Skip to content

Configuration Catalog

This document describes all the Helm related configuration parameters that are used in WSO2 APK.

Version: 1.0.0 Type: application AppVersion: 1.16.0

A Helm chart for APK components

Requirements

Repository Name Version
https://charts.bitnami.com/bitnami postgresql 11.9.6
https://charts.bitnami.com/bitnami redis 17.8.0
https://charts.jetstack.io cert-manager v1.10.1

Values

Key Type Default Description
wso2.subscription.imagePullSecrets string "" Optionally specify image pull secrets.
wso2.apk.helmHooks.webhooksCleanupEnabled bool true Helm hooks for cleaning up webhooks before installing, upgrading and uninstalling
wso2.apk.webhooks.validatingwebhookconfigurations bool true
wso2.apk.webhooks.mutatingwebhookconfigurations bool true
wso2.apk.webhooks.conversionwebhookconfigurations bool true
wso2.apk.auth.enabled bool true Enable Service Account Creation
wso2.apk.auth.enableServiceAccountCreation bool true Enable Service Account Creation
wso2.apk.auth.enableClusterRoleCreation bool true Enable Cluster Role Creation
wso2.apk.auth.serviceAccountName string "wso2apk-platform" Service Account name
wso2.apk.auth.roleName string "wso2apk-role" Cluster Role name
wso2.apk.listener.hostname string "api.am.wso2.com" System api listener hostname
wso2.apk.listener.port int 9095 Gatewaylistener port
wso2.apk.listener.secretName string "system-api-listener-cert" System api listener certificates. If you are using a custom certificate.
wso2.apk.idp.issuer string "https://idp.am.wso2.com/token" IDP issuer value
wso2.apk.idp.usernameClaim string "sub"
wso2.apk.idp.scopeClaim string "scope" Optionally configure scope Claim in JWT.
wso2.apk.idp.organizationClaim string "organization" Optionally configure organization Claim in JWT.
wso2.apk.idp.organizationResolver string "none" Optionally configure organization Resolution method for APK (none)).
wso2.apk.idp.tls.configMapName string "" IDP public certificate configmap name
wso2.apk.idp.tls.secretName string "" IDP public certificate secret name
wso2.apk.idp.tls.fileName string "" IDP public certificate file name
wso2.apk.idp.signing.jwksEndpoint string "" IDP jwks endpoint (optional)
wso2.apk.idp.signing.configMapName string "" IDP jwt signing certificate configmap name
wso2.apk.idp.signing.secretName string "" IDP jwt signing certificate secret name
wso2.apk.idp.signing.fileName string "" IDP jwt signing certificate file name
wso2.apk.cp.enableApiPropagation bool false Enable controlplane connection
wso2.apk.cp.enabledSubscription bool false Enable controlplane connection for subscription
wso2.apk.cp.host string "apim-apk-agent-service.apk.svc.cluster.local" Hostname of the APK agent service
wso2.apk.cp.skipSSLVerification bool false Skip SSL verification
wso2.apk.cp.persistence object {"type":"K8s"} Provide persistence mode DB/K8s
wso2.apk.dp.enabled bool true Enable the deployment of the Data Plane
wso2.apk.dp.environment.name string "Development" Environment Name of the Data Plane
wso2.apk.dp.gatewayClass object {"name":"wso2-apk-default"} GatewayClass custom resource name
wso2.apk.dp.gateway.name string "wso2-apk-default" Gateway custom resource name
wso2.apk.dp.gateway.listener.hostname string "gw.wso2.com" Gateway Listener Hostname
wso2.apk.dp.gateway.listener.secretName string "" Gateway Listener Certificate Secret Name
wso2.apk.dp.gateway.listener.dns list ["*.gw.wso2.com","*.sandbox.gw.wso2.com","prod.gw.wso2.com"] DNS entries for gateway listener certificate
wso2.apk.dp.gateway.httpListener.enabled bool false HTTP listener enabled or not
wso2.apk.dp.gateway.httpListener.hostname string "api.am.wso2.com" HTTP listener hostname
wso2.apk.dp.gateway.httpListener.port int 9080 HTTP listener port
wso2.apk.dp.gateway.autoscaling.enabled bool false Enable autoscaling for Gateway
wso2.apk.dp.gateway.autoscaling.minReplicas int 1 Minimum number of replicas for Gateway
wso2.apk.dp.gateway.autoscaling.maxReplicas int 2 Maximum number of replicas for Gateway
wso2.apk.dp.gateway.autoscaling.targetMemory int 80 Target memory utilization percentage for Gateway
wso2.apk.dp.gateway.autoscaling.targetCPU int 80 Target CPU utilization percentage for Gateway
wso2.apk.dp.gateway.service object {"type":"LoadBalancer"} Kubernetes service type for Gateway
wso2.apk.dp.redis.type string "single" Redis type
wso2.apk.dp.redis.url string "redis-master:6379" Redis URL
wso2.apk.dp.redis.tls bool false TLS enabled
wso2.apk.dp.redis.auth.certificatesSecret string nil Redis ceritificate secret
wso2.apk.dp.redis.auth.secretKey string nil Redis secret key
wso2.apk.dp.redis.poolSize string nil Redis pool size
wso2.apk.dp.partitionServer.enabled bool false Enable partition server for Data Plane.
wso2.apk.dp.partitionServer.host string "" Partition Server Service URL
wso2.apk.dp.partitionServer.serviceBasePath string "/api/publisher/v1" Partition Server Service Base Path.
wso2.apk.dp.partitionServer.partitionName string "default" Partition Name.
wso2.apk.dp.partitionServer.tls.secretName string "managetment-server-cert" TLS secret name for Partition Server Public Certificate.
wso2.apk.dp.partitionServer.tls.fileName string "certificate.crt" TLS certificate file name.
wso2.apk.dp.configdeployer.enabled bool true
wso2.apk.dp.configdeployer.deployment.affinity object {"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["config-ds"]}]}}}]}} Configure Affinity for the deployment.
wso2.apk.dp.configdeployer.deployment.nodeSelector object {} Configure Node Selector for the deployment.
wso2.apk.dp.configdeployer.deployment.resources.requests.memory string "128Mi" CPU request for the container
wso2.apk.dp.configdeployer.deployment.resources.requests.cpu string "100m" Memory request for the container
wso2.apk.dp.configdeployer.deployment.resources.limits.memory string "1028Mi" CPU limit for the container
wso2.apk.dp.configdeployer.deployment.resources.limits.cpu string "1000m" Memory limit for the container
wso2.apk.dp.configdeployer.deployment.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.configdeployer.deployment.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.configdeployer.deployment.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.configdeployer.deployment.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.configdeployer.deployment.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.configdeployer.deployment.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.configdeployer.deployment.strategy string "RollingUpdate" Deployment strategy
wso2.apk.dp.configdeployer.deployment.replicas int 1 Number of replicas
wso2.apk.dp.configdeployer.deployment.imagePullPolicy string "Always" Image pull policy
wso2.apk.dp.configdeployer.deployment.image string "wso2/apk-config-deployer-service:1.2.0" Image
wso2.apk.dp.configdeployer.deployment.configs.authorization bool true Enable authorization for runtime api.
wso2.apk.dp.configdeployer.deployment.configs.baseUrl string "https://api.am.wso2.com:9095/api/runtime" Baseurl for runtime api.
wso2.apk.dp.configdeployer.deployment.configs.tls.secretName string "" TLS secret name for runtime public certificate.
wso2.apk.dp.configdeployer.deployment.configs.tls.certKeyFilename string "" TLS certificate file name.
wso2.apk.dp.configdeployer.deployment.configs.tls.certFilename string "" TLS certificate file name.
wso2.apk.dp.configdeployer.vhosts list [{"hosts":["gw.wso2.com"],"name":"default","type":"production"},{"hosts":["sandbox.gw.wso2.com"],"name":"default","type":"sandbox"}] List of vhosts
wso2.apk.dp.adapter.deployment.resources.requests.memory string "128Mi" CPU request for the container
wso2.apk.dp.adapter.deployment.resources.requests.cpu string "100m" Memory request for the container
wso2.apk.dp.adapter.deployment.resources.limits.memory string "1028Mi" CPU limit for the container
wso2.apk.dp.adapter.deployment.resources.limits.cpu string "1000m" Memory limit for the container
wso2.apk.dp.adapter.deployment.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.adapter.deployment.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.adapter.deployment.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.adapter.deployment.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.adapter.deployment.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.adapter.deployment.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.adapter.deployment.strategy string "RollingUpdate" Deployment strategy
wso2.apk.dp.adapter.deployment.replicas int 1 Number of replicas
wso2.apk.dp.adapter.deployment.imagePullPolicy string "Always" Image pull policy
wso2.apk.dp.adapter.deployment.image string "wso2/apk-adapter:1.2.0" Image
wso2.apk.dp.adapter.deployment.security.sslHostname string "adapter" Enable security for adapter.
wso2.apk.dp.adapter.deployment.affinity object {"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["adapter"]}]}}}]}} Configure Affinity for the deployment.
wso2.apk.dp.adapter.deployment.nodeSelector object {} Configure Node Selector for the deployment.
wso2.apk.dp.adapter.configs.apiNamespaces string nil Optionally configure namespaces to watch for apis.
wso2.apk.dp.adapter.configs.tls.secretName string "" TLS secret name for adapter public certificate.
wso2.apk.dp.adapter.configs.tls.certKeyFilename string "" TLS certificate file name.
wso2.apk.dp.adapter.configs.tls.certFilename string "" TLS certificate file name.
wso2.apk.dp.adapter.logging.level string "INFO" Optionally configure logging for adapter. LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC"
wso2.apk.dp.adapter.logging.logFile string "logs/adapter.log" Log file name
wso2.apk.dp.adapter.logging.logFormat string "TEXT" Log format can be "JSON", "TEXT"
wso2.apk.dp.commonController.deployment.resources.requests.memory string "128Mi" Memory request for the container
wso2.apk.dp.commonController.deployment.resources.requests.cpu string "100m" CPU request for the container
wso2.apk.dp.commonController.deployment.resources.limits.memory string "1028Mi" Memory limit for the container
wso2.apk.dp.commonController.deployment.resources.limits.cpu string "1000m" CPU limit for the container
wso2.apk.dp.commonController.deployment.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before readinessProbe probes are initiated.
wso2.apk.dp.commonController.deployment.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.commonController.deployment.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.commonController.deployment.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.commonController.deployment.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.commonController.deployment.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.commonController.deployment.strategy string "RollingUpdate" Deployment strategy
wso2.apk.dp.commonController.deployment.replicas int 1 Number of replicas
wso2.apk.dp.commonController.deployment.imagePullPolicy string "Always" Image pull policy
wso2.apk.dp.commonController.deployment.image string "wso2/apk-common-controller:1.2.0" Image
wso2.apk.dp.commonController.deployment.security.sslHostname string "commoncontroller" hostname for the common controller
wso2.apk.dp.commonController.deployment.configs.apiNamespaces list ["apk-v12"] Optionally configure namespaces to watch for apis,ratelimitpolicies,etc.
wso2.apk.dp.commonController.deployment.affinity object {"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["common-controller"]}]}}}]}} Configure Affinity for the deployment.
wso2.apk.dp.commonController.deployment.nodeSelector object {} Configure Node Selector for the deployment.
wso2.apk.dp.commonController.deployment.redis.host string "redis-master" Redis host
wso2.apk.dp.commonController.deployment.redis.port string "6379" Redis port
wso2.apk.dp.commonController.deployment.redis.username string "default" Redis user name
wso2.apk.dp.commonController.deployment.redis.password string "" Redis password
wso2.apk.dp.commonController.deployment.redis.tlsEnabled bool false Redis TLS enabled or not
wso2.apk.dp.commonController.deployment.redis.userCertPath string "/home/wso2/security/keystore/commoncontroller.crt" Redis user cert to use for redis connections
wso2.apk.dp.commonController.deployment.redis.userKeyPath string "/home/wso2/security/keystore/commoncontroller.key" Redis user key to use for redis connections
wso2.apk.dp.commonController.deployment.redis.cACertPath string "/home/wso2/security/keystore/commoncontroller.crt" Redis CA cert to use for redis connections
wso2.apk.dp.commonController.deployment.redis.channelName string "wso2-apk-revoked-tokens-channel" Token revocation subscription channel name
wso2.apk.dp.commonController.deployment.database.enabled bool false Enable Database mode for persistence
wso2.apk.dp.commonController.deployment.database.name string "DATAPLANE" name of the database containing controlplane data for the use of dataplane
wso2.apk.dp.commonController.deployment.database.host string "wso2apk-db-service.apk"
wso2.apk.dp.commonController.deployment.database.port int 5432
wso2.apk.dp.commonController.deployment.database.username string "wso2carbon"
wso2.apk.dp.commonController.deployment.database.password string "wso2carbon"
wso2.apk.dp.commonController.deployment.database.poolOptions.poolMaxConns int 4
wso2.apk.dp.commonController.deployment.database.poolOptions.poolMinConns int 0
wso2.apk.dp.commonController.deployment.database.poolOptions.poolMaxConnLifetime string "1h"
wso2.apk.dp.commonController.deployment.database.poolOptions.poolMaxConnIdleTime string "1h"
wso2.apk.dp.commonController.deployment.database.poolOptions.poolHealthCheckPeriod string "1m"
wso2.apk.dp.commonController.deployment.database.poolOptions.poolMaxConnLifetimeJitter string "1s"
wso2.apk.dp.commonController.logging.level string "INFO" Optionally configure logging for common controller. LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC"
wso2.apk.dp.commonController.logging.logFormat string "TEXT" Log format can be "JSON", "TEXT"
wso2.apk.dp.ratelimiter.enabled bool true Enable the deployment of the Rate Limiter
wso2.apk.dp.ratelimiter.deployment.resources.requests.memory string "128Mi" CPU request for the container
wso2.apk.dp.ratelimiter.deployment.resources.requests.cpu string "100m" Memory request for the container
wso2.apk.dp.ratelimiter.deployment.resources.limits.memory string "1028Mi" CPU limit for the container
wso2.apk.dp.ratelimiter.deployment.resources.limits.cpu string "1000m" Memory limit for the container
wso2.apk.dp.ratelimiter.deployment.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.ratelimiter.deployment.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.ratelimiter.deployment.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.ratelimiter.deployment.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.ratelimiter.deployment.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.ratelimiter.deployment.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.ratelimiter.deployment.strategy string "RollingUpdate" Deployment strategy
wso2.apk.dp.ratelimiter.deployment.replicas int 1 Number of replicas
wso2.apk.dp.ratelimiter.deployment.imagePullPolicy string "Always" Image pull policy
wso2.apk.dp.ratelimiter.deployment.image string "wso2/apk-ratelimiter:1.2.0" Image
wso2.apk.dp.ratelimiter.deployment.security.sslHostname string "ratelimiter" hostname for the rate limiter
wso2.apk.dp.ratelimiter.deployment.configs.tls.secretName string "ratelimiter-cert" TLS secret name for rate limiter public certificate.
wso2.apk.dp.ratelimiter.deployment.configs.tls.certKeyFilename string "" TLS certificate file name.
wso2.apk.dp.ratelimiter.deployment.configs.tls.certFilename string "" TLS certificate file name.
wso2.apk.dp.ratelimiter.deployment.configs.tls.certCAFilename string "" TLS CA certificate file name.
wso2.apk.dp.ratelimiter.deployment.affinity object {"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["rate-limiter"]}]}}}]}} Configure Affinity for the deployment.
wso2.apk.dp.ratelimiter.deployment.nodeSelector object {} Configure Node Selector for the deployment.
wso2.apk.dp.gatewayRuntime.service.annotations string nil Gateway service related annotations.
wso2.apk.dp.gatewayRuntime.deployment.replicas int 1 Number of replicas
wso2.apk.dp.gatewayRuntime.deployment.nodeSelector object {} Configure Node Selector for the deployment.
wso2.apk.dp.gatewayRuntime.deployment.affinity object {"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["gateway-runtime"]}]}}}]}} Configure Affinity for the deployment.
wso2.apk.dp.gatewayRuntime.deployment.router.resources.requests.memory string "128Mi" CPU request for the container
wso2.apk.dp.gatewayRuntime.deployment.router.resources.requests.cpu string "100m" Memory request for the container
wso2.apk.dp.gatewayRuntime.deployment.router.resources.limits.memory string "1028Mi" CPU limit for the container
wso2.apk.dp.gatewayRuntime.deployment.router.resources.limits.cpu string "1000m" Memory limit for the container
wso2.apk.dp.gatewayRuntime.deployment.router.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.gatewayRuntime.deployment.router.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.gatewayRuntime.deployment.router.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.gatewayRuntime.deployment.router.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.gatewayRuntime.deployment.router.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.gatewayRuntime.deployment.router.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.gatewayRuntime.deployment.router.strategy string "RollingUpdate" Deployment strategy
wso2.apk.dp.gatewayRuntime.deployment.router.imagePullPolicy string "Always" Image pull policy
wso2.apk.dp.gatewayRuntime.deployment.router.image string "wso2/apk-router:1.2.0" Image
wso2.apk.dp.gatewayRuntime.deployment.router.configs.enforcerResponseTimeoutInSeconds int 20 The timeout for response coming from enforcer to route per API request
wso2.apk.dp.gatewayRuntime.deployment.router.configs.useRemoteAddress bool false If configured true, router appends the immediate downstream ip address to the x-forward-for header
wso2.apk.dp.gatewayRuntime.deployment.router.configs.systemHost string "localhost" System hostname for system API resources (eg: /testkey and /health)
wso2.apk.dp.gatewayRuntime.deployment.router.configs.enableIntelligentRouting bool false Enable Semantic Versioning based Intelligent Routing for Gateway
wso2.apk.dp.gatewayRuntime.deployment.router.configs.tls.secretName string "router-cert" TLS secret name for router public certificate.
wso2.apk.dp.gatewayRuntime.deployment.router.configs.tls.certKeyFilename string "" TLS certificate file name.
wso2.apk.dp.gatewayRuntime.deployment.router.configs.tls.certFilename string "" TLS certificate file name.
wso2.apk.dp.gatewayRuntime.deployment.router.configs.upstream.tls.verifyHostName bool true Enable/Disable Verifying host name
wso2.apk.dp.gatewayRuntime.deployment.router.configs.upstream.tls.disableSslVerification bool false Disable SSL verification
wso2.apk.dp.gatewayRuntime.deployment.router.configs.upstream.dns.dnsRefreshRate int 5000 DNS refresh rate in miliseconds
wso2.apk.dp.gatewayRuntime.deployment.router.configs.upstream.dns.respectDNSTtl bool false set cluster’s DNS refresh rate to resource record’s TTL which comes from DNS resolution
wso2.apk.dp.gatewayRuntime.deployment.router.logging.wireLogs object {"enable":true} Optionally configure logging for router.
wso2.apk.dp.gatewayRuntime.deployment.router.logging.wireLogs.enable bool true Enable wire logs for router.
wso2.apk.dp.gatewayRuntime.deployment.router.logging.accessLogs.enable bool true Enable access logs for router.
wso2.apk.dp.gatewayRuntime.deployment.router.logging.accessLogs.logfile string "/tmp/envoy.access.log" Log file name
wso2.apk.dp.gatewayRuntime.deployment.enforcer.resources.requests.memory string "128Mi" CPU request for the container
wso2.apk.dp.gatewayRuntime.deployment.enforcer.resources.requests.cpu string "100m" Memory request for the container
wso2.apk.dp.gatewayRuntime.deployment.enforcer.resources.limits.memory string "1028Mi" CPU limit for the container
wso2.apk.dp.gatewayRuntime.deployment.enforcer.resources.limits.cpu string "1000m" Memory limit for the container
wso2.apk.dp.gatewayRuntime.deployment.enforcer.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.strategy string "RollingUpdate" Deployment strategy
wso2.apk.dp.gatewayRuntime.deployment.enforcer.imagePullPolicy string "Always" Image pull policy
wso2.apk.dp.gatewayRuntime.deployment.enforcer.image string "wso2/apk-enforcer:1.2.0" Image
wso2.apk.dp.gatewayRuntime.deployment.enforcer.security.sslHostname string "enforcer" hostname for the enforcer
wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls.secretName string "" TLS secret name for enforcer public certificate.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls.certKeyFilename string "" TLS certificate file name.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls.certFilename string "" TLS certificate file name.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.authService object {"keepAliveTime":600,"maxHeaderLimit":8192,"maxMessageSize":1000000000,"threadPool":{"coreSize":400,"keepAliveTime":600,"maxSize":1000,"queueSize":2000}} The configurations of gRPC netty based server in Enforcer that handles the incoming requests from ext_authz
wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.mandateSubscriptionValidation bool false Specifies whether subscription validation is mandated for all APIs.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.mandateInternalKeyValidation bool false Specifies whether Internal-Key validation is mandated for all APIs.
wso2.apk.dp.gatewayRuntime.deployment.enforcer.logging.level string "DEBUG" Log level can be one of DEBUG, INFO, WARN, ERROR, OFF
wso2.apk.dp.gatewayRuntime.deployment.enforcer.logging.logFile string "logs/enforcer.log" Log file name
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.host string "redis-master" Redis host
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.port string "6379" Redis port
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.username string "default" Redis user name
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.password string "" Redis password
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.tlsEnabled bool false Redis TLS enabled or not
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.userCertPath string "/home/wso2/security/keystore/commoncontroller.crt"
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.userKeyPath string "/home/wso2/security/keystore/commoncontroller.key" Redis user key to use for redis connections
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.cACertPath string "/home/wso2/security/keystore/commoncontroller.crt" Redis CA cert to use for redis connections
wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.channelName string "wso2-apk-revoked-tokens-channel" Token revocation subscription channel name
wso2.apk.dp.gatewayRuntime.tracing.enabled bool true Enable/Disable tracing in gateway runtime.
wso2.apk.dp.gatewayRuntime.tracing.type string "zipkin" Type of tracer exporter (e.g: azure, zipkin). Use zipkin type for Jaeger as well.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.host string "jaeger" Jaeger/Zipkin host.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.port string "9411" Jaeger/Zipkin port.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.endpoint string "/api/v2/spans" Jaeger/Zipkin collector endpoint path.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.instrumentationName string "APK" Library Name to be tagged in traces (otel.library.name).
wso2.apk.dp.gatewayRuntime.tracing.configProperties.maximumTracesPerSecond string "2" Maximum number of sampled traces per second string.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.maxPathLength string "256" Maximum length of the request path to extract and include in the HttpUrl tag.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.connectionString string "https://otlp.nr-data.net" New Relic OTLP gRPC collector endpoint.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.authHeaderName string "api-key" Auth header name.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.authHeaderValue string "<INGEST_LICENSE_KEY>" Auth header value.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.connectionTimeout string "20" Connection timeout for the otlp service.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.tls.enabled bool true Enable/Disable TLS for the otlp service.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.tls.secretName string "ratelimiter-cert" TLS certificate file name.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.tls.certFilename string "" TLS certificate file name.
wso2.apk.dp.gatewayRuntime.tracing.configProperties.tls.certCAFilename string "" TLS certificate file name.
wso2.apk.dp.gatewayRuntime.analytics.enabled bool true Enable/Disable analytics in gateway runtime.
wso2.apk.dp.gatewayRuntime.analytics.publishers list [{"enabled":true,"secretName":"choreo-analytics-secret","type":"default"},{"enabled":true,"type":"elk"},{"enabled":true,"secretName":"moesif-secret","type":"moesif"}] Analytics Publishers
wso2.apk.dp.gatewayRuntime.analytics.publishers[0] object {"enabled":true,"secretName":"choreo-analytics-secret","type":"default"} Enable/Disable Choreo Analytics publishing.
wso2.apk.dp.gatewayRuntime.analytics.publishers[0].type string "default" Type for Choreo Analytics.
wso2.apk.dp.gatewayRuntime.analytics.publishers[0].secretName string "choreo-analytics-secret" User generated secret name containing the on-prem key for Choreo.
wso2.apk.dp.gatewayRuntime.analytics.publishers[1].type string "elk" Type for ELK Analytics.
wso2.apk.dp.gatewayRuntime.analytics.publishers[2].type string "moesif" Type for Moesif Analytics.
wso2.apk.dp.gatewayRuntime.analytics.publishers[2].secretName string "moesif-secret" User generated secret name containing the Collector Application ID for Moesif.
wso2.apk.dp.gatewayRuntime.analytics.logFileName string "logs/enforcer_analytics.log" Optional: File name of the log file.
wso2.apk.dp.gatewayRuntime.analytics.logLevel string "INFO" Optional: Log level the analytics data. Can be one of DEBUG, INFO, WARN, ERROR, OFF.
wso2.apk.dp.gatewayRuntime.analytics.receiver object {"keepAliveTime":600,"maxHeaderLimit":8192,"maxMessageSize":1000000000,"threadPool":{"coreSize":10,"keepAliveTime":600,"maxSize":100,"queueSize":1000}} gRPC access log service within Enforcer
wso2.apk.dp.gatewayRuntime.analytics.receiver.maxMessageSize int 1000000000 Maximum message size in bytes
wso2.apk.dp.gatewayRuntime.analytics.receiver.maxHeaderLimit int 8192 Maximum header size in bytes
wso2.apk.dp.gatewayRuntime.analytics.receiver.keepAliveTime int 600 Keep alive time of gRPC access log connection
wso2.apk.dp.gatewayRuntime.analytics.receiver.threadPool object {"coreSize":10,"keepAliveTime":600,"maxSize":100,"queueSize":1000} Thread pool configuration for gRPC access log server
wso2.apk.dp.gatewayRuntime.analytics.receiver.threadPool.coreSize int 10 Minimum number of workers to keep alive
wso2.apk.dp.gatewayRuntime.analytics.receiver.threadPool.maxSize int 100 Maximum pool size
wso2.apk.dp.gatewayRuntime.analytics.receiver.threadPool.keepAliveTime int 600 Timeout in seconds for idle threads waiting for work
wso2.apk.dp.gatewayRuntime.analytics.receiver.threadPool.queueSize int 1000 Queue size of the worker threads
wso2.apk.metrics.enabled bool false Enable Prometheus metrics
wso2.apk.metrics.configDSBalHost string "0.0.0.0" Configure the host for exposing the config ds ballerina metrics
wso2.apk.metrics.idpDSBalHost string "0.0.0.0" Configure the host for exposing the idp ds ballerina metrics.
wso2.apk.metrics.statsd object {"image":{"repository":"prom/statsd-exporter","tag":"v0.26.0"},"imagePullPolicy":"IfNotPresent","resources":{"limits":{"memory":"128Mi"},"requests":{"cpu":0.1,"memory":"64Mi"}}} Statsd is required to expose metrics from ratelimiter
idp.enabled bool true Enable Non production identity server
idp.listener.hostname string "idp.am.wso2.com" identity server hostname
idp.listener.secretName string "idp-tls" identity server certificate
idp.database.driver string "org.postgresql.Driver" identity server database driver
idp.database.url string "jdbc:postgresql://wso2apk-db-service:5432/WSO2AM_DB" identity server database url
idp.database.host string "wso2apk-db-service" identity server database host
idp.database.port int 5432 identity server database port
idp.database.databaseName string "WSO2AM_DB" identity server database name
idp.database.username string "wso2carbon" identity server database username
idp.database.secretName string "apk-db-secret" identity server database password secret name
idp.database.secretKey string "DB_PASSWORD" identity server database password secret key
idp.database.validationQuery string "SELECT 1" identity server database validation query
idp.database.validationTimeout int 250 identity server database validation timeout
idp.idpds.config.issuer string "https://idp.am.wso2.com/token" identity server issuer url
idp.idpds.config.keyId string "gateway_certificate_alias" identity server keyId
idp.idpds.config.hostname string "idp.am.wso2.com" identity server hostname.
idp.idpds.config.loginPageURl string "https://idp.am.wso2.com:9095/authenticationEndpoint/login" identity server login page url
idp.idpds.config.loginErrorPageUrl string "https://idp.am.wso2.com:9095/authenticationEndpoint/error" identity server login error page url
idp.idpds.config.loginCallBackURl string "https://idp.am.wso2.com:9095/authenticationEndpoint/login-callback" identity server login callback page url
idp.idpds.deployment.resources.requests.memory string "128Mi" CPU request for the container
idp.idpds.deployment.resources.requests.cpu string "100m" Memory request for the container
idp.idpds.deployment.resources.limits.memory string "1028Mi" CPU limit for the container
idp.idpds.deployment.resources.limits.cpu string "1000m" Memory limit for the container
idp.idpds.deployment.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
idp.idpds.deployment.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
idp.idpds.deployment.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
idp.idpds.deployment.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
idp.idpds.deployment.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
idp.idpds.deployment.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
idp.idpds.deployment.strategy string "RollingUpdate" Deployment strategy
idp.idpds.deployment.replicas int 1 Number of replicas
idp.idpds.deployment.imagePullPolicy string "Always" Image pull policy
idp.idpds.deployment.image string "wso2/apk-idp-domain-service:1.2.0" Image
idp.idpui.deployment.resources.requests.memory string "128Mi" CPU request for the container
idp.idpui.deployment.resources.requests.cpu string "100m" Memory request for the container
idp.idpui.deployment.resources.limits.memory string "1028Mi" CPU limit for the container
idp.idpui.deployment.resources.limits.cpu string "1000m" Memory limit for the container
idp.idpui.deployment.readinessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
idp.idpui.deployment.readinessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
idp.idpui.deployment.readinessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
idp.idpui.deployment.livenessProbe.initialDelaySeconds int 20 Number of seconds after the container has started before liveness probes are initiated.
idp.idpui.deployment.livenessProbe.periodSeconds int 20 How often (in seconds) to perform the probe.
idp.idpui.deployment.livenessProbe.failureThreshold int 5 Minimum consecutive failures for the probe to be considered failed after having succeeded.
idp.idpui.deployment.strategy string "RollingUpdate" Deployment strategy
idp.idpui.deployment.replicas int 1 Number of replicas
idp.idpui.deployment.imagePullPolicy string "Always" Image pull policy
idp.idpui.deployment.image string "wso2/apk-idp-ui:1.2.0" Image
idp.idpui.configs.idpLoginUrl string "https://idp.am.wso2.com:9095/commonauth/login" identity server Login URL
idp.idpui.configs.idpAuthCallBackUrl string "https://idp.am.wso2.com:9095/oauth2/auth-callback" identity server authCallBackUrl
gatewaySystem.enabled bool true Enable gateway system to install gateway system components
gatewaySystem.enableServiceAccountCreation bool true
gatewaySystem.enableClusterRoleCreation bool true
gatewaySystem.serviceAccountName string "gateway-api-admission"
gatewaySystem.applyGatewayWehbhookJobs bool true
gatewaySystem.deployment.image string "registry.k8s.io/gateway-api/admission-server:v1.0.0"
gatewaySystem.deployment.imagePullPolicy string "Always"
gatewaySystem.deployment.affinity object {"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/app","operator":"In","values":["gateway-api-ad-server"]}]}}}]}} Configure Affinity for the deployment.
gatewaySystem.deployment.nodeSelector object {} Configure Node Selector for the deployment.
certmanager.enabled bool true Enable certificate manager to generate certificates
certmanager.enableClusterIssuer bool true Enable cluster issuer to generate certificates
certmanager.enableRootCa bool true Enable root CA to generate certificates
certmanager.rootCaSecretName string "apk-root-certificate" Enable CA certificate secret name.
certmanager.listeners.issuerName string "selfsigned-issuer" Issuer name
certmanager.listeners.issuerKind string "ClusterIssuer" Issuer kind
certmanager.servers.issuerName string "selfsigned-issuer" Issuer name
certmanager.servers.issuerKind string "ClusterIssuer" Issuer kind
postgresql.enabled bool true Enable postgresql database
postgresql.fullnameOverride string "wso2apk-db-service" String to fully override common.names.fullname template
postgresql.auth.database string "WSO2AM_DB" Name for a custom database to create
postgresql.auth.postgresPassword string "wso2carbon" Password for the "postgres" admin user. Ignored if auth.existingSecret is provided
postgresql.auth.username string "wso2carbon" Name for a custom user to create
postgresql.auth.password string "wso2carbon" Password for the custom user to create. Ignored if auth.existingSecret is provided
postgresql.primary.extendedConfiguration string "max_connections = 400\n" Extended PostgreSQL Primary configuration (appended to main or default configuration)
postgresql.primary.initdb.scriptsConfigMap string "postgres-initdb-scripts-configmap" ConfigMap with PostgreSQL initialization scripts
postgresql.primary.initdb.user string "wso2carbon" Specify the PostgreSQL username to execute the initdb scripts
postgresql.primary.initdb.password string "wso2carbon" Specify the PostgreSQL password to execute the initdb scripts
postgresql.primary.service.ports.postgresql int 5432 PostgreSQL service port
postgresql.primary.podSecurityContext.enabled bool true Enable pod security context
postgresql.primary.podSecurityContext.fsGroup string nil Pod security context fsGroup
postgresql.primary.podSecurityContext.runAsNonRoot bool true Pod security context runAsNonRoot
postgresql.primary.podSecurityContext.seccompProfile.type string "RuntimeDefault" Pod security context seccomp profile type
postgresql.primary.containerSecurityContext.enabled bool true Enable container security context
postgresql.primary.containerSecurityContext.allowPrivilegeEscalation bool false Container security context allow privilege escalation
postgresql.primary.containerSecurityContext.capabilities.drop list ["ALL"] Container security context capabilities drop
postgresql.primary.containerSecurityContext.runAsUser string nil Container security context runAsUser
redis.enabled bool true Enable redis
redis.architecture string "standalone" Redis® architecture. Allowed values: standalone or replication.
redis.fullnameOverride string "redis" String to fully override common.names.fullname template
redis.primary.service.ports.redis int 6379 Redis service port
redis.master.podSecurityContext.enabled bool true Enable pod security context
redis.master.podSecurityContext.fsGroup string nil Pod security context fsGroup
redis.master.podSecurityContext.runAsNonRoot bool true Pod security context runAsNonRoot
redis.master.podSecurityContext.seccompProfile.type string "RuntimeDefault" Pod security context seccomp profile type
redis.master.containerSecurityContext.enabled bool true Enable container security context
redis.master.containerSecurityContext.allowPrivilegeEscalation bool false Container security context allow privilege escalation
redis.master.containerSecurityContext.capabilities.drop list ["ALL"] Container security context capabilities drop
redis.master.containerSecurityContext.runAsUser string nil Container security context runAsUser
redis.auth.enabled bool false Enable password authentication
skipCrds bool false Skip generate of CRD templates

Autogenerated from chart metadata using helm-docs v1.11.0