mirror of
https://github.com/open-metadata/OpenMetadata.git
synced 2025-10-31 18:48:35 +00:00
16 KiB
16 KiB
| title | slug |
|---|---|
| Kubernetes Helm Values | /deployment/kubernetes/helm-values |
Kubernetes Helm Values
This page list all the supported helm values for OpenMetadata Helm Charts.
Global Chart Values
{%table%}
| Key | Type | Default | Environment Variable from openmetadata.yaml |
|---|---|---|---|
| global.authentication.provider | string | basic |
AUTHENTICATION_PROVIDER |
| global.authentication.publicKeys | list | [http://openmetadata:8585/api/v1/system/config/jwks] |
AUTHENTICATION_PUBLIC_KEYS |
| global.authentication.authority | string | https://accounts.google.com |
AUTHENTICATION_AUTHORITY |
| global.authentication.clientId | string | Empty String |
AUTHENTICATION_CLIENT_ID |
| global.authentication.callbackUrl | string | Empty String |
AUTHENTICATION_CALLBACK_URL |
| global.authentication.enableSelfSignup | bool | true |
AUTHENTICATION_ENABLE_SELF_SIGNUP |
| global.authentication.jwtPrincipalClaims | list | [email,preferred_username,sub] |
AUTHENTICATION_JWT_PRINCIPAL_CLAIMS |
| global.authentication.ldapConfiguration.host | string | localhost |
AUTHENTICATION_LDAP_HOST |
| global.authentication.ldapConfiguration.port | int | 10636 | AUTHENTICATION_LDAP_PORT |
| global.authentication.ldapConfiguration.dnAdminPrincipal | string | cn=admin,dc=example,dc=com |
AUTHENTICATION_LOOKUP_ADMIN_DN |
| global.authentication.ldapConfiguration.dnAdminPassword.secretRef | string | ldap-secret |
AUTHENTICATION_LOOKUP_ADMIN_PWD |
| global.authentication.ldapConfiguration.dnAdminPassword.secretKey | string | openmetadata-ldap-secret |
AUTHENTICATION_LOOKUP_ADMIN_PWD |
| global.authentication.ldapConfiguration.userBaseDN | string | ou=people,dc=example,dc=com |
AUTHENTICATION_USER_LOOKUP_BASEDN |
| global.authentication.ldapConfiguration.mailAttributeName | string | email |
AUTHENTICATION_USER_MAIL_ATTR |
| global.authentication.ldapConfiguration.maxPoolSize | int | 3 | AUTHENTICATION_LDAP_POOL_SIZE |
| global.authentication.ldapConfiguration.sslEnabled | bool | true |
AUTHENTICATION_LDAP_SSL_ENABLED |
| global.authentication.ldapConfiguration.truststoreConfigType | string | TrustAll |
AUTHENTICATION_LDAP_TRUSTSTORE_TYPE |
| global.authentication.ldapConfiguration.trustStoreConfig.customTrustManagerConfig.trustStoreFilePath | string | Empty String |
AUTHENTICATION_LDAP_TRUSTSTORE_PATH |
| global.authentication.ldapConfiguration.trustStoreConfig.customTrustManagerConfig.trustStoreFilePassword.secretRef | string | Empty String |
AUTHENTICATION_LDAP_KEYSTORE_PASSWORD |
| global.authentication.ldapConfiguration.trustStoreConfig.customTrustManagerConfig.trustStoreFilePassword.secretKey | string | Empty String |
AUTHENTICATION_LDAP_KEYSTORE_PASSWORD |
| global.authentication.ldapConfiguration.trustStoreConfig.customTrustManagerConfig.trustStoreFileFormat | string | Empty String |
AUTHENTICATION_LDAP_SSL_KEY_FORMAT |
| global.authentication.ldapConfiguration.trustStoreConfig.customTrustManagerConfig.verifyHostname | string | Empty String |
AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST |
| global.authentication.ldapConfiguration.trustStoreConfig.customTrustManagerConfig.examineValidityDate | bool | true |
AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES |
| global.authentication.ldapConfiguration.trustStoreConfig.hostNameConfig.allowWildCards | bool | false |
AUTHENTICATION_LDAP_ALLOW_WILDCARDS |
| global.authentication.ldapConfiguration.trustStoreConfig.hostNameConfig.acceptableHostNames | string | [Empty String] |
AUTHENTICATION_LDAP_ALLOWED_HOSTNAMES |
| global.authentication.ldapConfiguration.trustStoreConfig.jvmDefaultConfig.verifyHostname | string | Empty String |
AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST |
| global.authentication.ldapConfiguration.trustStoreConfig.trustAllConfig.examineValidityDates | bool | true |
AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES |
| global.authentication.saml.debugMode | bool | false | SAML_DEBUG_MODE |
| global.authentication.saml.idp.entityId | string | Empty |
SAML_IDP_ENTITY_ID |
| global.authentication.saml.idp.ssoLoginUrl | string | Empty |
SAML_IDP_SSO_LOGIN_URL |
| global.authentication.saml.idp.idpX509Certificate.secretRef | string | Empty |
SAML_IDP_CERTIFICATE |
| global.authentication.saml.idp.idpX509Certificate.secretKey | string | Empty |
SAML_IDP_CERTIFICATE |
| global.authentication.saml.idp.authorityUrl | string | http://openmetadata.default.svc.cluster.local:8585/api/v1/saml/login |
SAML_AUTHORITY_URL |
| global.authentication.saml.idp.nameId | string | urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress |
SAML_IDP_NAME_ID |
| global.authentication.saml.sp.entityId | string | http://openmetadata.default.svc.cluster.local:8585/api/v1/saml/metadata |
SAML_SP_ENTITY_ID |
| global.authentication.saml.sp.acs | string | http://openmetadata.default.svc.cluster.local:8585/api/v1/saml/acs |
SAML_SP_ACS |
| global.authentication.saml.sp.spX509Certificate.secretRef | string | Empty |
SAML_SP_CERTIFICATE |
| global.authentication.saml.sp.spX509Certificate.secretKey | string | Empty |
SAML_SP_CERTIFICATE |
| global.authentication.saml.sp.callback | string | http://openmetadata.default.svc.cluster.local:8585/saml/callback |
SAML_SP_CALLBACK |
| global.authentication.saml.security.strictMode | bool | false | SAML_STRICT_MODE |
| global.authentication.saml.security.tokenValidity | int | 3600 | SAML_SP_TOKEN_VALIDITY |
| global.authentication.saml.security.sendEncryptedNameId | bool | false | SAML_SEND_ENCRYPTED_NAME_ID |
| global.authentication.saml.security.sendSignedAuthRequest | bool | false | SAML_SEND_SIGNED_AUTH_REQUEST |
| global.authentication.saml.security.signSpMetadata | bool | false | SAML_SIGNED_SP_METADATA |
| global.authentication.saml.security.wantMessagesSigned | bool | false | SAML_WANT_MESSAGE_SIGNED |
| global.authentication.saml.security.wantAssertionsSigned | bool | false | SAML_WANT_ASSERTION_SIGNED |
| global.authentication.saml.security.wantAssertionEncrypted | bool | false | SAML_WANT_ASSERTION_ENCRYPTED |
| global.authentication.saml.security.wantNameIdEncrypted | bool | false | SAML_WANT_NAME_ID_ENCRYPTED |
| global.authentication.saml.security.keyStoreFilePath | string | Empty |
SAML_KEYSTORE_FILE_PATH |
| global.authentication.saml.security.keyStoreAlias.secretRef | string | Empty |
SAML_KEYSTORE_ALIAS |
| global.authentication.saml.security.keyStoreAlias.secretKey | string | Empty |
SAML_KEYSTORE_ALIAS |
| global.authentication.saml.security.keyStorePassword.secretRef | string | Empty |
SAML_KEYSTORE_PASSWORD |
| global.authentication.saml.security.keyStorePassword.secretKey | string | Empty |
SAML_KEYSTORE_PASSWORD |
| global.authorizer.allowedEmailRegistrationDomains | list | [all] |
AUTHORIZER_ALLOWED_REGISTRATION_DOMAIN |
| global.authorizer.className | string | org.openmetadata.service.security.DefaultAuthorizer |
AUTHORIZER_CLASS_NAME |
| global.authorizer.containerRequestFilter | string | org.openmetadata.service.security.JwtFilter |
AUTHORIZER_REQUEST_FILTER |
| global.authorizer.enforcePrincipalDomain | bool | false |
AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN |
| global.authorizer.enableSecureSocketConnection | bool | false |
AUTHORIZER_ENABLE_SECURE_SOCKET |
| global.authorizer.initialAdmins | list | [admin] |
AUTHORIZER_ADMIN_PRINCIPALS |
| global.authorizer.principalDomain | string | open-metadata.org |
AUTHORIZER_PRINCIPAL_DOMAIN |
| global.airflow.auth.password.secretRef | string | airflow-secrets |
AIRFLOW_PASSWORD |
| global.airflow.auth.password.secretKey | string | openmetadata-airflow-password |
AIRFLOW_PASSWORD |
| global.airflow.auth.username | string | admin |
AIRFLOW_USERNAME |
| global.airflow.enabled | bool | true |
|
| global.airflow.host | string | http://openmetadata-dependencies-web.default.svc.cluster.local:8080 |
PIPELINE_SERVICE_CLIENT_ENDPOINT |
| global.airflow.openmetadata.serverHostApiUrl | string | http://openmetadata.default.svc.cluster.local:8585/api |
SERVER_HOST_API_URL |
| global.airflow.sslCertificatePath | string | /no/path |
PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH |
| global.airflow.verifySsl | string | no-ssl |
PIPELINE_SERVICE_CLIENT_VERIFY_SSL |
| global.basicLogin.maxLoginFailAttempts | int | 3 | OM_MAX_FAILED_LOGIN_ATTEMPTS |
| global.basicLogin.accessBlockTime | int | 600 | OM_LOGIN_ACCESS_BLOCK_TIME |
| global.clusterName | string | openmetadata |
OPENMETADATA_CLUSTER_NAME |
| global.database.auth.password.secretRef | string | mysql-secrets |
DB_USER_PASSWORD |
| global.database.auth.password.secretKey | string | openmetadata-mysql-password |
DB_USER_PASSWORD |
| global.database.auth.username | string | openmetadata_user |
DB_USER |
| global.database.databaseName | string | openmetadata_db |
OM_DATABASE |
| global.database.dbScheme | string | mysql |
DB_SCHEME |
| global.database.dbUseSSL | bool | false |
DB_USE_SSL |
| global.database.driverClass | string | com.mysql.cj.jdbc.Driver |
DB_DRIVER_CLASS |
| global.database.host | string | mysql |
DB_HOST |
| global.database.port | int | 3306 | DB_PORT |
| global.elasticsearch.auth.enabled | bool | false |
|
| global.elasticsearch.auth.username | string | elasticsearch |
ELASTICSEARCH_USER |
| global.elasticsearch.auth.password.secretRef | string | elasticsearch-secrets |
ELASTICSEARCH_PASSWORD |
| global.elasticsearch.auth.password.secretKey | string | openmetadata-elasticsearch-password |
ELASTICSEARCH_PASSWORD |
| global.elasticsearch.host | string | elasticsearch |
ELASTICSEARCH_HOST |
| global.elasticsearch.port | int | 9200 | ELASTICSEARCH_PORT |
| global.elasticsearch.scheme | string | http |
ELASTICSEARCH_SCHEME |
| global.elasticsearch.searchIndexMappingLanguage | string | EN |
ELASTICSEARCH_INDEX_MAPPING_LANG |
| global.elasticsearch.trustStore.enabled | bool | false |
|
| global.elasticsearch.trustStore.path | string | Empty String |
ELASTICSEARCH_TRUST_STORE_PATH |
| global.elasticsearch.trustStore.password.secretRef | string | elasticsearch-truststore-secrets |
ELASTICSEARCH_TRUST_STORE_PASSWORD |
| global.elasticsearch.trustStore.password.secretKey | string | openmetadata-elasticsearch-truststore-password |
ELASTICSEARCH_TRUST_STORE_PASSWORD |
| global.eventMonitor.type | string | prometheus |
EVENT_MONITOR |
| global.eventMonitor.batchSize | int | 10 |
EVENT_MONITOR_BATCH_SIZE |
| global.eventMonitor.pathPattern | list | [/api/v1/tables/*,/api/v1/health-check] |
EVENT_MONITOR_PATH_PATTERN |
| global.eventMonitor.latency | list | [] |
EVENT_MONITOR_LATENCY |
| global.fernetkey.value | string | jJ/9sz0g0OHxsfxOoSfdFdmk3ysNmPRnH3TUAbz3IHA= |
FERNET_KEY |
| global.fernetkey.secretRef | string | `` | FERNET_KEY |
| global.fernetkey.secretKef | string | `` | FERNET_KEY |
| global.jwtTokenConfiguration.enabled | bool | true |
|
| global.jwtTokenConfiguration.rsapublicKeyFilePath | string | ./conf/public_key.der |
RSA_PUBLIC_KEY_FILE_PATH |
| global.jwtTokenConfiguration.rsaprivateKeyFilePath | string | ./conf/private_key.der |
RSA_PRIVATE_KEY_FILE_PATH |
| global.jwtTokenConfiguration.jwtissuer | string | open-metadata.org |
JWT_ISSUER |
| global.jwtTokenConfiguration.keyId | string | Gb389a-9f76-gdjs-a92j-0242bk94356 |
JWT_KEY_ID |
| global.logLevel | string | INFO |
LOG_LEVEL |
| global.maskPasswordsApi | bool | false |
MASK_PASSWORDS_API |
| global.openmetadata.adminPort | int | 8586 | SERVER_ADMIN_PORT |
| global.openmetadata.host | string | openmetadata |
OPENMETADATA_SERVER_URL |
| global.openmetadata.port | int | 8585 | SERVER_PORT |
| global.pipelineServiceClientConfig.auth.password.secretRef | string | airflow-secrets |
AIRFLOW_PASSWORD |
| global.pipelineServiceClientConfig.auth.password.secretKey | string | openmetadata-airflow-password |
AIRFLOW_PASSWORD |
| global.pipelineServiceClientConfig.auth.username | string | admin |
AIRFLOW_USERNAME |
| global.pipelineServiceClientConfig.apiEndpoint | string | http://openmetadata-dependencies-web.default.svc.cluster.local:8080 |
PIPELINE_SERVICE_CLIENT_ENDPOINT |
| global.pipelineServiceClientConfig.className | string | org.openmetadata.service.clients.pipeline.airflow.AirflowRESTClient |
PIPELINE_SERVICE_CLIENT_CLASS_NAME |
| global.pipelineServiceClientConfig.enabled | bool | true |
|
| global.pipelineServiceClientConfig.ingestionIpInfoEnabled | bool | false |
PIPELINE_SERVICE_IP_INFO_ENABLED |
| global.pipelineServiceClientConfig.metadataApiEndpoint | string | http://openmetadata.default.svc.cluster.local:8585/api |
SERVER_HOST_API_URL |
| global.pipelineServiceClientConfig.sslCertificatePath | string | /no/path |
PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH |
| global.pipelineServiceClientConfig.verifySsl | string | no-ssl |
PIPELINE_SERVICE_CLIENT_VERIFY_SSL |
| global.pipelineServiceClientConfig.hostIp | string | Empty |
PIPELINE_SERVICE_CLIENT_HOST_IP |
| global.secretsManager.provider | string | noop |
SECRET_MANAGER |
| global.secretsManager.additionalParameters.enabled | bool | false |
|
| global.secretsManager.additionalParameters.accessKeyId.secretRef | string | aws-access-key-secret |
OM_SM_ACCESS_KEY_ID |
| global.secretsManager.additionalParameters.accessKeyId.secretKey | string | aws-key-secret |
OM_SM_ACCESS_KEY_ID |
| global.secretsManager.additionalParameters.region | string | Empty String |
OM_SM_REGION |
| global.secretsManager.additionalParameters.secretAccessKey.secretRef | string | aws-secret-access-key-secret |
OM_SM_ACCESS_KEY |
| global.secretsManager.additionalParameters.secretAccessKey.secretKey | string | aws-key-secret |
OM_SM_ACCESS_KEY |
| global.smtpConfig.enableSmtpServer | bool | false |
AUTHORIZER_ENABLE_SMTP |
| global.smtpConfig.emailingEntity | string | OpenMetadata |
OM_EMAIL_ENTITY |
| global.smtpConfig.openMetadataUrl | string | Empty String |
OPENMETADATA_SERVER_URL |
| global.smtpConfig.password.secretKey | string | Empty String |
SMTP_SERVER_PWD |
| global.smtpConfig.password.secretRef | string | Empty String |
SMTP_SERVER_PWD |
| global.smtpConfig.serverEndpoint | string | Empty String |
SMTP_SERVER_ENDPOINT |
| global.smtpConfig.serverPort | string | Empty String |
SMTP_SERVER_PORT |
| global.smtpConfig.supportUrl | string | https://slack.open-metadata.org |
OM_SUPPORT_URL |
| global.smtpConfig.transportationStrategy | string | SMTP_TLS |
SMTP_SERVER_STRATEGY |
| global.smtpConfig.username | string | Empty String |
SMTP_SERVER_USERNAME |
{%/table%}
Chart Values
{%table%}
| Key | Type | Default |
|---|---|---|
| affinity | object | {} |
| commonLabels | object | {} |
| extraEnvs | Extra [environment variables][] which will be appended to the env: definition for the container |
[] |
| extraInitContainers | Templatable string of additional initContainers to be passed to tpl function |
[] |
| extraVolumes | Templatable string of additional volumes to be passed to the tpl function |
[] |
| extraVolumeMounts | Templatable string of additional volumeMounts to be passed to the tpl function |
[] |
| fullnameOverride | string | "openmetadata" |
| image.pullPolicy | string | "Always" |
| image.repository | string | "docker.getcollate.io/openmetadata/server" |
| image.tag | string | 0.13.3 |
| imagePullSecrets | list | [] |
| ingress.annotations | object | {} |
| ingress.className | string | "" |
| ingress.enabled | bool | false |
| ingress.hosts[0].host | string | "open-metadata.local" |
| ingress.hosts[0].paths[0].path | string | "/" |
| ingress.hosts[0].paths[0].pathType | string | "ImplementationSpecific" |
| ingress.tls | list | [] |
| livenessProbe.initialDelaySeconds | int | 60 |
| livenessProbe.periodSeconds | int | 30 |
| livenessProbe.failureThreshold | int | 5 |
| livenessProbe.httpGet.path | string | /healthcheck |
| livenessProbe.httpGet.port | string | http-admin |
| nameOverride | string | "" |
| nodeSelector | object | {} |
| podAnnotations | object | {} |
| podSecurityContext | object | {} |
| readinessProbe.initialDelaySeconds | int | 60 |
| readinessProbe.periodSeconds | int | 30 |
| readinessProbe.failureThreshold | int | 5 |
| readinessProbe.httpGet.path | string | / |
| readinessProbe.httpGet.port | string | http |
| replicaCount | int | 1 |
| resources | object | {} |
| securityContext | object | {} |
| service.adminPort | string | 8586 |
| service.annotations | object | {} |
| service.port | int | 8585 |
| service.type | string | "ClusterIP" |
| serviceAccount.annotations | object | {} |
| serviceAccount.create | bool | true |
| serviceAccount.name | string | nil |
| sidecars | list | [] |
| tolerations | list | [] |
| networkPolicy.enabled | bool | false |
{%/table%}