Helm provides several ways to set value fields. The CloudBees CD/RO server and agent Helm charts provide CloudBees’s default values. Helm stores these values in the chart’s cloudbees-cd-defaults.yaml
file. A copy of the default values can be found in the cloudbees-example
public GitHub repo.
You can override these fields as follows:
-
On the Helm install command line using the
--set
parameter. -
In a local
myvalues.yaml
file.
CloudBees recommends using a local values file for your installation to keep all of your CloudBees CD/RO environment settings. |
cloudbees-flow chart configuration values
The following tables list common configurable parameters of the cloudbees-flow
chart and their default values.
Volume permissions values
Key | Description/Default |
---|---|
volumePermissions.enabled |
Enable/disable volume permissions for the attached PVC of CloudBees CD/RO components. Default: true |
Bound agent values
Key | Description/Default |
---|---|
boundAgent.ecconfigure |
String is interpreted as if passed to ecconfigure utility within the container Default: --agentInitMemoryMB=256 --agentMaxMemoryMB=256 |
boundAgent.imageName |
Default: cbflow-agent |
boundAgent.logLevel |
Default: DEBUG |
boundAgent.replicas |
Default: 1 |
boundAgent.resources.limits.cpu |
Default: 0.25 |
boundAgent.resources.limits.memory |
Default: 1024Mi |
boundAgent.resources.requests.cpu |
Default: 0.25 |
boundAgent.resources.requests.memory |
Default: 512Mi |
boundAgent.volumesPermissions.enabled |
Enable/disable volume permissions for the bound agent. Use to override the Default: true |
Database values
Key | Description/Default |
---|---|
database.clusterEndpoint |
Use this option if your database is residing in the same Kubernetes cluster as Flow. Notation is db-service.namespace If deploying into the same namespace, .namespace component can be omitted. Default: null |
database.externalEndpoint |
Database endpoint, Default: null |
database.dbName |
Default: null |
database.dbPassword |
Default: null |
database.dbPort |
Default: null |
database.dbType |
The database type with which CloudBees CD/RO persistence works. One of:
Default: null |
database.dbUser |
Default: null |
database.existingSecret |
Use this option if you have or are planning to deploy the credential’s secret yourself. The layout has to be the same as that of Default: null |
demoMode |
Default: false |
CloudBees Analytics server values
Key | Description/Default |
---|---|
dois.credentials.adminPassword dois.credentials.existingSecret |
Credentials for administrative access to Elasticsearch data. It sets a password for the Default: null |
dois.enabled |
Flag that dictates whether this workload and its accompanying services are to be installed Default: true |
dois.esClusterName |
Elasticsearch cluster name Default: null |
dois.esMinMasterNodes |
Minimum number of master-eliGile nodes that must be visible in order to form an Elasticsearch cluster. Default: 1 |
dois.esNumberOfShards |
The number of primary shards that an index must have. Default: null |
dois.esRam |
Elasticsearch heap size in MB. Default: 2048 |
dois.expose |
Expose DevOps Insight as externally available services ingress needs to ports 9200 and 9500 to be open to the outer world. Default: true |
dois.imageName |
Default: cbflow-dois |
dois.lsInitRam |
Default: 512 |
dois.lsMaxRam |
Default: 1024 |
dois.replicas |
Number of Elasticsearch nodes Default: 1 |
dois.resources.limits.cpu |
Default: 1 |
dois.resources.limits.memory |
Default: 3.5Gi |
dois.resources.requests.cpu |
Default: 0.1 |
dois.resources.requests.memory |
Default: 3.5Gi |
dois.serverEndpoint |
CloudBees CD/RO server endpoint. If installing in a different namespace, the server name must be in |
dois.serviceEndpoint |
The DevOps Insight server service endpoint to be configured on the remote CloudBees CD/RO server. It is assumed the remote CloudBees CD/RO server is located in the same Kubernetes cluster. Default: flow-devopsinsight.{{ .Release.Namespace }} |
dois.volumesPermissions.enabled |
Enable/disable volume permissions for the {SDA ANALYTICS} server. Use to override the Default: true |
CloudBees CD/RO credential values
Key | Description/Default |
---|---|
flowCredentials.adminPassword |
Default: |
flowCredentials.existingSecret |
Either specify the secret where the admin user password is stored under the Default: null |
CloudBees CD/RO server license values (optional)
Key | Description/Default |
---|---|
flowLicense.existingSecret |
Default: null |
flowLicense.licenseData |
Default: null |
Images values
Key | Description/Default |
---|---|
images.pullPolicy |
Default: |
images.repository |
Default: 547883162893.dkr.ecr.us-east-1.amazonaws.com |
images.tag |
The Helm chart image tag corresponding to a specific CloudBees CD/RO artifact. Example: Default: tag associated with latest CloudBees CD/RO artifact, as listed in |
Sidecar injector additional container values
Key | Description/Default |
---|---|
server.additionalContainers |
To add additional containers for the server, uncomment the name, image, and command in your values file.
|
web.additionalContainers |
To add additional containers, uncomment the name, image, and command in your values file.
|
dois.additionalContainers |
To add additional containers, uncomment the name, image, and command in your values file.
|
repository.additionalContainers |
To add additional containers, uncomment the name, image, and command in your values file.
|
boundAgent.additionalContainers |
To add additional containers, uncomment the name, image, and command in your values file.
|
Network isolation values
Key | Description/Default |
---|---|
networkIsolation.allowFromCidr |
The CIDR allowed to make connection to all exposed CloudBees CD/RO endpoints. Default: 0.0.0.0/0 |
Nginx-ingress values (Kubernetes versions 1.21 and earlier)
Key | Description/Default |
---|---|
nginx-ingress.controller.ingressClass |
Default: |
nginx-ingress.controller.publishService.enabled |
Default: true |
nginx-ingress.controller.scope.enabled |
Default: true |
nginx-ingress.enabled |
Default: true |
nginx-ingress.tcp.61613 |
Default: {{ .Release.Namespace }}/flow-server:61613 |
nginx-ingress.tcp.8200 |
Default: {{ .Release.Namespace }}/flow-repository:8200 |
nginx-ingress.tcp.8443 |
Default: {{ .Release.Namespace }}/flow-server:8443 |
nginx-ingress.tcp.9200 |
Default: {{ .Release.Namespace }}/flow-devopsinsight:9200 |
nginx-ingress.tcp.9500 |
Default: {{ .Release.Namespace }}/flow-devopsinsight:9500 |
Ingress-nginx values (Kubernetes versions 1.22 and later)
ingress-nginx.controller.ingressClass | Default: flow-ingress |
---|---|
ingress-nginx.controller.publishService.enabled |
Default: true |
ingress-nginx.controller.scope.enabled |
Default: |
ingress-nginx.enabled |
Default: |
ingress-nginx.tcp.61613 |
Default: |
ingress-nginx.tcp.8200 |
Default: |
ingress-nginx.tcp.8443 |
Default: |
ingress-nginx.tcp.9200 |
Default: |
ingress-nginx.tcp.9500 |
Default: |
Repository values
Key | Description/Default |
---|---|
repository.ecconfigure |
String to pass to `ecconfigure ` utility. Default: --repositoryInitMemoryMB=256 --repositoryMaxMemoryMB=512 |
repository.enabled |
Flag that dictates whether this workload and its accompanying services are to be installed Default: true |
repository.expose |
Expose repository as an externally available service that ingress needs to port port 8200. Default: true |
repository.externalService.enabled |
Expose Default: false |
repository.imageName |
Default: cbflow-repository |
repository.logLevel |
Default: DEBUG |
repository.replicas |
Default: 1 |
repository.resources.limits.cpu |
Default: 0.25 |
repository.resources.limits.memory |
Default: 1024Mi |
repository.resources.requests.cpu |
Default: 0.25 |
repository.resources.requests.memory |
Default: 512Mi |
repository.volumesPermissions.enabled |
Enable/disable volume permissions for the repository. Use to override the Default: true |
repository.zoneName |
The zone, assigned to the repository instance, created in the CloudBees CD/RO server to represent this repository instance. The zone must exist in CloudBees CD/RO server instance. Default: null |
CloudBees CD/RO server values
Key | Description/Default |
---|---|
server.ecconfigure |
String to pass to `ecconfigure ` utility. Default: --serverInitMemoryMB=4096 --serverMaxMemoryMB=4096 |
server.enabled |
Flag that dictates whether the web workload and its accompanying services are to be installed. Default: true |
server.expose |
As CloudBees CD/RO requires repository to be exposed as externally available services, ingress needs to ports 8443 and 61613 to be open to the outer world. Default: true |
server.externalService.enabled |
Expose Default: false |
server.imageName |
Default: cbflow-server |
server.logLevel |
Master loglevel for com.electriccloud package Default: INFO |
server.replicas |
Default: 1 |
server.resources.limits.cpu |
Default: 4 |
server.resources.limits.memory |
Default: 6Gi |
server.resources.requests.cpu |
Default: 1.5 |
server.resources.requests.memory |
Default: 6Gi |
server.volumesPermissions.enabled |
Enable/disable volume permissions for the CloudBees CD/RO server. Use to override the Default: true |
server.zk.host |
Default: zookeeper |
server.zk.port |
Default: 2181 |
Server storage values
Key | Description/Default |
---|---|
storage.volumes.doisStorage.accessMode |
Default: ReadWriteOnce |
storage.volumes.doisStorage.name |
Default: elasticsearch-data |
storage.volumes.doisStorage.storage |
Default: 10Gi |
storage.volumes.repositoryStorage.accessMode |
Default: ReadWriteOnce |
storage.volumes.repositoryStorage.name |
Default: flow-repo-artifacts |
storage.volumes.repositoryStorage.storage |
Default: 20Gi |
storage.volumes.repositoryStorage.storageClass |
Specify non-platform-default or custom storage class. Default: null |
storage.volumes.serverPlugins.accessMode |
Default: ReadWriteMany |
storage.volumes.serverPlugins.name |
Default: flow-server-shared |
storage.volumes.serverPlugins.storage |
Default: 5Gi |
storage.volumes.serverPlugins.storageClass |
Storage class for plugins directory. Currently it has to be shared across all server and web replicas. Has to be ReadWriteMany accessible. Default: null |
CloudBees CD/RO web server values
Key | Description/Default |
---|---|
web.ecconfigure |
String to pass to `ecconfigure ` utility. |
web.enabled |
Flag that dictates whether the web workload and its accompanying services are to be installed. Default: true |
web.imageName |
Default: cbflow-web |
web.ingress.annotations. kubernetes.io/ingress.class |
Default: flow-ingress |
web.ingress.annotations.nginx.ingress. kubernetes.io/affinity |
Default: cookie |
web.ingress.annotations.nginx.ingress. kubernetes.io/proxy-body-size |
Default: 10GB |
web.ingress.annotations.nginx.ingress. kubernetes.io/secure-backends |
Default: false |
web.ingress.annotations.nginx.ingress. kubernetes.io/session-cookie-hash |
Default: sha1 |
web.ingress.annotations.nginx.ingress. kubernetes.io/session-cookie-name |
Default: route |
web.ingress.cert.crt web.ingress.cert.key |
Certificates for WEB ingress. Normally should be set when This section is just an example that ingress can be configured with certs for TLS. Default: null |
web.ingress.enabled |
Default: true |
web.ingress.host |
Default: fbapp.ecsaas.xyz |
web.replicas |
Default: 1 |
web.resources.limits.cpu |
Default: 1 |
web.resources.limits.memory |
Default: 512Mi |
web.resources.requests.cpu |
Default: 0.25 |
web.resources.requests.memory |
Default: 256Mi |
web.service.type |
Default: ClusterIP |
Zookeeper values
Key | Description/Default |
---|---|
zookeeper.enabled |
Default: true |
zookeeper.fullnameOverride |
Default: zookeeper |
zookeeper.podLabels.mode |
Default: private |
zookeeper.podLabels.ownerApp |
Default: cloudbees-flow |
zookeeper.podLabels.role |
Default: cluster-coordinator |
zookeeper.replicaCount |
Default: 3 |
zookeeper.resources.limits.cpu |
Default: 250m |
zookeeper.resources.limits.memory |
Default: 1Gi |
zookeeper.resources.requests.cpu |
Default: 250m |
zookeeper.resources.requests.memory |
Default: 512Mi |
cloudbees-flow-agent chart configuration values
The following tables list common configurable parameters of the cloudbees-flow-agent
chart and their default values. Refer to the chart’s values.yaml
for the exhaustive list of options. For current default values, refer to cloudbees-cd-agent-defaults.yaml
, found here.
Key | Description/Default |
---|---|
ecconfigure |
String to pass to Default: --agentInitMemoryMB=16 --agentMaxMemoryMB=64 |
CloudBees CD/RO credential values
CloudBees CD/RO server credentials to use in order to register with agent as a resource on the CloudBees CD/RO server. The admin
user is used by default. You may user a different user if desired. The user must have modify
permissions on CloudBees CD/RO server resources
.
Key | Description/Default |
---|---|
flowCredentials.existingSecret |
Default: null. Use for the Existing Secret Name of the secret containing the Flow user credentials to use. The data field must contain base64 encoded value for keys 'CBF_SERVER_USER' and 'CBF_SERVER_PASSWORD'. |
flowCredentials.password |
Default: changeme |
flowCredentials.user |
Default: admin |
Image values
Key | Description/Default |
---|---|
images.imageRepository |
Default: cbflow-agent |
images.pullPolicy |
Default: IfNotPresent |
images.registry |
Default: 547883162893.dkr.ecr.us-east-1.amazonaws.com |
images.tag |
The Helm chart image tag corresponding to a specific CloudBees CD/RO agent artifact. Example: Default: tag associated with latest agent artifact, as listed in |
Resource values
Key | Description/Default |
---|---|
resources.limits.cpu |
Default: 1 |
resources.limits.memory |
Default: 1024Mi |
resources.requests.cpu |
Default: 0.25 |
resources.requests.memory |
Default: 512Mi |
Agent storage values
Key | Description/Default |
---|---|
storage.volumes.agentWorkspace.accessMode |
Default: ReadWriteOnce |
storage.volumes.agentWorkspace.storageClass |
Use with any non platform-default or custom storage class. Default: null |
storage.volumes.agentWorkspace.name |
Default: flow-agent-workspace |
storage.volumes.agentWorkspace.storage |
Default: 5Gi |
storage.volumes.agentWorkspace.existingClaim |
Whether to use the existing claim for a previously deployed agent to share its workspace. Set to |
storage.volumes.boundAgentStorage.enabled |
Use to enable the ability to create and mount a persistent volume claim for bound agents. Optional. Set to Default: false |
Miscellaneous agent values
Key | Description/Default |
---|---|
additionalContainers |
To add additional containers for sidecar injector, uncomment the name, image, and command in your values file.
|
logLevel |
Master loglevel for com.electriccloud package Default: DEBUG |
replicas |
Default: 1 |
resourceName |
CloudBees CD/RO resource name that agents of this deployment are assigned to. Refer to Agent resource name templates for more options. Default: hostname |
resourcePools |
List of resource pools with which agents try to register upon coming up and registering with server. Default: null |
resourceType |
Type of resource to create on the remote CloudBees CD/RO server. This argument is relevant only when the CloudBees CD/RO server is using a mixed-mode license (concurrent resources and registered hosts). Valid options for this value are Default: null |
serverEndpoint |
Default: null |
trustedAgent |
Set to `true ` to configure the agent as a trusted agent, restricting the agent to one CloudBees CD/RO server deployment. Default: false |
workspaceName |
The default workspace (must exist in CloudBees CD/RO server instance) for the resources created in the CloudBees CD/RO server for the agent(s). Default: null |
zoneName |
The zone (must exist in CloudBees CD/RO server instance) for the resources created in the CloudBees CD/RO server for the agent(s). Default: null |
Agent resource name templates
Generally, you set the name for the agent resource with the value agent.resourceName
, but this only works when the agent deployment has only one replica. If there are multiple replicas, then each of them tries to register itself using the same resource name. As a result, only one replica from the entire deployment will be registered as a resource.
The resource name defaults to hostname
, but other template values are available to fully qualify the resource:
-
Ordinary Helm template values. For example:
{{ .Release.Name }}
,{{ .Release.Namespace }}
, and so on. -
In addition, two special template values are allowed :
-
{{ hostname }}
–the actual resource hostname -
{{ ordinalIndex }}
–the serial replica index in the StatefulSet
-
For example:
resourceName: "myResource - {{ .Release.Name }} - {{ ordinalIndex }}"
Very large Helm deployments
A very large Helm deployment of CloudBees CD/RO is:
-
~ 100K jobs per day
-
~ 2000 running pipelines per day
-
~ 5M job steps per day
Active customers and partners can refer to the CloudBees CD/RO Level 2: Helm for Very Large Kubernetes Deployments training course for details.
The following tables summarize the changes to the default Helm chart for very large deployments:
CloudBees CD/RO server values
Name | Value |
---|---|
server.replicas |
4 |
server.ecconfigure |
"--serverInitMemory=70 --serverMaxMemory=85" |
server.resources.limits.cpu |
16 |
server.resources.limits.memory |
128Gi |
server.resources.requests.cpu |
4 |
server.resources.requests.memory |
16Gi |
CloudBees CD/RO web server values
Name | Value |
---|---|
web.replicas |
2 |
Repository values
Name | Value |
---|---|
repository.resources.requests.memory |
768Mi |
CloudBees Analytics server values
Name | Value |
---|---|
dois.replicas |
3 |
dois.esMinMasterNodes |
2 |
dois.esRam |
8192 |
dois.lsMaxRam |
2048 |
dois.resources.limits.cpu |
4 |
dois.resources.limits.memory |
16Gi |
dois.resources.requests.cpu |
4 |
dois.resources.requests.memory |
16Gi |