This is an automated email from the ASF dual-hosted git repository. wusheng pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/skywalking-kubernetes.git
The following commit(s) were added to refs/heads/master by this push:
new 7d3837e default rbac for oap (#111)
7d3837e is described below
commit 7d3837e48bcd4c4c59edb5dd580f53c8a98ae1fd
Author: innerpeacez <[email protected]>
AuthorDate: Thu Mar 9 19:27:57 2023 +0800
default rbac for oap (#111)
---
chart/skywalking/README.md | 271 ++++++++++-----------
chart/skywalking/templates/_helpers.tpl | 6 +-
chart/skywalking/templates/oap-clusterrole.yaml | 4 +-
.../templates/oap-clusterrolebinding.yaml | 2 +-
chart/skywalking/templates/oap-role.yaml | 2 +-
chart/skywalking/templates/oap-rolebinding.yaml | 2 +-
chart/skywalking/templates/oap-serviceaccount.yaml | 2 +
chart/skywalking/values.yaml | 7 +-
test/e2e/e2e.yaml | 1 -
9 files changed, 150 insertions(+), 147 deletions(-)
diff --git a/chart/skywalking/README.md b/chart/skywalking/README.md
index 2f4b245..757ccf8 100644
--- a/chart/skywalking/README.md
+++ b/chart/skywalking/README.md
@@ -38,137 +38,137 @@ The command removes all the Kubernetes components
associated with the chart and
The following table lists the configurable parameters of the Skywalking chart
and their default values.
-| Parameter | Description
| Default
|
-|-------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------|
-| `nameOverride` | Override name
| `nil`
|
-| `serviceAccounts.oap` | Name of the OAP service account
to use or create
| `nil`
|
-| `imagePullSecrets` | Image pull secrets
| `[]`
|
-| `oap.name` | OAP deployment name
| `oap`
|
-| `oap.dynamicConfig.enabled` | Enable oap dynamic configuration
through k8s configmap
| `false`
|
-| `oap.dynamicConfig.period` | Sync period in seconds
| `60`
|
-| `oap.dynamicConfig.config` | Oap dynamic configuration
[documentation](https://github.com/apache/skywalking/blob/master/docs/en/setup/backend/dynamic-config.md)
| `{}`
|
-| `oap.image.repository` | OAP container image name
|
`skywalking.docker.scarf.sh/apache/skywalking-oap-server`
|
-| `oap.image.tag` | OAP container image tag
| `6.1.0`
|
-| `oap.image.pullPolicy` | OAP container image pull policy
| `IfNotPresent`
|
-| `oap.ports.grpc` | OAP grpc port for tracing or
metric
| `11800`
|
-| `oap.ports.rest` | OAP http port for Web UI
| `12800`
|
-| `oap.replicas` | OAP k8s deployment replicas
| `2`
|
-| `oap.service.type` | OAP svc type
| `ClusterIP`
|
-| `oap.javaOpts` | Parameters to be added to
`JAVA_OPTS`environment variable for OAP
| `-Xms2g -Xmx2g`
|
-| `oap.antiAffinity` | OAP anti-affinity policy
| `soft`
|
-| `oap.nodeAffinity` | OAP node affinity policy
| `{}`
|
-| `oap.nodeSelector` | OAP labels for master pod
assignment
| `{}`
|
-| `oap.tolerations` | OAP tolerations
| `[]`
|
-| `oap.resources` | OAP node resources requests &
limits
| `{} - cpu limit must be an
integer`
|
-| `oap.startupProbe` | Configuration fields for the
[startupProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
| `tcpSocket.port: 12800` <br> `failureThreshold: 9` <br>
`periodSeconds: 10`
-| `oap.livenessProbe` | Configuration fields for the
[livenessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
| `tcpSocket.port: 12800` <br> `initialDelaySeconds: 5` <br>
`periodSeconds: 10`
-| `oap.readinessProbe` | Configuration fields for the
[readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
| `tcpSocket.port: 12800` <br> `initialDelaySeconds: 5` <br>
`periodSeconds: 10`
-| `oap.envoy.als.enabled` | Open envoy als
| `false`
|
-| `oap.env` | OAP environment variables
| `[]`
|
-| `oap.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
-| `ui.name` | Web UI deployment name
| `ui`
|
-| `ui.replicas` | Web UI k8s deployment replicas
| `1`
|
-| `ui.image.repository` | Web UI container image name
|
`skywalking.docker.scarf.sh/apache/skywalking-ui`
|
-| `ui.image.tag` | Web UI container image tag
| `6.1.0`
|
-| `ui.image.pullPolicy` | Web UI container image pull
policy
| `IfNotPresent`
|
-| `ui.nodeAffinity` | Web UI node affinity policy
| `{}`
|
-| `ui.nodeSelector` | Web UI labels for pod assignment
| `{}`
|
-| `ui.tolerations` | Web UI tolerations
| `[]`
|
-| `ui.ingress.enabled` | Create Ingress for Web UI
| `false`
|
-| `ui.ingress.annotations` | Associate annotations to the
Ingress
| `{}`
|
-| `ui.ingress.path` | Associate path with the Ingress
| `/`
|
-| `ui.ingress.hosts` | Associate hosts with the Ingress
| `[]`
|
-| `ui.ingress.tls` | Associate TLS with the Ingress
| `[]`
|
-| `ui.service.type` | Web UI svc type
| `ClusterIP`
|
-| `ui.service.externalPort` | external port for the service
| `80`
|
-| `ui.service.internalPort` | internal port for the service
| `8080`
|
-| `ui.service.externalIPs` | external IP addresses
| `nil`
|
-| `ui.service.loadBalancerIP` | Load Balancer IP address
| `nil`
|
-| `ui.service.annotations` | Kubernetes service annotations
| `{}`
|
-| `ui.service.loadBalancerSourceRanges` | Limit load balancer source IPs
to list of CIDRs (where available))
| `[]`
|
-| `ui.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
-| `oapInit.nodeAffinity` | OAP init job node affinity
policy
| `{}`
|
-| `oapInit.nodeSelector` | OAP init job labels for master
pod assignment
| `{}`
|
-| `oapInit.tolerations` | OAP init job tolerations
| `[]`
|
-| `elasticsearch.enabled` | Spin up a new elasticsearch
cluster for SkyWalking
| `true`
|
-| `elasticsearch.clusterName` | This will be used as the
Elasticsearch
[cluster.name](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster.name.html)
and should be unique per cluster in the namespace
| `elasticsearch`
|
-| `elasticsearch.nodeGroup` | This is the name that will be
used for each group of nodes in the cluster. The name will be
`clusterName-nodeGroup-X`
| `master`
|
-| `elasticsearch.masterService` | Optional. The service name used
to connect to the masters. You only need to set this if your master `nodeGroup`
is set to something other than `master`. See [Clustering and Node
Discovery](#clustering-and-node-discovery) for more information.
| ``
|
-| `elasticsearch.roles` | A hash map with the [specific
roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html)
for the node group
| `master: true`<br>`data:
true`<br>`ingest: true`
|
-| `elasticsearch.replicas` | Kubernetes replica count for the
statefulset (i.e. how many pods)
| `3`
|
-| `elasticsearch.minimumMasterNodes` | The value for
[discovery.zen.minimum_master_nodes](https://www.elastic.co/guide/en/elasticsearch/reference/6.7/discovery-settings.html#minimum_master_nodes).
Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch
versions >= 7.
| `2`
|
-| `elasticsearch.esMajorVersion` | Used to set major version
specific configuration. If you are using a custom image and not running the
default Elasticsearch version you will need to set this to the version you are
running (e.g. `esMajorVersion: 6`)
| `""`
|
-| `elasticsearch.esConfig` | Allows you to add any config
files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and
`log4j2.properties`. See [values.yaml](./values.yaml) for an example of the
formatting.
| `{}`
|
-| `elasticsearch.extraEnvs` | Extra [environment
variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config)
which will be appended to the `env:` definition for the container
| `[]`
|
-| `elasticsearch.extraVolumes` | Templatable string of additional
volumes to be passed to the `tpl` function
| `""`
|
-| `elasticsearch.extraVolumeMounts` | Templatable string of additional
volumeMounts to be passed to the `tpl` function
| `""`
|
-| `elasticsearch.extraInitContainers` | Templatable string of additional
init containers to be passed to the `tpl` function
| `""`
|
-| `elasticsearch.secretMounts` | Allows you easily mount a secret
as a file inside the statefulset. Useful for mounting certificates and other
secrets. See [values.yaml](./values.yaml) for an example
| `[]`
|
-| `elasticsearch.image` | The Elasticsearch docker image
|
`docker.elastic.co/elasticsearch/elasticsearch`
|
-| `elasticsearch.imageTag` | The Elasticsearch docker image
tag
| `7.5.1`
|
-| `elasticsearch.imagePullPolicy` | The Kubernetes
[imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images)
value
| `IfNotPresent`
|
-| `elasticsearch.podAnnotations` | Configurable
[annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
applied to all Elasticsearch pods
| `{}`
|
-| `elasticsearch.labels` | Configurable
[label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/)
applied to all Elasticsearch pods
| `{}`
|
-| `elasticsearch.esJavaOpts` | [Java
options](https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html)
for Elasticsearch. This is where you should configure the [jvm heap
size](https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html)
| `-Xmx1g
-Xms1g`
|
-| `elasticsearch.resources` | Allows you to set the
[resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/)
for the statefulset
| `requests.cpu: 100m`<br>`requests.memory:
2Gi`<br>`limits.cpu: 1000m`<br>`limits.memory: 2Gi` |
-| `elasticsearch.initResources` | Allows you to set the
[resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/)
for the initContainer in the statefulset
| {}
|
-| `elasticsearch.sidecarResources` | Allows you to set the
[resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/)
for the sidecar containers in the statefulset
| {}
|
-| `elasticsearch.networkHost` | Value for the [network.host
Elasticsearch
setting](https://www.elastic.co/guide/en/elasticsearch/reference/current/network.host.html)
| `0.0.0.0`
|
-| `elasticsearch.volumeClaimTemplate` | Configuration for the
[volumeClaimTemplate for
statefulsets](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage).
You will want to adjust the storage (default `30Gi`) and the
`storageClassName` if you are using a different storage class
| `accessModes: [ "ReadWriteOnce"
]`<br>`resources.requests.storage: 30Gi`
|
-| `elasticsearch.persistence.annotations` | Additional persistence
annotations for the `volumeClaimTemplate`
| `{}`
|
-| `elasticsearch.persistence.enabled` | Enables a persistent volume for
Elasticsearch data. Can be disabled for nodes that only have
[roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html)
which don't require persistent data.
| `true`
|
-| `elasticsearch.priorityClassName` | The [name of the
PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass).
No default is supplied as the PriorityClass must be created first.
| `""`
|
-| `elasticsearch.antiAffinityTopologyKey` | The [anti-affinity topology
key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
By default this will prevent multiple Elasticsearch nodes from running on the
same Kubernetes node
| `kubernetes.io/hostname`
|
-| `elasticsearch.antiAffinity` | Setting this to hard enforces
the [anti-affinity
rules](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
If it is set to soft it will be done "best effort". Other values will be
ignored.
| `hard`
|
-| `elasticsearch.nodeAffinity` | Value for the [node affinity
settings](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature)
| `{}`
|
-| `elasticsearch.podManagementPolicy` | By default Kubernetes [deploys
statefulsets
serially](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies).
This deploys them in parallel so that they can discover eachother
| `Parallel`
|
-| `elasticsearch.protocol` | The protocol that will be used
for the readinessProbe. Change this to `https` if you have
`xpack.security.http.ssl.enabled` set
| `http`
|
-| `elasticsearch.httpPort` | The http port that Kubernetes
will use for the healthchecks and the service. If you change this you will also
need to set
[http.port](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html#_settings)
in `extraEnvs`
| `9200`
|
-| `elasticsearch.transportPort` | The transport port that
Kubernetes will use for the service. If you change this you will also need to
set [transport port
configuration](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html#_transport_settings)
in `extraEnvs` | `9300`
|
-| `elasticsearch.service.labels` | Labels to be added to
non-headless service
| `{}`
|
-| `elasticsearch.service.labelsHeadless` | Labels to be added to headless
service
| `{}`
|
-| `elasticsearch.service.type` | Type of elasticsearch service.
[Service
Types](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types)
| `ClusterIP`
|
-| `elasticsearch.service.nodePort` | Custom
[nodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport)
port that can be set if you are using `service.type: nodePort`.
| ``
|
-| `elasticsearch.service.annotations` | Annotations that Kubernetes will
use for the service. This will configure load balancer if `service.type` is
`LoadBalancer`
[Annotations](https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws)
| `{}`
|
-| `elasticsearch.service.httpPortName` | The name of the http port within
the service
| `http`
|
-| `elasticsearch.service.transportPortName` | The name of the transport port
within the service
| `transport`
|
-| `elasticsearch.updateStrategy` | The
[updateStrategy](https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets)
for the statefulset. By default Kubernetes will wait for the cluster to be
green after upgrading each pod. Setting this to `OnDelete` will allow you to
manually delete each pod during upgrades | `RollingUpdate`
|
-| `elasticsearch.maxUnavailable` | The
[maxUnavailable](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget)
value for the pod disruption budget. By default this will prevent Kubernetes
from having more than 1 unhealthy pod in the node group
| `1`
|
-| `elasticsearch.fsGroup (DEPRECATED)` | The Group ID (GID) for
[securityContext.fsGroup](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)
so that the Elasticsearch user can read from the persistent volume
| ``
|
-| `elasticsearch.podSecurityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
-| `elasticsearch.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container)
for the container
| `capabilities.drop:[ALL]`<br>`runAsNonRoot: true`<br>`runAsUser: 1000`
|
-| `elasticsearch.terminationGracePeriod` | The
[terminationGracePeriod](https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods)
in seconds used when trying to stop the pod
| `120`
|
-| `elasticsearch.sysctlInitContainer.enabled` | Allows you to disable the
sysctlInitContainer if you are setting vm.max_map_count with another method
| `true`
|
-| `elasticsearch.sysctlVmMaxMapCount` | Sets the [sysctl
vm.max_map_count](https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html#vm-max-map-count)
needed for Elasticsearch
| `262144`
|
-| `elasticsearch.readinessProbe` | Configuration fields for the
[readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/)
| `failureThreshold: 3`<br>`initialDelaySeconds:
10`<br>`periodSeconds: 10`<br>`successThreshold: 3`<br>`timeoutSeconds: 5` |
-| `elasticsearch.clusterHealthCheckParams` | The [Elasticsearch cluster
health status
params](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params)
that will be used by readinessProbe command
| `wait_for_status=green&timeout=1s`
|
-| `elasticsearch.imagePullSecrets` | Configuration for
[imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret)
so that you can use a private registry for your image
|
`[]`
|
-| `elasticsearch.nodeSelector` | Configurable
[nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector)
so that you can target specific nodes for your Elasticsearch cluster
| `{}`
|
-| `elasticsearch.tolerations` | Configurable
[tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)
| `[]`
|
-| `elasticsearch.ingress` | Configurable
[ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to
expose the Elasticsearch service. See [`values.yaml`](./values.yaml) for an
example
| `enabled:
false`
|
-| `elasticsearch.schedulerName` | Name of the [alternate
scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods)
| `nil`
|
-| `elasticsearch.masterTerminationFix` | A workaround needed for
Elasticsearch < 7.2 to prevent master status being lost during restarts
[#63](https://github.com/elastic/helm-charts/issues/63)
| `false`
|
-| `elasticsearch.lifecycle` | Allows you to add lifecycle
configuration. See [values.yaml](./values.yaml) for an example of the
formatting.
| `{}`
|
-| `elasticsearch.keystore` | Allows you map Kubernetes
secrets into the keystore. See the [config
example](/elasticsearch/examples/config/values.yaml) and [how to use the
keystore](#how-to-use-the-keystore)
| `[]`
|
-| `elasticsearch.rbac` | Configuration for creating a
role, role binding and service account as part of this helm chart with `create:
true`. Also can be used to reference an external service account with
`serviceAccountName: "externalServiceAccountName"`.
| `create:
false`<br>`serviceAccountName: ""`
|
-| `elasticsearch.podSecurityPolicy` | Configuration for create a pod
security policy with minimal permissions to run this Helm chart with `create:
true`. Also can be used to reference an external pod security policy with
`name: "externalPodSecurityPolicy"`
| `create: false`<br>`name:
""`
|
-| `satellite.name` | Satellite deployment name
| `satellite`
|
-| `satellite.replicas` | Satellite k8s deployment
replicas
| `1`
|
-| `satellite.enabled` | Is enable Satellite
| `false`
|
-| `satellite.image.repository` | Satellite container image name
|
`skywalking.docker.scarf.sh/apache/skywalking-satellite`
|
-| `satellite.image.tag` | Satellite container image tag
| `v0.4.0`
|
-| `satellite.image.pullPolicy` | Satellite container image pull
policy
| `IfNotPresent`
|
-| `satellite.antiAffinity` | Satellite anti-affinity policy
| `soft`
|
-| `satellite.nodeAffinity` | Satellite node affinity policy
| `{}`
|
-| `satellite.nodeSelector` | Satellite labels for pod
assignment
| `{}`
|
-| `satellite.tolerations` | Satellite tolerations
| `[]`
|
-| `satellite.service.type` | Satellite svc type
| `ClusterIP`
|
-| `satellite.ports.grpc` | Satellite grpc port for tracing,
metrics, logs, events
| `11800`
|
-| `satellite.ports.prometheus` | Satellite http port for
Prometheus monitoring
| `1234`
|
-| `satellite.resources` | Satellite node resources
requests & limits
| `{} - cpu limit must be an
integer`
|
-| `satellite.podAnnotations` | Configurable
[annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
applied to all Satellite pods
| `{}`
|
-| `satellite.env` | Satellite environment variables
| `[]`
|
-| `satellite.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
+| Parameter | Description
| Default
|
+|---------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------|
+| `nameOverride` | Override name
| `nil`
|
+| `serviceAccounts.oap.create` | Create of the OAP service
account
| `true`
|
+| `serviceAccounts.oap.name` | Name of the OAP service
account to use custom service account when `serviceAccounts.oap.create` is set
to false
| ``
|
+| `imagePullSecrets` | Image pull secrets
| `[]`
|
+| `oap.name` | OAP deployment name
| `oap`
|
+| `oap.dynamicConfig.enabled` | Enable oap dynamic
configuration through k8s configmap
| `false`
|
+| `oap.dynamicConfig.period` | Sync period in seconds
| `60`
|
+| `oap.dynamicConfig.config` | Oap dynamic configuration
[documentation](https://github.com/apache/skywalking/blob/master/docs/en/setup/backend/dynamic-config.md)
| `{}`
|
+| `oap.image.repository` | OAP container image name
|
`skywalking.docker.scarf.sh/apache/skywalking-oap-server`
|
+| `oap.image.tag` | OAP container image tag
| `6.1.0`
|
+| `oap.image.pullPolicy` | OAP container image pull
policy
| `IfNotPresent`
|
+| `oap.ports.grpc` | OAP grpc port for tracing or
metric
| `11800`
|
+| `oap.ports.rest` | OAP http port for Web UI
| `12800`
|
+| `oap.replicas` | OAP k8s deployment replicas
| `2`
|
+| `oap.service.type` | OAP svc type
| `ClusterIP`
|
+| `oap.javaOpts` | Parameters to be added to
`JAVA_OPTS`environment variable for OAP
| `-Xms2g -Xmx2g`
|
+| `oap.antiAffinity` | OAP anti-affinity policy
| `soft`
|
+| `oap.nodeAffinity` | OAP node affinity policy
| `{}`
|
+| `oap.nodeSelector` | OAP labels for master pod
assignment
| `{}`
|
+| `oap.tolerations` | OAP tolerations
| `[]`
|
+| `oap.resources` | OAP node resources requests &
limits
| `{} - cpu limit must be an
integer`
|
+| `oap.startupProbe` | Configuration fields for the
[startupProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
| `tcpSocket.port: 12800` <br> `failureThreshold: 9` <br>
`periodSeconds: 10`
+| `oap.livenessProbe` | Configuration fields for the
[livenessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
| `tcpSocket.port: 12800` <br> `initialDelaySeconds: 5` <br>
`periodSeconds: 10`
+| `oap.readinessProbe` | Configuration fields for the
[readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
| `tcpSocket.port: 12800` <br> `initialDelaySeconds: 5` <br>
`periodSeconds: 10`
+| `oap.env` | OAP environment variables
| `[]`
|
+| `oap.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
+| `ui.name` | Web UI deployment name
| `ui`
|
+| `ui.replicas` | Web UI k8s deployment replicas
| `1`
|
+| `ui.image.repository` | Web UI container image name
|
`skywalking.docker.scarf.sh/apache/skywalking-ui`
|
+| `ui.image.tag` | Web UI container image tag
| `6.1.0`
|
+| `ui.image.pullPolicy` | Web UI container image pull
policy
| `IfNotPresent`
|
+| `ui.nodeAffinity` | Web UI node affinity policy
| `{}`
|
+| `ui.nodeSelector` | Web UI labels for pod
assignment
| `{}`
|
+| `ui.tolerations` | Web UI tolerations
| `[]`
|
+| `ui.ingress.enabled` | Create Ingress for Web UI
| `false`
|
+| `ui.ingress.annotations` | Associate annotations to the
Ingress
| `{}`
|
+| `ui.ingress.path` | Associate path with the
Ingress
| `/`
|
+| `ui.ingress.hosts` | Associate hosts with the
Ingress
| `[]`
|
+| `ui.ingress.tls` | Associate TLS with the Ingress
| `[]`
|
+| `ui.service.type` | Web UI svc type
| `ClusterIP`
|
+| `ui.service.externalPort` | external port for the service
| `80`
|
+| `ui.service.internalPort` | internal port for the service
| `8080`
|
+| `ui.service.externalIPs` | external IP addresses
| `nil`
|
+| `ui.service.loadBalancerIP` | Load Balancer IP address
| `nil`
|
+| `ui.service.annotations` | Kubernetes service annotations
| `{}`
|
+| `ui.service.loadBalancerSourceRanges` | Limit load balancer source IPs
to list of CIDRs (where available))
| `[]`
|
+| `ui.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
+| `oapInit.nodeAffinity` | OAP init job node affinity
policy
| `{}`
|
+| `oapInit.nodeSelector` | OAP init job labels for master
pod assignment
| `{}`
|
+| `oapInit.tolerations` | OAP init job tolerations
| `[]`
|
+| `elasticsearch.enabled` | Spin up a new elasticsearch
cluster for SkyWalking
| `true`
|
+| `elasticsearch.clusterName` | This will be used as the
Elasticsearch
[cluster.name](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster.name.html)
and should be unique per cluster in the namespace
| `elasticsearch`
|
+| `elasticsearch.nodeGroup` | This is the name that will be
used for each group of nodes in the cluster. The name will be
`clusterName-nodeGroup-X`
| `master`
|
+| `elasticsearch.masterService` | Optional. The service name
used to connect to the masters. You only need to set this if your master
`nodeGroup` is set to something other than `master`. See [Clustering and Node
Discovery](#clustering-and-node-discovery) for more information.
| ``
|
+| `elasticsearch.roles` | A hash map with the [specific
roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html)
for the node group
| `master: true`<br>`data:
true`<br>`ingest: true`
|
+| `elasticsearch.replicas` | Kubernetes replica count for
the statefulset (i.e. how many pods)
| `3`
|
+| `elasticsearch.minimumMasterNodes` | The value for
[discovery.zen.minimum_master_nodes](https://www.elastic.co/guide/en/elasticsearch/reference/6.7/discovery-settings.html#minimum_master_nodes).
Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch
versions >= 7.
| `2`
|
+| `elasticsearch.esMajorVersion` | Used to set major version
specific configuration. If you are using a custom image and not running the
default Elasticsearch version you will need to set this to the version you are
running (e.g. `esMajorVersion: 6`)
| `""`
|
+| `elasticsearch.esConfig` | Allows you to add any config
files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and
`log4j2.properties`. See [values.yaml](./values.yaml) for an example of the
formatting.
| `{}`
|
+| `elasticsearch.extraEnvs` | Extra [environment
variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config)
which will be appended to the `env:` definition for the container
| `[]`
|
+| `elasticsearch.extraVolumes` | Templatable string of
additional volumes to be passed to the `tpl` function
| `""`
|
+| `elasticsearch.extraVolumeMounts` | Templatable string of
additional volumeMounts to be passed to the `tpl` function
| `""`
|
+| `elasticsearch.extraInitContainers` | Templatable string of
additional init containers to be passed to the `tpl` function
| `""`
|
+| `elasticsearch.secretMounts` | Allows you easily mount a
secret as a file inside the statefulset. Useful for mounting certificates and
other secrets. See [values.yaml](./values.yaml) for an example
| `[]`
|
+| `elasticsearch.image` | The Elasticsearch docker image
|
`docker.elastic.co/elasticsearch/elasticsearch`
|
+| `elasticsearch.imageTag` | The Elasticsearch docker image
tag
| `7.5.1`
|
+| `elasticsearch.imagePullPolicy` | The Kubernetes
[imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images)
value
| `IfNotPresent`
|
+| `elasticsearch.podAnnotations` | Configurable
[annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
applied to all Elasticsearch pods
| `{}`
|
+| `elasticsearch.labels` | Configurable
[label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/)
applied to all Elasticsearch pods
| `{}`
|
+| `elasticsearch.esJavaOpts` | [Java
options](https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html)
for Elasticsearch. This is where you should configure the [jvm heap
size](https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html)
| `-Xmx1g
-Xms1g`
|
+| `elasticsearch.resources` | Allows you to set the
[resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/)
for the statefulset
| `requests.cpu: 100m`<br>`requests.memory:
2Gi`<br>`limits.cpu: 1000m`<br>`limits.memory: 2Gi` |
+| `elasticsearch.initResources` | Allows you to set the
[resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/)
for the initContainer in the statefulset
| {}
|
+| `elasticsearch.sidecarResources` | Allows you to set the
[resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/)
for the sidecar containers in the statefulset
| {}
|
+| `elasticsearch.networkHost` | Value for the [network.host
Elasticsearch
setting](https://www.elastic.co/guide/en/elasticsearch/reference/current/network.host.html)
| `0.0.0.0`
|
+| `elasticsearch.volumeClaimTemplate` | Configuration for the
[volumeClaimTemplate for
statefulsets](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage).
You will want to adjust the storage (default `30Gi`) and the
`storageClassName` if you are using a different storage class
| `accessModes: [ "ReadWriteOnce"
]`<br>`resources.requests.storage: 30Gi`
|
+| `elasticsearch.persistence.annotations` | Additional persistence
annotations for the `volumeClaimTemplate`
| `{}`
|
+| `elasticsearch.persistence.enabled` | Enables a persistent volume
for Elasticsearch data. Can be disabled for nodes that only have
[roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html)
which don't require persistent data.
| `true`
|
+| `elasticsearch.priorityClassName` | The [name of the
PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass).
No default is supplied as the PriorityClass must be created first.
| `""`
|
+| `elasticsearch.antiAffinityTopologyKey` | The [anti-affinity topology
key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
By default this will prevent multiple Elasticsearch nodes from running on the
same Kubernetes node
| `kubernetes.io/hostname`
|
+| `elasticsearch.antiAffinity` | Setting this to hard enforces
the [anti-affinity
rules](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
If it is set to soft it will be done "best effort". Other values will be
ignored.
| `hard`
|
+| `elasticsearch.nodeAffinity` | Value for the [node affinity
settings](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature)
| `{}`
|
+| `elasticsearch.podManagementPolicy` | By default Kubernetes [deploys
statefulsets
serially](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies).
This deploys them in parallel so that they can discover eachother
| `Parallel`
|
+| `elasticsearch.protocol` | The protocol that will be used
for the readinessProbe. Change this to `https` if you have
`xpack.security.http.ssl.enabled` set
| `http`
|
+| `elasticsearch.httpPort` | The http port that Kubernetes
will use for the healthchecks and the service. If you change this you will also
need to set
[http.port](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html#_settings)
in `extraEnvs`
| `9200`
|
+| `elasticsearch.transportPort` | The transport port that
Kubernetes will use for the service. If you change this you will also need to
set [transport port
configuration](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html#_transport_settings)
in `extraEnvs` | `9300`
|
+| `elasticsearch.service.labels` | Labels to be added to
non-headless service
| `{}`
|
+| `elasticsearch.service.labelsHeadless` | Labels to be added to headless
service
| `{}`
|
+| `elasticsearch.service.type` | Type of elasticsearch service.
[Service
Types](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types)
| `ClusterIP`
|
+| `elasticsearch.service.nodePort` | Custom
[nodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport)
port that can be set if you are using `service.type: nodePort`.
| ``
|
+| `elasticsearch.service.annotations` | Annotations that Kubernetes
will use for the service. This will configure load balancer if `service.type`
is `LoadBalancer`
[Annotations](https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws)
| `{}`
|
+| `elasticsearch.service.httpPortName` | The name of the http port
within the service
| `http`
|
+| `elasticsearch.service.transportPortName` | The name of the transport port
within the service
| `transport`
|
+| `elasticsearch.updateStrategy` | The
[updateStrategy](https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets)
for the statefulset. By default Kubernetes will wait for the cluster to be
green after upgrading each pod. Setting this to `OnDelete` will allow you to
manually delete each pod during upgrades | `RollingUpdate`
|
+| `elasticsearch.maxUnavailable` | The
[maxUnavailable](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget)
value for the pod disruption budget. By default this will prevent Kubernetes
from having more than 1 unhealthy pod in the node group
| `1`
|
+| `elasticsearch.fsGroup (DEPRECATED)` | The Group ID (GID) for
[securityContext.fsGroup](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)
so that the Elasticsearch user can read from the persistent volume
| ``
|
+| `elasticsearch.podSecurityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
+| `elasticsearch.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container)
for the container
| `capabilities.drop:[ALL]`<br>`runAsNonRoot: true`<br>`runAsUser: 1000`
|
+| `elasticsearch.terminationGracePeriod` | The
[terminationGracePeriod](https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods)
in seconds used when trying to stop the pod
| `120`
|
+| `elasticsearch.sysctlInitContainer.enabled` | Allows you to disable the
sysctlInitContainer if you are setting vm.max_map_count with another method
| `true`
|
+| `elasticsearch.sysctlVmMaxMapCount` | Sets the [sysctl
vm.max_map_count](https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html#vm-max-map-count)
needed for Elasticsearch
| `262144`
|
+| `elasticsearch.readinessProbe` | Configuration fields for the
[readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/)
| `failureThreshold: 3`<br>`initialDelaySeconds:
10`<br>`periodSeconds: 10`<br>`successThreshold: 3`<br>`timeoutSeconds: 5` |
+| `elasticsearch.clusterHealthCheckParams` | The [Elasticsearch cluster
health status
params](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params)
that will be used by readinessProbe command
| `wait_for_status=green&timeout=1s`
|
+| `elasticsearch.imagePullSecrets` | Configuration for
[imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret)
so that you can use a private registry for your image
|
`[]`
|
+| `elasticsearch.nodeSelector` | Configurable
[nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector)
so that you can target specific nodes for your Elasticsearch cluster
| `{}`
|
+| `elasticsearch.tolerations` | Configurable
[tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)
| `[]`
|
+| `elasticsearch.ingress` | Configurable
[ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to
expose the Elasticsearch service. See [`values.yaml`](./values.yaml) for an
example
| `enabled:
false`
|
+| `elasticsearch.schedulerName` | Name of the [alternate
scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods)
| `nil`
|
+| `elasticsearch.masterTerminationFix` | A workaround needed for
Elasticsearch < 7.2 to prevent master status being lost during restarts
[#63](https://github.com/elastic/helm-charts/issues/63)
| `false`
|
+| `elasticsearch.lifecycle` | Allows you to add lifecycle
configuration. See [values.yaml](./values.yaml) for an example of the
formatting.
| `{}`
|
+| `elasticsearch.keystore` | Allows you map Kubernetes
secrets into the keystore. See the [config
example](/elasticsearch/examples/config/values.yaml) and [how to use the
keystore](#how-to-use-the-keystore)
| `[]`
|
+| `elasticsearch.rbac` | Configuration for creating a
role, role binding and service account as part of this helm chart with `create:
true`. Also can be used to reference an external service account with
`serviceAccountName: "externalServiceAccountName"`.
| `create:
false`<br>`serviceAccountName: ""`
|
+| `elasticsearch.podSecurityPolicy` | Configuration for create a pod
security policy with minimal permissions to run this Helm chart with `create:
true`. Also can be used to reference an external pod security policy with
`name: "externalPodSecurityPolicy"`
| `create: false`<br>`name:
""`
|
+| `satellite.name` | Satellite deployment name
| `satellite`
|
+| `satellite.replicas` | Satellite k8s deployment
replicas
| `1`
|
+| `satellite.enabled` | Is enable Satellite
| `false`
|
+| `satellite.image.repository` | Satellite container image name
|
`skywalking.docker.scarf.sh/apache/skywalking-satellite`
|
+| `satellite.image.tag` | Satellite container image tag
| `v0.4.0`
|
+| `satellite.image.pullPolicy` | Satellite container image pull
policy
| `IfNotPresent`
|
+| `satellite.antiAffinity` | Satellite anti-affinity policy
| `soft`
|
+| `satellite.nodeAffinity` | Satellite node affinity policy
| `{}`
|
+| `satellite.nodeSelector` | Satellite labels for pod
assignment
| `{}`
|
+| `satellite.tolerations` | Satellite tolerations
| `[]`
|
+| `satellite.service.type` | Satellite svc type
| `ClusterIP`
|
+| `satellite.ports.grpc` | Satellite grpc port for
tracing, metrics, logs, events
| `11800`
|
+| `satellite.ports.prometheus` | Satellite http port for
Prometheus monitoring
| `1234`
|
+| `satellite.resources` | Satellite node resources
requests & limits
| `{} - cpu limit must be an
integer`
|
+| `satellite.podAnnotations` | Configurable
[annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
applied to all Satellite pods
| `{}`
|
+| `satellite.env` | Satellite environment
variables
| `[]`
|
+| `satellite.securityContext` | Allows you to set the
[securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
for the pod
| `fsGroup: 1000`<br>`runAsUser: 1000`
|
Specify each parameter using the `--set key=value[,key=value]` argument to
`helm install`. For example,
@@ -225,13 +225,12 @@ ui:
Envoy ALS(access log service) provides fully logs about RPC routed, including
HTTP and TCP.
-If you want to open envoy ALS, you can do this by modifying values.yaml.
+If you want to open envoy ALS, you can do this by modifying values.yaml.
default open.
```yaml
-oap:
- envoy:
- als:
- enabled: true
+serviceAccounts:
+ oap:
+ create: true
```
When envoy als ,will give ServiceAccount clusterrole permission.
diff --git a/chart/skywalking/templates/_helpers.tpl
b/chart/skywalking/templates/_helpers.tpl
index a7b6ad9..7461915 100644
--- a/chart/skywalking/templates/_helpers.tpl
+++ b/chart/skywalking/templates/_helpers.tpl
@@ -75,7 +75,11 @@ We truncate at 63 chars because some Kubernetes name fields
are limited to this
Create the name of the service account to use for the oap cluster
*/}}
{{- define "skywalking.serviceAccountName.oap" -}}
-{{ default (include "skywalking.oap.fullname" .) .Values.serviceAccounts.oap }}
+{{- if .Values.serviceAccounts.oap.create -}}
+ {{ default (include "skywalking.oap.fullname" .)
.Values.serviceAccounts.oap.name }}
+{{- else -}}
+ {{ default "default" .Values.serviceAccounts.oap.name }}
+{{- end -}}
{{- end -}}
{{/*
diff --git a/chart/skywalking/templates/oap-clusterrole.yaml
b/chart/skywalking/templates/oap-clusterrole.yaml
index d847f25..f38ef68 100644
--- a/chart/skywalking/templates/oap-clusterrole.yaml
+++ b/chart/skywalking/templates/oap-clusterrole.yaml
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if .Values.oap.envoy.als.enabled }}
+{{- if .Values.serviceAccounts.oap.create }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
@@ -30,4 +30,4 @@ rules:
- apiGroups: ["extensions"]
resources: ["deployments", "replicasets"]
verbs: ["get", "watch", "list"]
-{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/skywalking/templates/oap-clusterrolebinding.yaml
b/chart/skywalking/templates/oap-clusterrolebinding.yaml
index 3c4b1f4..c8d80c8 100644
--- a/chart/skywalking/templates/oap-clusterrolebinding.yaml
+++ b/chart/skywalking/templates/oap-clusterrolebinding.yaml
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if .Values.oap.envoy.als.enabled }}
+{{- if .Values.serviceAccounts.oap.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
diff --git a/chart/skywalking/templates/oap-role.yaml
b/chart/skywalking/templates/oap-role.yaml
index f51c2f9..1628a16 100644
--- a/chart/skywalking/templates/oap-role.yaml
+++ b/chart/skywalking/templates/oap-role.yaml
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if not .Values.oap.envoy.als.enabled }}
+{{- if .Values.serviceAccounts.oap.create }}
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
diff --git a/chart/skywalking/templates/oap-rolebinding.yaml
b/chart/skywalking/templates/oap-rolebinding.yaml
index 186dee3..c0d1606 100644
--- a/chart/skywalking/templates/oap-rolebinding.yaml
+++ b/chart/skywalking/templates/oap-rolebinding.yaml
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if not .Values.oap.envoy.als.enabled }}
+{{- if .Values.serviceAccounts.oap.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
diff --git a/chart/skywalking/templates/oap-serviceaccount.yaml
b/chart/skywalking/templates/oap-serviceaccount.yaml
index fd6c2c2..fd2034c 100644
--- a/chart/skywalking/templates/oap-serviceaccount.yaml
+++ b/chart/skywalking/templates/oap-serviceaccount.yaml
@@ -13,6 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+{{- if .Values.serviceAccounts.oap.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
@@ -23,3 +24,4 @@ metadata:
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "skywalking.serviceAccountName.oap" . }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/skywalking/values.yaml b/chart/skywalking/values.yaml
index f8e6485..eaa54d3 100644
--- a/chart/skywalking/values.yaml
+++ b/chart/skywalking/values.yaml
@@ -19,6 +19,9 @@
serviceAccounts:
oap:
+ # By default, create SkyWalking's ServiceAccount. If set to false, you
also need to change `serviceAccounts.oap.name` value to a custom ServiceAccount
name.
+ create: true
+ name: ""
imagePullSecrets: []
@@ -76,10 +79,6 @@ oap:
# runAsUser: 1000
# runAsGroup: 1000
# fsGroup: 1000
- envoy:
- als:
- enabled: false
- # more envoy ALS ,please refer to
https://github.com/apache/skywalking/blob/master/docs/en/setup/envoy/als_setting.md#observe-service-mesh-through-als
env:
# more env, please refer to
https://hub.docker.com/r/apache/skywalking-oap-server
# or
https://github.com/apache/skywalking-docker/blob/master/6/6.4/oap/README.md#sw_telemetry
diff --git a/test/e2e/e2e.yaml b/test/e2e/e2e.yaml
index c7d2ded..91fb678 100644
--- a/test/e2e/e2e.yaml
+++ b/test/e2e/e2e.yaml
@@ -50,7 +50,6 @@ setup:
--set
oap.env.SW_ENVOY_METRIC_ALS_HTTP_ANALYSIS=k8s-mesh \
--set oap.env.SW_ENVOY_METRIC_ALS_TCP_ANALYSIS=k8s-mesh
\
--set
oap.env.K8S_SERVICE_NAME_RULE='e2e::${service.metadata.name}' \
- --set oap.envoy.als.enabled=true \
--set oap.replicas=1 \
--set ui.image.repository=$UI_REPO \
--set ui.image.tag=$UI_TAG \
