Configuration values

7 minute readReference

Helm provides several ways to set value fields. The CloudBees CD/RO server and agent Helm charts provide CloudBees’s default values. Helm stores these values in the chart’s cloudbees-cd-defaults.yaml file. A copy of the default values can be found in the cloudbees-example public GitHub repo.

You can override these fields as follows:

  • On the Helm install command line using the --set parameter.

  • In a local myvalues.yaml file.

CloudBees recommends using a local values file for your installation to keep all of your CloudBees CD/RO environment settings.

cloudbees-flow chart configuration values

The following table lists common configurable parameters of the cloudbees-flow chart and their default values.

KeyDescription/Default

Volume permissions values

volumePermissions.enabled

Enable/disable volume permissions for the attached PVC of CloudBees CD/RO components.

Default: true

Bound agent values

boundAgent.ecconfigure

String is interpreted as if passed to ecconfigure utility within the container

Default: --agentInitMemoryMB=256 --agentMaxMemoryMB=256

boundAgent.imageName

Default: cbflow-agent

boundAgent.logLevel

Default: DEBUG

boundAgent.replicas

Default: 1

boundAgent.resources.limits.cpu

Default: 0.25

boundAgent.resources.limits.memory

Default: 1024Mi

boundAgent.resources.requests.cpu

Default: 0.25

boundAgent.resources.requests.memory

Default: 512Mi

boundAgent.volumesPermissions.enabled

Enable/disable volume permissions for the bound agent. Use to override the volumespermissions.enabled chart-level setting.

Default: true

Database values

database.clusterEndpoint

Use this option if your database is residing in the same Kubernetes cluster as Flow. Notation is db-service.namespace If deploying into the same namespace, .namespace component can be omitted.

Default: null

database.externalEndpoint

Database endpoint, database or schema , principal that has full read/write access on that schema

Default: null

database.dbName

Default: null

database.dbPassword

Default: null

database.dbPort

Default: null

database.dbType

The database type with which CloudBees CD/RO persistence works. One of:

mysql —MYSQL

mariadb —MariaDB

sqlserver —MS SQLServer

oracle —Oracle

Default: null

database.dbUser

Default: null

database.existingSecret

Use this option if you have or are planning to deploy the credential’s secret yourself. The layout has to be the same as that of server-secrets.yaml::dbSecret

Default: null

demoMode

Default: false

CloudBees Analytics server values

dois.credentials.adminPassword dois.credentials.existingSecret

Credentials for administrative access to Elasticsearch data. It sets a password for the admin ` user with the corresponding rights. If the password is an empty string, then user `admin is not created and administrative access is not granted.

Default: null

dois.enabled

Flag that dictates whether this workload and its accompanying services are to be installed

Default: true

dois.esClusterName

Elasticsearch cluster name

Default: null

dois.esMinMasterNodes

Minimum number of master-eliGile nodes that must be visible in order to form an Elasticsearch cluster.

Default: 1

dois.esNumberOfShards

The number of primary shards that an index must have.

Default: null

dois.esRam

Elasticsearch heap size in MB.

Default: 2048

dois.expose

Expose DevOps Insght as externally available services ingress needs to ports 9200 and 9500 to be open to the outer world.

Default: true

dois.imageName

Default: cbflow-dois

dois.lsInitRam

Default: 512

dois.lsMaxRam

Default: 1024

dois.replicas

Number of Elasticsearch nodes

Default: 1

dois.resources.limits.cpu

Default: 1

dois.resources.limits.memory

Default: 3.5Gi

dois.resources.requests.cpu

Default: 0.1

dois.resources.requests.memory

Default: 3.5Gi

dois.serverEndpoint

CloudBees CD/RO server endpoint. If installing in different namespace than server server name has to be stated in form service-name.namespace . Default: flow-server

dois.serviceEndpoint

The DevOps Insigt server service endpoint to be configured on the remote CloudBees CD/RO server. It is assumed the remote CloudBees CD/RO server is located in the same Kubernetes cluster.

Default: flow-devopsinsight.{{ .Release.Namespace }}

dois.volumesPermissions.enabled

Enable/disable volume permissions for the {SDA ANALYTICS} server. Use to override the volumespermissions.enabled chart-level setting.

Default: true

CloudBees CD/RO credential values

flowCredentials.adminPassword

Default: changeme

flowCredentials.existingSecret

Either specify the secret where the admin user password is stored under the CBF_SERVER_ADMIN_PASS key, recommended for production, or specify the adminPassword .

Default: null

CloudBees CD/RO server license values (optional)

flowLicense.existingSecret

Default: null

flowLicense.licenseData

Default: null

Images values

images.pullPolicy

Default: IfNotPresent

images.repository

Default: 547883162893.dkr.ecr.us-east-1.amazonaws.com

images.tag

The Helm chart image tag corresponding to a specific CloudBees CD/RO artifact.

Example: 10.0.1.143076_2.0.12_20200729

Default: tag associated with latest CloudBees CD/RO artifact, as listed in cloudbees-cd-defaults.yaml found here.

Network isolation values

networkIsolation.allowFromCidr

The CIDR allowed to make connection to all exposed CloudBees CD/RO endpoints.

Default: 0.0.0.0/0

Nginx-ingress values

nginx-ingress.controller.ingressClass

Default: flow-ingress

nginx-ingress.controller.publishService.enabled

Default: true

nginx-ingress.controller.scope.enabled

Default: true

nginx-ingress.enabled

Default: true

nginx-ingress.tcp.61613

Default: {{ .Release.Namespace }}/flow-server:61613

nginx-ingress.tcp.8200

Default: {{ .Release.Namespace }}/flow-repository:8200

nginx-ingress.tcp.8443

Default: {{ .Release.Namespace }}/flow-server:8443

nginx-ingress.tcp.9200

Default: {{ .Release.Namespace }}/flow-devopsinsight:9200

nginx-ingress.tcp.9500

Default: {{ .Release.Namespace }}/flow-devopsinsight:9500

Repository values

repository.ecconfigure

String to pass to `ecconfigure ` utility.

Default: --repositoryInitMemoryMB=256 --repositoryMaxMemoryMB=512

repository.enabled

Flag that dictates whether this workload and its accompanying services are to be installed

Default: true

repository.expose

Expose repository as an externally available service that ingress needs to port port 8200.

Default: true

repository.externalService.enabled

Expose flow-respoitory:8200 endpoint for platforms like OpenShift where Ingress isn’t supported or doesn’t support exposing non-web, TCP ports. Use with server.externalService.enabled. See How external clients access CloudBees CD/RO components inside an OpenShift cluster for more details.

Default: false

repository.imageName

Default: cbflow-repository

repository.logLevel

Default: DEBUG

repository.replicas

Default: 1

repository.resources.limits.cpu

Default: 0.25

repository.resources.limits.memory

Default: 1024Mi

repository.resources.requests.cpu

Default: 0.25

repository.resources.requests.memory

Default: 512Mi

repository.volumesPermissions.enabled

Enable/disable volume permissions for the repository. Use to override the volumespermissions.enabled chart-level setting.

Default: true

repository.zoneName

The zone, assigned to the repository instance, created in the CloudBees CD/RO server to represent this repository instance. The zone must exist in CloudBees CD/RO server instance.

Default: null

CloudBees CD/RO server values

server.ecconfigure

String to pass to `ecconfigure ` utility.

Default: --serverInitMemoryMB=4096 --serverMaxMemoryMB=4096

server.enabled

Flag that dictates whether the web workload and its accompanying services are to be installed.

Default: true

server.expose

As CloudBees CD/RO requires repository to be exposed as externally available services, ingress needs to ports 8443 and 61613 to be open to the outer world.

Default: true

server.externalService.enabled

Expose flow-server:8443 endpoint for platforms like OpenShift where Ingress isn’t supported or doesn’t support exposing non-web, TCP ports. Use with repository.externalService.enabled. See How external clients access CloudBees CD/RO components inside an OpenShift cluster for more details.

Default: false

server.imageName

Default: cbflow-server

server.logLevel

Master loglevel for com.electriccloud package

Default: INFO

server.replicas

Default: 1

server.resources.limits.cpu

Default: 4

server.resources.limits.memory

Default: 6Gi

server.resources.requests.cpu

Default: 1.5

server.resources.requests.memory

Default: 6Gi

server.volumesPermissions.enabled

Enable/disable volume permissions for the CloudBees CD/RO server. Use to override the volumespermissions.enabled chart-level setting.

Default: true

server.zk.host

Default: zookeeper

server.zk.port

Default: 2181

Server storage values

storage.volumes.doisStorage.accessMode

Default: ReadWriteOnce

storage.volumes.doisStorage.name

Default: elasticsearch-data

storage.volumes.doisStorage.storage

Default: 10Gi

storage.volumes.repositoryStorage.accessMode

Default: ReadWriteOnce

storage.volumes.repositoryStorage.name

Default: flow-repo-artifacts

storage.volumes.repositoryStorage.storage

Default: 20Gi

storage.volumes.repositoryStorage.storageClass

Specify non-platform-default or custom storage class.

Default: null

storage.volumes.serverPlugins.accessMode

Default: ReadWriteMany

storage.volumes.serverPlugins.name

Default: flow-server-shared

storage.volumes.serverPlugins.storage

Default: 5Gi

storage.volumes.serverPlugins.storageClass

Storage class for plugins directory. Currently it has to be shared across all server and web replicas. Has to be ReadWriteMany accessible.

Default: null

CloudBees CD/RO web server values

web.ecconfigure

String to pass to `ecconfigure ` utility.

web.enabled

Flag that dictates whether the web workload and its accompanying services are to be installed.

Default: true

web.imageName

Default: cbflow-web

web.ingress.annotations. kubernetes.io/ingress.class

Default: flow-ingress

web.ingress.annotations.nginx.ingress. kubernetes.io/affinity

Default: cookie

web.ingress.annotations.nginx.ingress. kubernetes.io/proxy-body-size

Default: 10GB

web.ingress.annotations.nginx.ingress. kubernetes.io/secure-backends

Default: false

web.ingress.annotations.nginx.ingress. kubernetes.io/session-cookie-hash

Default: sha1

web.ingress.annotations.nginx.ingress. kubernetes.io/session-cookie-name

Default: route

web.ingress.cert.crt web.ingress.cert.key

Certificates for WEB ingress. Normally should be set when helm install ` executes using: `--set-file web.ingress.cert.key=path/to/key ` `--set-file web.ingress.cert.crt=path/to/crt

This section is just an example that ingress can be configured with certs for TLS.

Default: null

web.ingress.enabled

Default: true

web.ingress.host

Default: fbapp.ecsaas.xyz

web.replicas

Default: 1

web.resources.limits.cpu

Default: 1

web.resources.limits.memory

Default: 512Mi

web.resources.requests.cpu

Default: 0.25

web.resources.requests.memory

Default: 256Mi

web.service.type

Default: ClusterIP

Zookeeper values

zookeeper.enabled

Default: true

zookeeper.fullnameOverride

Default: zookeeper

zookeeper.podLabels.mode

Default: private

zookeeper.podLabels.ownerApp

Default: cloudbees-flow

zookeeper.podLabels.role

Default: cluster-coordinator

zookeeper.replicaCount

Default: 3

zookeeper.resources.limits.cpu

Default: 250m

zookeeper.resources.limits.memory

Default: 1Gi

zookeeper.resources.requests.cpu

Default: 250m

zookeeper.resources.requests.memory

Default: 512Mi

cloudbees-flow-agent chart configuration values

The following table lists common configurable parameters of the cloudbees-flow-agent chart and their default values. See the chart’s values.yaml for the exhaustive list of options. For current default values see cloudbees-cd-agent-defaults.yaml, found here.

KeyDescription/Default

ecconfigure

String to pass to ecconfigure utility.

Default:

--agentInitMemoryMB=16 --agentMaxMemoryMB=64

CloudBees CD/RO credential values

CloudBees CD/RO server credentials to use in order to register with agent as a resource on the CloudBees CD/RO server. The admin user is used by default. You may user a different user if desired. The user must have modify permissions on CloudBees CD/RO server resources.

flowCredentials.existingSecret

Default: null

flowCredentials.password

Default: changeme

flowCredentials.user

Default: admin

Image values

images.imageRepository

Default: cbflow-agent

images.pullPolicy

Default: IfNotPresent

images.registry

Default: 547883162893.dkr.ecr.us-east-1.amazonaws.com

images.tag

The Helm chart image tag corresponding to a specific CloudBees CD/RO agent artifact.

Example: 10.0.1.143076_2.0.12_20200729

Default: tag associated with latest agent artifact, as listed in cloudbees-cd-agent-defaults.yaml found here.

Resource values

resources.limits.cpu

Default: 1

resources.limits.memory

Default: 1024Mi

resources.requests.cpu

Default: 0.25

resources.requests.memory

Default: 512Mi

Agent storage values

storage.volumes.agentWorkspace.accessMode

Default: ReadWriteOnce

storage.volumes.agentWorkspace.storageClass

Use with any non platform-default or custom storage class.

Default: null

storage.volumes.agentWorkspace.name

Default: flow-agent-workspace

storage.volumes.agentWorkspace.storage

Default: 5Gi

storage.volumes.agentWorkspace.existingClaim

Whether to use the existing claim for a previously deployed agent to share its workspace.

Set to true to share the existing claim for storage.volumes.agentWorkspace.name.

storage.volumes.boundAgentStorage.enabled

Use to enable the ability to create and mount a persistent volume claim for bound agents. Optional.

Set to true to enable a persistent volume claim for bound agents.

Default: false

Miscellaneous agent values

logLevel

Master loglevel for com.electriccloud package

Default: DEBUG

replicas

Default: 1

resourceName

CloudBees CD/RO resource name that agents of this deployment are assigned to. See Agent resource name templates for more options.

Default: hostname

resourcePools

List of resource pools with which agents try to register upon coming up and registering with server.

Default: null

resourceType

Type of resource to create on the remote CloudBees CD/RO server. This argument is relevant only when the CloudBees CD/RO server is using a mixed-mode license (concurrent resources and registered hosts). Valid options for this value are concurrent or registered.

Default: null

serverEndpoint

Default: null

trustedAgent

Set to `true ` to configure the agent as a trusted agent, restricting the agent to one CloudBees CD/RO server deployment.

Default: false

workspaceName

The default workspace (must exist in CloudBees CD/RO server instance) for the resources created in the CloudBees CD/RO server for the agent(s).

Default: null

zoneName

The zone (must exist in CloudBees CD/RO server instance) for the resources created in the CloudBees CD/RO server for the agent(s).

Default: null

Agent resource name templates

Generally, you set the name for the agent resource with the value agent.resourceName , but this only works when the agent deployment has only one replica. If there are multiple replicas, then each of them tries to register itself using the same resource name. As a result, only one replica from the entire deployment will be registered as a resource.

The resource name defaults to hostname , but other template values are available to fully qualify the resource:

  • Ordinary Helm template values. For example: {{ .Release.Name }} , {{ .Release.Namespace }} , and so on.

  • In addition, two special template values are allowed :

    • {{ hostname }} –the actual resource hostname

    • {{ ordinalIndex }} –the serial replica index in the StatefulSet

For example:

resourceName: "myResource - {{ .Release.Name }} - {{ ordinalIndex }}"

Very large Helm deployments

Per Support platforms for CloudBees CD/RO on Kubernetes, a very large Helm deployment of CloudBees CD/RO is:

  • ~ 100K jobs per day

  • ~ 2000 running pipelines per day

  • ~ 5M job steps per day

Active customers and partners can refer to the CloudBees CD/RO Level 2: Helm for Very Large Kubernetes Deployments training course for details.

The following table summarizes the changes to the default Helm chart for very large deployments:

Table 1. Very large deployments
NameValue

CloudBees CD/RO server values

server.replicas

4

server.ecconfigure

"--serverInitMemory=70 --serverMaxMemory=85"

server.resources.limits.cpu

16

server.resources.limits.memory

128Gi

server.resources.requests.cpu

4

server.resources.requests.memory

16Gi

CloudBees CD/RO web server values

web.replicas

2

Repository values

repository.resources.requests.memory

768Mi

CloudBees Analytics server values

dois.replicas

3

dois.esMinMasterNodes

2

dois.esRam

8192

dois.lsMaxRam

2048

dois.resources.limits.cpu

4

dois.resources.limits.memory

16Gi

dois.resources.requests.cpu

4

dois.resources.requests.memory

16Gi

CloudBees CD/RO agent values

replicas

2