = config.GlobalConfig + +// Data represents the application configurations. +type Data struct { + // GlobalConfig represents application base configurations. + config.GlobalConfig `json:",inline" yaml:",inline"` + + // Server represent all server configurations + Server *config.Servers `json:"server_config" yaml:"server_config"` + + // Observability represents observability configurations. + Observability *config.Observability `json:"observability" yaml:"observability"` + + // Operator represents auto indexing service configurations. + Operator *config.IndexOperator `json:"operator" yaml:"operator"` +} + +// NewConfig load configurations from file path. +func NewConfig(path string) (cfg *Data, err error) { + cfg = new(Data) + + if err = config.Read(path, &cfg); err != nil { + return nil, err + } + + if cfg != nil { + _ = cfg.GlobalConfig.Bind() + } else { + return nil, errors.ErrInvalidConfig + } + + if cfg.Server != nil { + _ = cfg.Server.Bind() + } else { + return nil, errors.ErrInvalidConfig + } + + if cfg.Observability != nil { + _ = cfg.Observability.Bind() + } else { + cfg.Observability = new(config.Observability).Bind() + } + + if cfg.Operator != nil { + _ = cfg.Operator.Bind() + } else { + return nil, errors.ErrInvalidConfig + } + return cfg, nil +} diff --git a/pkg/index/operator/service/operator.go b/pkg/index/operator/service/operator.go new file mode 100644 index 0000000000..0ae30c55d7 --- /dev/null +++ b/pkg/index/operator/service/operator.go @@ -0,0 +1,141 @@ +// Copyright (C) 2019-2024 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package service + +import ( + "context" + "reflect" + + "github.com/vdaas/vald/internal/errors" + "github.com/vdaas/vald/internal/k8s" + "github.com/vdaas/vald/internal/k8s/job" + "github.com/vdaas/vald/internal/k8s/pod" + "github.com/vdaas/vald/internal/log" + "github.com/vdaas/vald/internal/observability/trace" + "github.com/vdaas/vald/internal/safety" + "github.com/vdaas/vald/internal/sync/errgroup" +) + +const ( + apiName = "vald/index/operator" +) + +// Operator represents an interface for indexing. +type Operator interface { + Start(ctx context.Context) (<-chan error, error) +} + +type operator struct { + ctrl k8s.Controller + eg errgroup.Group + namespace string +} + +// New returns Indexer object if no error occurs. +func New(agentName string, opts ...Option) (o Operator, err error) { + operator := new(operator) + for _, opt := range append(defaultOpts, opts...) { + if err := opt(operator); err != nil { + oerr := errors.ErrOptionFailed(err, reflect.ValueOf(opt)) + e := &errors.ErrCriticalOption{} + if errors.As(oerr, &e) { + log.Error(err) + return nil, oerr + } + log.Warn(oerr) + } + } + + podController := pod.New( + pod.WithControllerName("pod reconciler for index operator"), + pod.WithOnErrorFunc(func(err error) { + log.Error("failed to reconcile:", err) + }), + pod.WithNamespace(operator.namespace), + pod.WithOnReconcileFunc(operator.podOnReconcile), + pod.WithLabels(map[string]string{ + "app": agentName, + }), + ) + + jobController, err := job.New( + job.WithControllerName("job reconciler for index operator"), + job.WithNamespaces(operator.namespace), + job.WithOnErrorFunc(func(err error) { + log.Errorf("failed to reconcile job resource:", err) + }), + job.WithOnReconcileFunc(operator.jobOnReconcile), + ) + if err != nil { + return nil, err + } + + operator.ctrl, err = k8s.New( + k8s.WithResourceController(podController), + k8s.WithResourceController(jobController), + ) + if err != nil { + return nil, err + } + return operator, nil +} + +// Start starts indexing process. +func (o *operator) Start(ctx context.Context) (<-chan error, error) { + ctx, span := trace.StartSpan(ctx, apiName+"/service/operator.Start") + defer func() { + if span != nil { + span.End() + } + }() + + dech, err := o.ctrl.Start(ctx) + if err != nil { + return nil, err + } + ech := make(chan error, 2) + o.eg.Go(safety.RecoverFunc(func() (err error) { + defer close(ech) + for { + select { + case <-ctx.Done(): + return ctx.Err() + case err := <-dech: + if err != nil { + ech <- err + } + } + } + })) + + return ech, nil +} + +// TODO: implement agent pod reconcile logic to detect conditions to start indexing and saving. +func (o *operator) podOnReconcile(ctx context.Context, podList map[string][]pod.Pod) { + for k, v := range podList { + for _, pod := range v { + log.Debug("key", k, "name:", pod.Name, "annotations:", pod.Annotations) + } + } +} + +// TODO: implement job reconcile logic to detect save job completion and to start rotation. +func (o *operator) jobOnReconcile(ctx context.Context, jobList map[string][]job.Job) { + for k, v := range jobList { + for _, job := range v { + log.Debug("key", k, "name:", job.Name, "status:", job.Status) + } + } +} diff --git a/pkg/index/operator/service/options.go b/pkg/index/operator/service/options.go new file mode 100644 index 0000000000..00f3f298fe --- /dev/null +++ b/pkg/index/operator/service/options.go @@ -0,0 +1,32 @@ +// Copyright (C) 2019-2024 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package service + +import "github.com/vdaas/vald/internal/sync/errgroup" + +// Option represents the functional option for index. +type Option func(_ *operator) error + +var defaultOpts = []Option{ + WithErrGroup(errgroup.Get()), +} + +func WithErrGroup(eg errgroup.Group) Option { + return func(o *operator) error { + if eg != nil { + o.eg = eg + } + return nil + } +} diff --git a/pkg/index/operator/usecase/operator.go b/pkg/index/operator/usecase/operator.go new file mode 100644 index 0000000000..391ccca1e3 --- /dev/null +++ b/pkg/index/operator/usecase/operator.go @@ -0,0 +1,152 @@ +// Copyright (C) 2019-2024 vdaas.org vald team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package usecase + +import ( + "context" + + iconfig "github.com/vdaas/vald/internal/config" + "github.com/vdaas/vald/internal/errors" + "github.com/vdaas/vald/internal/net/grpc" + "github.com/vdaas/vald/internal/net/grpc/interceptor/server/recover" + "github.com/vdaas/vald/internal/observability" + "github.com/vdaas/vald/internal/runner" + "github.com/vdaas/vald/internal/safety" + "github.com/vdaas/vald/internal/servers/server" + "github.com/vdaas/vald/internal/servers/starter" + "github.com/vdaas/vald/internal/sync/errgroup" + "github.com/vdaas/vald/pkg/index/operator/config" + "github.com/vdaas/vald/pkg/index/operator/service" +) + +type run struct { + eg errgroup.Group + cfg *config.Data + observability observability.Observability + server starter.Server + operator service.Operator +} + +// New returns Runner instance. +func New(cfg *config.Data) (_ runner.Runner, err error) { + eg := errgroup.Get() + operator, err := service.New(cfg.Operator.AgentName) + if err != nil { + return nil, err + } + + srv, err := starter.New( + starter.WithConfig(cfg.Server), + starter.WithGRPC(func(cfg *iconfig.Server) []server.Option { + return []server.Option{ + server.WithGRPCOption( + grpc.ChainUnaryInterceptor(recover.RecoverInterceptor()), + grpc.ChainStreamInterceptor(recover.RecoverStreamInterceptor()), + ), + } + }), + ) + if err != nil { + return nil, err + } + + var obs observability.Observability + if cfg.Observability.Enabled { + obs, err = observability.NewWithConfig( + cfg.Observability, + ) + if err != nil { + return nil, err + } + } + + return &run{ + eg: eg, + cfg: cfg, + observability: obs, + server: srv, + operator: operator, + }, nil +} + +// PreStart is a method called before execution of Start, and it invokes the PreStart method of observability. +func (r *run) PreStart(ctx context.Context) error { + if r.observability != nil { + return r.observability.PreStart(ctx) + } + return nil +} + +// Start is a method used to initiate an operation in the run, and it returns a channel for receiving errors +// during the operation and an error representing any initialization errors. +func (r *run) Start(ctx context.Context) (<-chan error, error) { + ech := make(chan error, 3) //nolint: gomnd + var oech, dech, sech <-chan error + r.eg.Go(safety.RecoverFunc(func() (err error) { + defer close(ech) + if r.observability != nil { + oech = r.observability.Start(ctx) + } + dech, err = r.operator.Start(ctx) + if err != nil { + ech <- err + return err + } + + sech = r.server.ListenAndServe(ctx) + + for { + select { + case <-ctx.Done(): + return ctx.Err() + case err = <-oech: + case err = <-dech: + case err = <-sech: + } + if err != nil { + select { + case <-ctx.Done(): + return ctx.Err() + case ech <- err: + } + } + } + })) + return ech, nil +} + +// PreStop is a method called before execution of Stop. +func (*run) PreStop(_ context.Context) error { + return nil +} + +// Stop is a method used to stop an operation in the run. +func (r *run) Stop(ctx context.Context) (errs error) { + if r.observability != nil { + if err := r.observability.Stop(ctx); err != nil { + errs = errors.Join(errs, err) + } + } + if r.server != nil { + if err := r.server.Shutdown(ctx); err != nil { + errs = errors.Join(errs, err) + } + } + return errs +} + +// PtopStop is a method called after execution of Stop. +func (*run) PostStop(_ context.Context) error { + return nil +}