mirror of https://github.com/apache/superset.git
877 lines
30 KiB
YAML
877 lines
30 KiB
YAML
#
|
|
# Licensed to the Apache Software Foundation (ASF) under one or more
|
|
# contributor license agreements. See the NOTICE file distributed with
|
|
# this work for additional information regarding copyright ownership.
|
|
# The ASF licenses this file to You under the Apache License, Version 2.0
|
|
# (the "License"); you may not use this file except in compliance with
|
|
# the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
|
|
# Default values for superset.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# A README is automatically generated from this file to document it, using helm-docs (see https://github.com/norwoodj/helm-docs)
|
|
# To update it, install helm-docs and run helm-docs from the root of this chart
|
|
|
|
# -- Provide a name to override the name of the chart
|
|
nameOverride: ~
|
|
# -- Provide a name to override the full names of resources
|
|
fullnameOverride: ~
|
|
|
|
# -- User ID directive. This user must have enough permissions to run the bootstrap script
|
|
# Running containers as root is not recommended in production. Change this to another UID - e.g. 1000 to be more secure
|
|
runAsUser: 0
|
|
|
|
# -- Specify rather or not helm should create the secret described in `secret-env.yaml` template
|
|
secretEnv:
|
|
# -- Change to false in order to support externally created secret (Binami "Sealed Secrets" for Kubernetes or External Secrets Operator)
|
|
# note: when externally creating the secret, the chart still expects to pull values from a secret with the name of the release defaults to `release-name-superset-env` - full logic located in _helpers.tpl file: `define "superset.fullname"`
|
|
create: true
|
|
|
|
# -- Specify service account name to be used
|
|
serviceAccountName: ~
|
|
serviceAccount:
|
|
# -- Create custom service account for Superset. If create: true and serviceAccountName is not provided, `superset.fullname` will be used.
|
|
create: false
|
|
annotations: {}
|
|
|
|
# -- Install additional packages and do any other bootstrap configuration in this script
|
|
# For production clusters it's recommended to build own image with this step done in CI
|
|
# @default -- see `values.yaml`
|
|
bootstrapScript: |
|
|
#!/bin/bash
|
|
if [ ! -f ~/bootstrap ]; then echo "Running Superset with uid {{ .Values.runAsUser }}" > ~/bootstrap; fi
|
|
|
|
# -- The name of the secret which we will use to generate a superset_config.py file
|
|
# Note: this secret must have the key superset_config.py in it and can include other files as well
|
|
configFromSecret: '{{ template "superset.fullname" . }}-config'
|
|
|
|
# -- The name of the secret which we will use to populate env vars in deployed pods
|
|
# This can be useful for secret keys, etc.
|
|
envFromSecret: '{{ template "superset.fullname" . }}-env'
|
|
# -- This can be a list of templated strings
|
|
envFromSecrets: []
|
|
|
|
# -- Extra environment variables that will be passed into pods
|
|
extraEnv: {}
|
|
# Different gunicorn settings, refer to the gunicorn documentation
|
|
# https://docs.gunicorn.org/en/stable/settings.html#
|
|
# These variables are used as Flags at the gunicorn startup
|
|
# https://github.com/apache/superset/blob/master/docker/run-server.sh#L22
|
|
# Extend timeout to allow long running queries.
|
|
# GUNICORN_TIMEOUT: 300
|
|
# Increase the gunicorn worker amount, can improve performance drastically
|
|
# See: https://docs.gunicorn.org/en/stable/design.html#how-many-workers
|
|
# SERVER_WORKER_AMOUNT: 4
|
|
# WORKER_MAX_REQUESTS: 0
|
|
# WORKER_MAX_REQUESTS_JITTER: 0
|
|
# SERVER_THREADS_AMOUNT: 20
|
|
# GUNICORN_KEEPALIVE: 2
|
|
# SERVER_LIMIT_REQUEST_LINE: 0
|
|
# SERVER_LIMIT_REQUEST_FIELD_SIZE: 0
|
|
|
|
# OAUTH_HOME_DOMAIN: ..
|
|
# # If a whitelist is not set, any address that can use your OAuth2 endpoint will be able to login.
|
|
# # this includes any random Gmail address if your OAuth2 Web App is set to External.
|
|
# OAUTH_WHITELIST_REGEX: ...
|
|
|
|
# -- Extra environment variables in RAW format that will be passed into pods
|
|
extraEnvRaw: []
|
|
# Load DB password from other secret (e.g. for zalando operator)
|
|
# - name: DB_PASS
|
|
# valueFrom:
|
|
# secretKeyRef:
|
|
# name: superset.superset-postgres.credentials.postgresql.acid.zalan.do
|
|
# key: password
|
|
|
|
# -- Extra environment variables to pass as secrets
|
|
extraSecretEnv: {}
|
|
# MAPBOX_API_KEY: ...
|
|
# # Google API Keys: https://console.cloud.google.com/apis/credentials
|
|
# GOOGLE_KEY: ...
|
|
# GOOGLE_SECRET: ...
|
|
# # Generate your own secret key for encryption. Use openssl rand -base64 42 to generate a good key
|
|
# SUPERSET_SECRET_KEY: 'CHANGE_ME_TO_A_COMPLEX_RANDOM_SECRET'
|
|
|
|
# -- Extra files to mount on `/app/pythonpath`
|
|
extraConfigs: {}
|
|
# import_datasources.yaml: |
|
|
# databases:
|
|
# - allow_file_upload: true
|
|
# allow_ctas: true
|
|
# allow_cvas: true
|
|
# database_name: example-db
|
|
# extra: "{\r\n \"metadata_params\": {},\r\n \"engine_params\": {},\r\n \"\
|
|
# metadata_cache_timeout\": {},\r\n \"schemas_allowed_for_file_upload\": []\r\n\
|
|
# }"
|
|
# sqlalchemy_uri: example://example-db.local
|
|
# tables: []
|
|
|
|
# -- Extra files to mount on `/app/pythonpath` as secrets
|
|
extraSecrets: {}
|
|
|
|
extraVolumes: []
|
|
# - name: customConfig
|
|
# configMap:
|
|
# name: '{{ template "superset.fullname" . }}-custom-config'
|
|
# - name: additionalSecret
|
|
# secret:
|
|
# secretName: my-secret
|
|
# defaultMode: 0600
|
|
|
|
extraVolumeMounts: []
|
|
# - name: customConfig
|
|
# mountPath: /mnt/config
|
|
# readOnly: true
|
|
# - name: additionalSecret:
|
|
# mountPath: /mnt/secret
|
|
|
|
# -- A dictionary of overrides to append at the end of superset_config.py - the name does not matter
|
|
# WARNING: the order is not guaranteed
|
|
# Files can be passed as helm --set-file configOverrides.my-override=my-file.py
|
|
configOverrides: {}
|
|
# extend_timeout: |
|
|
# # Extend timeout to allow long running queries.
|
|
# SUPERSET_WEBSERVER_TIMEOUT = ...
|
|
# enable_oauth: |
|
|
# from flask_appbuilder.security.manager import (AUTH_DB, AUTH_OAUTH)
|
|
# AUTH_TYPE = AUTH_OAUTH
|
|
# OAUTH_PROVIDERS = [
|
|
# {
|
|
# "name": "google",
|
|
# "whitelist": [ os.getenv("OAUTH_WHITELIST_REGEX", "") ],
|
|
# "icon": "fa-google",
|
|
# "token_key": "access_token",
|
|
# "remote_app": {
|
|
# "client_id": os.environ.get("GOOGLE_KEY"),
|
|
# "client_secret": os.environ.get("GOOGLE_SECRET"),
|
|
# "api_base_url": "https://www.googleapis.com/oauth2/v2/",
|
|
# "client_kwargs": {"scope": "email profile"},
|
|
# "request_token_url": None,
|
|
# "access_token_url": "https://accounts.google.com/o/oauth2/token",
|
|
# "authorize_url": "https://accounts.google.com/o/oauth2/auth",
|
|
# "authorize_params": {"hd": os.getenv("OAUTH_HOME_DOMAIN", "")}
|
|
# }
|
|
# }
|
|
# ]
|
|
# # Map Authlib roles to superset roles
|
|
# AUTH_ROLE_ADMIN = 'Admin'
|
|
# AUTH_ROLE_PUBLIC = 'Public'
|
|
# # Will allow user self registration, allowing to create Flask users from Authorized User
|
|
# AUTH_USER_REGISTRATION = True
|
|
# # The default user self registration role
|
|
# AUTH_USER_REGISTRATION_ROLE = "Admin"
|
|
# secret: |
|
|
# # Generate your own secret key for encryption. Use `openssl rand -base64 42` to generate a good key
|
|
# SECRET_KEY = 'CHANGE_ME_TO_A_COMPLEX_RANDOM_SECRET'
|
|
|
|
# -- Same as above but the values are files
|
|
configOverridesFiles: {}
|
|
# extend_timeout: extend_timeout.py
|
|
# enable_oauth: enable_oauth.py
|
|
|
|
configMountPath: "/app/pythonpath"
|
|
|
|
extraConfigMountPath: "/app/configs"
|
|
|
|
image:
|
|
repository: apachesuperset.docker.scarf.sh/apache/superset
|
|
tag: ~
|
|
pullPolicy: IfNotPresent
|
|
|
|
imagePullSecrets: []
|
|
|
|
initImage:
|
|
repository: apache/superset
|
|
tag: dockerize
|
|
pullPolicy: IfNotPresent
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 8088
|
|
annotations: {}
|
|
# cloud.google.com/load-balancer-type: "Internal"
|
|
loadBalancerIP: ~
|
|
nodePort:
|
|
# -- (int)
|
|
http: nil
|
|
|
|
ingress:
|
|
enabled: false
|
|
ingressClassName: ~
|
|
annotations: {}
|
|
# kubernetes.io/tls-acme: "true"
|
|
## Extend timeout to allow long running queries.
|
|
# nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
|
|
# nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
|
|
# nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
|
|
path: /
|
|
pathType: ImplementationSpecific
|
|
hosts:
|
|
- chart-example.local
|
|
tls: []
|
|
extraHostsRaw: []
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - chart-example.local
|
|
|
|
resources: {}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# The limits below will apply to all Superset components. To set individual resource limitations refer to the pod specific values below.
|
|
# The pod specific values will overwrite anything that is set here.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
# -- Custom hostAliases for all superset pods
|
|
## https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/
|
|
hostAliases: []
|
|
# - hostnames:
|
|
# - nodns.my.lan
|
|
# ip: 18.27.36.45
|
|
|
|
# Superset node configuration
|
|
supersetNode:
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 100
|
|
targetCPUUtilizationPercentage: 80
|
|
# targetMemoryUtilizationPercentage: 80
|
|
# -- Sets the [pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) for supersetNode pods
|
|
podDisruptionBudget:
|
|
# -- Whether the pod disruption budget should be created
|
|
enabled: false
|
|
# -- If set, maxUnavailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
minAvailable: 1
|
|
# -- If set, minAvailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
maxUnavailable: 1
|
|
|
|
# -- Startup command
|
|
# @default -- See `values.yaml`
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- ". {{ .Values.configMountPath }}/superset_bootstrap.sh; /usr/bin/run-server.sh"
|
|
connections:
|
|
# -- Change in case of bringing your own redis and then also set redis.enabled:false
|
|
redis_host: '{{ .Release.Name }}-redis-headless'
|
|
redis_port: "6379"
|
|
redis_user: ""
|
|
# redis_password: superset
|
|
redis_cache_db: "1"
|
|
redis_celery_db: "0"
|
|
# Or SSL port is usually 6380
|
|
# Update following for using Redis with SSL
|
|
redis_ssl:
|
|
enabled: false
|
|
ssl_cert_reqs: CERT_NONE
|
|
# You need to change below configuration incase bringing own PostgresSQL instance and also set postgresql.enabled:false
|
|
db_host: '{{ .Release.Name }}-postgresql'
|
|
db_port: "5432"
|
|
db_user: superset
|
|
db_pass: superset
|
|
db_name: superset
|
|
env: {}
|
|
# -- If true, forces deployment to reload on each upgrade
|
|
forceReload: false
|
|
# -- Init containers
|
|
# @default -- a container waiting for postgres
|
|
initContainers:
|
|
- name: wait-for-postgres
|
|
image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}"
|
|
imagePullPolicy: "{{ .Values.initImage.pullPolicy }}"
|
|
envFrom:
|
|
- secretRef:
|
|
name: "{{ tpl .Values.envFromSecret . }}"
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- dockerize -wait "tcp://$DB_HOST:$DB_PORT" -timeout 120s
|
|
|
|
# -- Launch additional containers into supersetNode pod
|
|
extraContainers: []
|
|
# -- Annotations to be added to supersetNode deployment
|
|
deploymentAnnotations: {}
|
|
# -- Labels to be added to supersetNode deployment
|
|
deploymentLabels: {}
|
|
# -- Affinity to be added to supersetNode deployment
|
|
affinity: {}
|
|
# -- TopologySpreadConstrains to be added to supersetNode deployments
|
|
topologySpreadConstraints: []
|
|
# -- Annotations to be added to supersetNode pods
|
|
podAnnotations: {}
|
|
# -- Labels to be added to supersetNode pods
|
|
podLabels: {}
|
|
startupProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
initialDelaySeconds: 15
|
|
timeoutSeconds: 1
|
|
failureThreshold: 60
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
initialDelaySeconds: 15
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
initialDelaySeconds: 15
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
# -- Resource settings for the supersetNode pods - these settings overwrite might existing values from the global resources object defined above.
|
|
resources: {}
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
podSecurityContext: {}
|
|
containerSecurityContext: {}
|
|
strategy: {}
|
|
# type: RollingUpdate
|
|
# rollingUpdate:
|
|
# maxSurge: 25%
|
|
# maxUnavailable: 25%
|
|
|
|
# Superset Celery worker configuration
|
|
supersetWorker:
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 100
|
|
targetCPUUtilizationPercentage: 80
|
|
# targetMemoryUtilizationPercentage: 80
|
|
# -- Sets the [pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) for supersetWorker pods
|
|
podDisruptionBudget:
|
|
# -- Whether the pod disruption budget should be created
|
|
enabled: false
|
|
# -- If set, maxUnavailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
minAvailable: 1
|
|
# -- If set, minAvailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
maxUnavailable: 1
|
|
# -- Worker startup command
|
|
# @default -- a `celery worker` command
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- ". {{ .Values.configMountPath }}/superset_bootstrap.sh; celery --app=superset.tasks.celery_app:app worker"
|
|
# -- If true, forces deployment to reload on each upgrade
|
|
forceReload: false
|
|
# -- Init container
|
|
# @default -- a container waiting for postgres and redis
|
|
initContainers:
|
|
- name: wait-for-postgres-redis
|
|
image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}"
|
|
imagePullPolicy: "{{ .Values.initImage.pullPolicy }}"
|
|
envFrom:
|
|
- secretRef:
|
|
name: "{{ tpl .Values.envFromSecret . }}"
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- dockerize -wait "tcp://$DB_HOST:$DB_PORT" -wait "tcp://$REDIS_HOST:$REDIS_PORT" -timeout 120s
|
|
# -- Launch additional containers into supersetWorker pod
|
|
extraContainers: []
|
|
# -- Annotations to be added to supersetWorker deployment
|
|
deploymentAnnotations: {}
|
|
# -- Labels to be added to supersetWorker deployment
|
|
deploymentLabels: {}
|
|
# -- Affinity to be added to supersetWorker deployment
|
|
affinity: {}
|
|
# -- TopologySpreadConstrains to be added to supersetWorker deployments
|
|
topologySpreadConstraints: []
|
|
# -- Annotations to be added to supersetWorker pods
|
|
podAnnotations: {}
|
|
# -- Labels to be added to supersetWorker pods
|
|
podLabels: {}
|
|
# -- Resource settings for the supersetWorker pods - these settings overwrite might existing values from the global resources object defined above.
|
|
resources: {}
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
podSecurityContext: {}
|
|
containerSecurityContext: {}
|
|
strategy: {}
|
|
# type: RollingUpdate
|
|
# rollingUpdate:
|
|
# maxSurge: 25%
|
|
# maxUnavailable: 25%
|
|
livenessProbe:
|
|
exec:
|
|
# -- Liveness probe command
|
|
# @default -- a `celery inspect ping` command
|
|
command:
|
|
- sh
|
|
- -c
|
|
- celery -A superset.tasks.celery_app:app inspect ping -d celery@$HOSTNAME
|
|
initialDelaySeconds: 120
|
|
timeoutSeconds: 60
|
|
failureThreshold: 3
|
|
periodSeconds: 60
|
|
successThreshold: 1
|
|
# -- No startup/readiness probes by default since we don't really care about its startup time (it doesn't serve traffic)
|
|
startupProbe: {}
|
|
# -- No startup/readiness probes by default since we don't really care about its startup time (it doesn't serve traffic)
|
|
readinessProbe: {}
|
|
|
|
# Superset beat configuration (to trigger scheduled jobs like reports)
|
|
supersetCeleryBeat:
|
|
# -- This is only required if you intend to use alerts and reports
|
|
enabled: false
|
|
# -- Sets the [pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) for supersetCeleryBeat pods
|
|
podDisruptionBudget:
|
|
# -- Whether the pod disruption budget should be created
|
|
enabled: false
|
|
# -- If set, maxUnavailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
minAvailable: 1
|
|
# -- If set, minAvailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
maxUnavailable: 1
|
|
# -- Command
|
|
# @default -- a `celery beat` command
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- ". {{ .Values.configMountPath }}/superset_bootstrap.sh; celery --app=superset.tasks.celery_app:app beat --pidfile /tmp/celerybeat.pid --schedule /tmp/celerybeat-schedule"
|
|
# -- If true, forces deployment to reload on each upgrade
|
|
forceReload: false
|
|
# -- List of init containers
|
|
# @default -- a container waiting for postgres
|
|
initContainers:
|
|
- name: wait-for-postgres-redis
|
|
image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}"
|
|
imagePullPolicy: "{{ .Values.initImage.pullPolicy }}"
|
|
envFrom:
|
|
- secretRef:
|
|
name: "{{ tpl .Values.envFromSecret . }}"
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- dockerize -wait "tcp://$DB_HOST:$DB_PORT" -wait "tcp://$REDIS_HOST:$REDIS_PORT" -timeout 120s
|
|
# -- Launch additional containers into supersetCeleryBeat pods
|
|
extraContainers: []
|
|
# -- Annotations to be added to supersetCeleryBeat deployment
|
|
deploymentAnnotations: {}
|
|
# -- Affinity to be added to supersetCeleryBeat deployment
|
|
affinity: {}
|
|
# -- TopologySpreadConstrains to be added to supersetCeleryBeat deployments
|
|
topologySpreadConstraints: []
|
|
# -- Annotations to be added to supersetCeleryBeat pods
|
|
podAnnotations: {}
|
|
# -- Labels to be added to supersetCeleryBeat pods
|
|
podLabels: {}
|
|
# -- Resource settings for the CeleryBeat pods - these settings overwrite might existing values from the global resources object defined above.
|
|
resources: {}
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
podSecurityContext: {}
|
|
containerSecurityContext: {}
|
|
|
|
supersetCeleryFlower:
|
|
# -- Enables a Celery flower deployment (management UI to monitor celery jobs)
|
|
# WARNING: on superset 1.x, this requires a Superset image that has `flower<1.0.0` installed (which is NOT the case of the default images)
|
|
# flower>=1.0.0 requires Celery 5+ which Superset 1.5 does not support
|
|
enabled: false
|
|
replicaCount: 1
|
|
# -- Sets the [pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) for supersetCeleryFlower pods
|
|
podDisruptionBudget:
|
|
# -- Whether the pod disruption budget should be created
|
|
enabled: false
|
|
# -- If set, maxUnavailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
minAvailable: 1
|
|
# -- If set, minAvailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
maxUnavailable: 1
|
|
# -- Command
|
|
# @default -- a `celery flower` command
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- "celery --app=superset.tasks.celery_app:app flower"
|
|
service:
|
|
type: ClusterIP
|
|
annotations: {}
|
|
loadBalancerIP: ~
|
|
port: 5555
|
|
nodePort:
|
|
# -- (int)
|
|
http: nil
|
|
startupProbe:
|
|
httpGet:
|
|
path: /api/workers
|
|
port: flower
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 1
|
|
failureThreshold: 60
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /api/workers
|
|
port: flower
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /api/workers
|
|
port: flower
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
# -- List of init containers
|
|
# @default -- a container waiting for postgres and redis
|
|
initContainers:
|
|
- name: wait-for-postgres-redis
|
|
image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}"
|
|
imagePullPolicy: "{{ .Values.initImage.pullPolicy }}"
|
|
envFrom:
|
|
- secretRef:
|
|
name: "{{ tpl .Values.envFromSecret . }}"
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- dockerize -wait "tcp://$DB_HOST:$DB_PORT" -wait "tcp://$REDIS_HOST:$REDIS_PORT" -timeout 120s
|
|
# -- Launch additional containers into supersetCeleryFlower pods
|
|
extraContainers: []
|
|
# -- Annotations to be added to supersetCeleryFlower deployment
|
|
deploymentAnnotations: {}
|
|
# -- Affinity to be added to supersetCeleryFlower deployment
|
|
affinity: {}
|
|
# -- TopologySpreadConstrains to be added to supersetCeleryFlower deployments
|
|
topologySpreadConstraints: []
|
|
# -- Annotations to be added to supersetCeleryFlower pods
|
|
podAnnotations: {}
|
|
# -- Labels to be added to supersetCeleryFlower pods
|
|
podLabels: {}
|
|
# -- Resource settings for the CeleryBeat pods - these settings overwrite might existing values from the global resources object defined above.
|
|
resources: {}
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
podSecurityContext: {}
|
|
containerSecurityContext: {}
|
|
|
|
supersetWebsockets:
|
|
# -- This is only required if you intend to use `GLOBAL_ASYNC_QUERIES` in `ws` mode
|
|
# see https://github.com/apache/superset/blob/master/CONTRIBUTING.md#async-chart-queries
|
|
enabled: false
|
|
replicaCount: 1
|
|
# -- Sets the [pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) for supersetWebsockets pods
|
|
podDisruptionBudget:
|
|
# -- Whether the pod disruption budget should be created
|
|
enabled: false
|
|
# -- If set, maxUnavailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
minAvailable: 1
|
|
# -- If set, minAvailable must not be set - see https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
|
|
maxUnavailable: 1
|
|
ingress:
|
|
path: /ws
|
|
pathType: Prefix
|
|
image:
|
|
# -- There is no official image (yet), this one is community-supported
|
|
repository: oneacrefund/superset-websocket
|
|
tag: latest
|
|
pullPolicy: IfNotPresent
|
|
# -- The config.json to pass to the server, see https://github.com/apache/superset/tree/master/superset-websocket
|
|
# Note that the configuration can also read from environment variables (which will have priority), see https://github.com/apache/superset/blob/master/superset-websocket/src/config.ts for a list of supported variables
|
|
# @default -- see `values.yaml`
|
|
config:
|
|
{
|
|
"port": 8080,
|
|
"logLevel": "debug",
|
|
"logToFile": false,
|
|
"logFilename": "app.log",
|
|
"statsd": { "host": "127.0.0.1", "port": 8125, "globalTags": [] },
|
|
"redis":
|
|
{
|
|
"port": 6379,
|
|
"host": "127.0.0.1",
|
|
"password": "",
|
|
"db": 0,
|
|
"ssl": false,
|
|
},
|
|
"redisStreamPrefix": "async-events-",
|
|
"jwtSecret": "CHANGE-ME",
|
|
"jwtCookieName": "async-token",
|
|
}
|
|
service:
|
|
type: ClusterIP
|
|
annotations: {}
|
|
loadBalancerIP: ~
|
|
port: 8080
|
|
nodePort:
|
|
# -- (int)
|
|
http: nil
|
|
command: []
|
|
resources: {}
|
|
# -- Launch additional containers into supersetWebsockets pods
|
|
extraContainers: []
|
|
deploymentAnnotations: {}
|
|
# -- Affinity to be added to supersetWebsockets deployment
|
|
affinity: {}
|
|
# -- TopologySpreadConstrains to be added to supersetWebsockets deployments
|
|
topologySpreadConstraints: []
|
|
podAnnotations: {}
|
|
podLabels: {}
|
|
strategy: {}
|
|
podSecurityContext: {}
|
|
containerSecurityContext: {}
|
|
startupProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: ws
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 1
|
|
failureThreshold: 60
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: ws
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: ws
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
|
|
init:
|
|
# Configure resources
|
|
# Warning: fab command consumes a lot of ram and can
|
|
# cause the process to be killed due to OOM if it exceeds limit
|
|
# Make sure you are giving a strong password for the admin user creation( else make sure you are changing after setup)
|
|
# Also change the admin email to your own custom email.
|
|
resources: {}
|
|
# limits:
|
|
# cpu:
|
|
# memory:
|
|
# requests:
|
|
# cpu:
|
|
# memory:
|
|
# -- Command
|
|
# @default -- a `superset_init.sh` command
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- ". {{ .Values.configMountPath }}/superset_bootstrap.sh; . {{ .Values.configMountPath }}/superset_init.sh"
|
|
enabled: true
|
|
jobAnnotations:
|
|
"helm.sh/hook": post-install,post-upgrade
|
|
"helm.sh/hook-delete-policy": "before-hook-creation"
|
|
loadExamples: false
|
|
createAdmin: true
|
|
adminUser:
|
|
username: admin
|
|
firstname: Superset
|
|
lastname: Admin
|
|
email: admin@superset.com
|
|
password: admin
|
|
# -- List of initContainers
|
|
# @default -- a container waiting for postgres
|
|
initContainers:
|
|
- name: wait-for-postgres
|
|
image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}"
|
|
imagePullPolicy: "{{ .Values.initImage.pullPolicy }}"
|
|
envFrom:
|
|
- secretRef:
|
|
name: "{{ tpl .Values.envFromSecret . }}"
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- dockerize -wait "tcp://$DB_HOST:$DB_PORT" -timeout 120s
|
|
# -- A Superset init script
|
|
# @default -- a script to create admin user and initialize roles
|
|
initscript: |-
|
|
#!/bin/sh
|
|
set -eu
|
|
echo "Upgrading DB schema..."
|
|
superset db upgrade
|
|
echo "Initializing roles..."
|
|
superset init
|
|
{{ if .Values.init.createAdmin }}
|
|
echo "Creating admin user..."
|
|
superset fab create-admin \
|
|
--username {{ .Values.init.adminUser.username }} \
|
|
--firstname {{ .Values.init.adminUser.firstname }} \
|
|
--lastname {{ .Values.init.adminUser.lastname }} \
|
|
--email {{ .Values.init.adminUser.email }} \
|
|
--password {{ .Values.init.adminUser.password }} \
|
|
|| true
|
|
{{- end }}
|
|
{{ if .Values.init.loadExamples }}
|
|
echo "Loading examples..."
|
|
superset load_examples
|
|
{{- end }}
|
|
if [ -f "{{ .Values.extraConfigMountPath }}/import_datasources.yaml" ]; then
|
|
echo "Importing database connections.... "
|
|
superset import_datasources -p {{ .Values.extraConfigMountPath }}/import_datasources.yaml
|
|
fi
|
|
# -- Launch additional containers into init job pod
|
|
extraContainers: []
|
|
## Annotations to be added to init job pods
|
|
podAnnotations: {}
|
|
podSecurityContext: {}
|
|
containerSecurityContext: {}
|
|
## Tolerations to be added to init job pods
|
|
tolerations: []
|
|
## Affinity to be added to init job pods
|
|
affinity: {}
|
|
# -- TopologySpreadConstrains to be added to init job
|
|
topologySpreadConstraints: []
|
|
|
|
# -- Configuration values for the postgresql dependency.
|
|
# ref: https://github.com/bitnami/charts/tree/main/bitnami/postgresql
|
|
# @default -- see `values.yaml`
|
|
postgresql:
|
|
##
|
|
## Use the PostgreSQL chart dependency.
|
|
## Set to false if bringing your own PostgreSQL.
|
|
enabled: true
|
|
|
|
## Authentication parameters
|
|
auth:
|
|
## The name of an existing secret that contains the postgres password.
|
|
existingSecret:
|
|
## PostgreSQL name for a custom user to create
|
|
username: superset
|
|
## PostgreSQL password for the custom user to create. Ignored if `auth.existingSecret` with key `password` is provided
|
|
password: superset
|
|
## PostgreSQL name for a custom database to create
|
|
database: superset
|
|
|
|
image:
|
|
tag: "14.6.0-debian-11-r13"
|
|
|
|
## PostgreSQL Primary parameters
|
|
primary:
|
|
##
|
|
## Persistent Volume Storage configuration.
|
|
## ref: https://kubernetes.io/docs/user-guide/persistent-volumes
|
|
persistence:
|
|
##
|
|
## Enable PostgreSQL persistence using Persistent Volume Claims.
|
|
enabled: true
|
|
##
|
|
## Persistent class
|
|
# storageClass: classname
|
|
##
|
|
## Access modes:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
## PostgreSQL port
|
|
service:
|
|
ports:
|
|
postgresql: "5432"
|
|
|
|
# -- Configuration values for the Redis dependency.
|
|
# ref: https://github.com/bitnami/charts/blob/master/bitnami/redis
|
|
# More documentation can be found here: https://artifacthub.io/packages/helm/bitnami/redis
|
|
# @default -- see `values.yaml`
|
|
redis:
|
|
##
|
|
## Use the redis chart dependency.
|
|
##
|
|
## If you are bringing your own redis, you can set the host in supersetNode.connections.redis_host
|
|
##
|
|
## Set to false if bringing your own redis.
|
|
enabled: true
|
|
##
|
|
## Set architecture to standalone/replication
|
|
architecture: standalone
|
|
##
|
|
## Auth configuration:
|
|
##
|
|
auth:
|
|
## Enable password authentication
|
|
enabled: false
|
|
## The name of an existing secret that contains the redis password.
|
|
existingSecret: ""
|
|
## Name of the key containing the secret.
|
|
existingSecretKey: ""
|
|
## Redis password
|
|
password: superset
|
|
##
|
|
## Master configuration
|
|
##
|
|
master:
|
|
##
|
|
## Image configuration
|
|
# image:
|
|
##
|
|
## docker registry secret names (list)
|
|
# pullSecrets: nil
|
|
##
|
|
## Configure persistance
|
|
persistence:
|
|
##
|
|
## Use a PVC to persist data.
|
|
enabled: false
|
|
##
|
|
## Persistent class
|
|
# storageClass: classname
|
|
##
|
|
## Access mode:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
# -- TopologySpreadConstrains to be added to all deployments
|
|
topologySpreadConstraints: []
|