certManager:
+ ca:
+ commonName: ca.validation.victoriametrics
+ duration: 63800h0m0s
+ cert:
+ duration: 45800h0m0s
enabled: false
issuer: {}
enabled: true
@@ -285,12 +290,40 @@ tls:
admissionWebhooks.certManager
object
-enabled: false
+ca:
+ commonName: ca.validation.victoriametrics
+ duration: 63800h0m0s
+cert:
+ duration: 45800h0m0s
+enabled: false
issuer: {}
Enables custom ca bundle, if you are not using cert-manager. In case of custom ca, you have to create secret - {chart-name}-validation with keys: tls.key, tls.crt, ca.crt
+
+ admissionWebhooks.certManager.ca
+ object
+
+commonName: ca.validation.victoriametrics
+duration: 63800h0m0s
+
+
+Certificate Authority parameters
+
+
+ admissionWebhooks.certManager.cert
+ object
+
+duration: 45800h0m0s
+
+
+Certificate parameters
@@ -777,6 +810,17 @@ labels: {}
Pod’s security context. Details are here
+
+
+ priorityClassName
+ string
+
+""
+
+
+Name of Priority Class
diff --git a/charts/victoria-metrics-operator/templates/deployment.yaml b/charts/victoria-metrics-operator/templates/deployment.yaml
index 3e34b1f5c..ad6a30fe8 100644
--- a/charts/victoria-metrics-operator/templates/deployment.yaml
+++ b/charts/victoria-metrics-operator/templates/deployment.yaml
@@ -136,6 +136,9 @@ spec:
{{- with .Values.nodeSelector }}
nodeSelector: {{ toYaml . | nindent 8 }}
{{- end }}
+ {{- with .Values.priorityClassName }}
+ priorityClassName: {{ . }}
+ {{- end }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
{{- with .Values.lifecycle }}
lifecycle: {{ toYaml . | nindent 8 }}
diff --git a/charts/victoria-metrics-operator/templates/webhook.yaml b/charts/victoria-metrics-operator/templates/webhook.yaml
index 936152ae0..82c4f342b 100644
--- a/charts/victoria-metrics-operator/templates/webhook.yaml
+++ b/charts/victoria-metrics-operator/templates/webhook.yaml
@@ -66,10 +66,10 @@ metadata:
namespace: {{ $ns }}
spec:
secretName: {{ $fullname }}-root-ca
- duration: 63800h0m0s
+ duration: {{ .Values.admissionWebhooks.certManager.ca.duration }}
issuerRef:
name: {{ $fullname }}-root
- commonName: "ca.validation.victoriametrics"
+ commonName: {{ .Values.admissionWebhooks.certManager.ca.commonName }}
isCA: true
---
apiVersion: cert-manager.io/v1
@@ -90,7 +90,7 @@ metadata:
namespace: {{ $ns }}
spec:
secretName: {{ $fullname }}-validation
- duration: 45800h0m0s
+ duration: {{ .Values.admissionWebhooks.certManager.cert.duration }}
{{- $issuerRef := .Values.admissionWebhooks.certManager.issuer | default dict }}
{{- if empty $issuerRef }}
{{- $_ := set $issuerRef "name" (printf "%s-issuer" $fullname) }}
diff --git a/charts/victoria-metrics-operator/values.yaml b/charts/victoria-metrics-operator/values.yaml
index 5e8d00465..f390a178d 100644
--- a/charts/victoria-metrics-operator/values.yaml
+++ b/charts/victoria-metrics-operator/values.yaml
@@ -177,6 +177,9 @@ resources:
# -- Pod's node selector. Details are [here](https://kubernetes.io/docs/user-guide/node-selection/)
nodeSelector: {}
+# -- Name of Priority Class
+priorityClassName: ""
+
# -- Array of tolerations object. Spec is [here](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/)
tolerations: []
@@ -255,6 +258,13 @@ admissionWebhooks:
enabled: false
# --If needed, provide own issuer. Operator will create self-signed if empty.
issuer: {}
+ # -- Certificate Authority parameters
+ ca:
+ duration: 63800h0m0s
+ commonName: ca.validation.victoriametrics
+ # -- Certificate parameters
+ cert:
+ duration: 45800h0m0s
keepTLSSecret: true
# tls specifies TLS cert/key for the webhook
tls: