A Helm chart to deploy the New Relic metadata injection webhook.
Homepage: https://hub.docker.com/r/newrelic/k8s-metadata-injection
You can install this chart using nri-bundle
located in the
helm-charts repository or directly from this repository by adding this Helm repository:
helm repo add nri-metadata-injection https://newrelic.github.io/k8s-metadata-injection
helm upgrade --install nri-metadata-injection/nri-metadata-injection -f your-custom-values.yaml
- https://github.com/newrelic/k8s-metadata-injection
- https://github.com/newrelic/k8s-metadata-injection/tree/master/charts/nri-metadata-injection
This chart implements the New Relic's common Helm library which means that it honors a wide range of defaults and globals common to most New Relic Helm charts.
Options that can be defined globally include affinity
, nodeSelector
, tolerations
, proxy
and others. The full list can be found at
user's guide of the common library.
Key | Type | Default | Description |
---|---|---|---|
affinity | object | {} |
Sets pod/node affinities. Can be configured also with global.affinity |
certManager.enabled | bool | false |
Use cert manager for webhook certs |
certManager.rootCertificateDuration | string | "43800h" |
Sets the root certificate duration. Defaults to 43800h (5 years). |
certManager.webhookCertificateDuration | string | "8760h" |
Sets certificate duration. Defaults to 8760h (1 year). |
cluster | string | "" |
Name of the Kubernetes cluster monitored. Can be configured also with global.cluster |
containerSecurityContext | object | {} |
Sets security context (at container level). Can be configured also with global.containerSecurityContext |
customTLSCertificate | bool | false |
Use custom tls certificates for the webhook, or let the chart handle it automatically. Ref: https://docs.newrelic.com/docs/integrations/kubernetes-integration/link-your-applications/link-your-applications-kubernetes#configure-injection |
dnsConfig | object | {} |
Sets pod's dnsConfig. Can be configured also with global.dnsConfig |
fullnameOverride | string | "" |
Override the full name of the release |
hostNetwork | bool | false | Sets pod's hostNetwork. Can be configured also with global.hostNetwork |
image | object | See values.yaml |
Image for the New Relic Metadata Injector |
image.pullSecrets | list | [] |
The secrets that are needed to pull images from a custom registry. |
injectOnlyLabeledNamespaces | bool | false |
Enable the metadata decoration only for pods living in namespaces labeled with 'newrelic-metadata-injection=enabled'. |
jobImage | object | See values.yaml |
Image for creating the needed certificates of this webhook to work |
jobImage.pullSecrets | list | [] |
The secrets that are needed to pull images from a custom registry. |
jobImage.volumeMounts | list | [] |
Volume mounts to add to the job, you might want to mount tmp if Pod Security Policies Enforce a read-only root. |
jobImage.volumes | list | [] |
Volumes to add to the job container |
labels | object | {} |
Additional labels for chart objects. Can be configured also with global.labels |
nameOverride | string | "" |
Override the name of the chart |
nodeSelector | object | {} |
Sets pod's node selector. Can be configured also with global.nodeSelector |
podAnnotations | object | {} |
Annotations to be added to all pods created by the integration. |
podLabels | object | {} |
Additional labels for chart pods. Can be configured also with global.podLabels |
podSecurityContext | object | {} |
Sets security context (at pod level). Can be configured also with global.podSecurityContext |
priorityClassName | string | "" |
Sets pod's priorityClassName. Can be configured also with global.priorityClassName |
rbac.pspEnabled | bool | false |
Whether the chart should create Pod Security Policy objects. |
replicas | int | 1 |
|
resources | object | 100m/30M -/80M | Image for creating the needed certificates of this webhook to work |
timeoutSeconds | int | 28 |
Webhook timeout Ref: https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#timeouts |
tolerations | list | [] |
Sets pod's tolerations to node taints. Can be configured also with global.tolerations |