Helm Values Reference

global.siteId

Unique identifier for the site

""

Yes

global.onPrem

Default is false. Indicates if the installation is air-gapped. When true, the control-agent manages network traffic as if the manager is within an internal network.

false

Yes

global.monitorSideCarTLSEnabled

Enables TLS for the monitor sidecar. By default, it uses HTTPS. If set to false, telemetry data (logs and metrics) is sent over HTTP.

true

Yes

global.authCreds.siteSpaceName

Site space name for authentication

"site_***"

Yes

global.authCreds.siteSpacePassword

Site space password

"********"

Yes

global.authCreds.authClientID

Authentication client ID

"********"

Yes

global.authCreds.authDomainUrl

Authentication domain URL

"https://p01-auth.observo.ai/oauth/token"

Yes

global.authCreds.authProviderType

Type of auth provider (AUTH0/KEYCLOAK)

"AUTH0"

Yes

global.authCreds.keycloakRealm

It will be empty if the auth provider is Auth0. If auth provider is Keycloak, then it will be the realm of that Keycloak instance. For example, for keycloak instance hosted on observo.ai, the realm is master.

""

Yes - if using KEYCLOAK

global.pushSource.loadBalancerEnabled

When set to false, the Helm chart will deploy a ClusterIP type service for the user's data plane. If true, it will create a LoadBalancer service that provides an access point outside of the cluster.

true

Yes

global.pushSource.loadBalancerHealthCheck

Health check interval for the load balancer. This is relevant only if global.pushSource.loadBalancerEnabled is set to true.

10

No

global.pushSource.cloudProviderType

Cloud provider type (AWS/AZURE/GCP/SELF-MANAGED/AIR-GAPPED).

"AWS"

No

global.pushSource.loadBalancerScheme

Load balancer scheme. Relevant only if global.pushSource.loadBalancerEnabled is set to true. Values can be "internet-facing" or "internal"

"internal"

No

global.pushSource.loadBalancerTargetNodeLabels

Target node labels for load balancer

""

No

global.pushSource.customAnnotations

Additional annotations for the load balancer service

{}

No

global.dataplaneIngress.enabled

Enable ingress for the dataplane. If true, the dataplane will be accessible via an ingress controller.

false

No

global.dataplaneIngress.className

Ingress controller class

"nginx"

No

global.dataplaneIngress.annotations

Ingress annotations

{}

No

global.dataplaneIngress.hosts

Set the list of host servers for dataplane.

[]

No

global.dataplaneIngress.tls

TLS configuration for the ingress. If the ingress is not enabled, then this has no effect.

[]

No

global.cert.customCertSecretName

Name of custom certificate secret for observo site. If not provided, observo site deployment will not create self-signed certificate. customCertSecretName should already be created before deploying the helm chart and it should contain 1) ca.crt 2) tls.key 3) tls.crt values inside secret

""

No

global.gatewayEndpoint

Observo manager's gateway endpoint. This is a grpc endpoint.

"p01-api.observo.ai:443"

Yes

global.logsDestination

Observo telemetry receiver’s log endpoint

"https://p01-logs.observo.ai:443"

Yes

global.metricsDestination

Observo telemetry receiver’s metrics endpoint.

"https://p01-metrics.observo.ai:443"

Yes

global.persistence.enabled

This setting activates lookup functionalities such as lookup, dynamic lookup, and geo-IP lookup. When enabled, both the data-plane and control-agent will attempt to mount storage specified in the global.persistence.storageClassName section.

false

Yes

global.persistence.storageClassName

Storage class name

"ob-nfs"

Yes- if global.persistence.enabled is set to true

global.persistence.accessMode

Storage access mode. This Volume is mounted to multiple pods. So it should be set to ReadWriteMany or something similar.

"ReadWriteMany"

Yes- if global.persistence.enabled is set to true

global.persistence.size

Storage size for the Persistent Volume

"2Gi"

Yes- if global.persistence.enabled is set to true

global.affinity

Pod affinity settings. Refer to examples below for more details.

{}

No

global.tolerations

Pod tolerations. Refer to examples below for more details.

[]

No

global.nodeSelector

Node selector settings. Refer to examples below for more details.

{}

No

data-plane.enabled

Activates the data plane component.

true

No

data-plane.nameOverride

Customizes the name of the component.

"data-plane"

No

data-plane.autoscaling.enabled

Turns on autoscaling, which deploys a horizontal pod autoscaler for the data-plane.

true

No

data-plane.autoscaling.minReplicas

Sets the minimum number of replicas for the data-plane deployment.

1

No

data-plane.autoscaling.maxReplicas

Sets the maximum number of replicas for the data-plane deployment.

5

No

data-plane.autoscaling.cpu.targetCPUUtilizationPercentage

Specifies the desired average CPU usage across all pods. If usage exceeds this percentage, more pods are added; if below, pods are reduced.

5

No

data-plane.autoscaling.memory.targetMemoryUtilizationPercentage

Specifies the desired average memory usage for the data-plane deployment.

5

No

data-plane.resources.requests.cpu

Defines the CPU resources requested for data-plane pods.

"1500m"

No

data-plane.resources.requests.memory

Defines the memory resources requested for data-plane pods.

"3.5Gi"

No

data-plane.resources.limits.cpu

Sets the maximum CPU resources allowed for data-plane pods.

"2000m"

No

data-plane.resources.limits.memory

Sets the maximum memory resources allowed for data-plane pods.

"4Gi"

No

data-plane.serviceAccount.annotations

Provides annotations for the service account.

{}

No

control-agent.enabled

Activates the control agent

true

No

control-agent.nameOverride

Customizes the name of the control agent deployment

"control-agent"

No

control-agent.gatewayTLS.enabled

Toggles TLS for communication with the manager gateway endpoint. TLS is typically enabled by default, but can be disabled for air-gapped deployments.

true

Yes

pattern-extractor.enabled

Enable pattern extractor

true

No

pattern-extractor.nameOverride

Override pattern-extractor deployment name

"pattern-extractor"

No

pattern-extractor.resources.requests.cpu

CPU request of Pattern Extractor Pods

"200m"

No

pattern-extractor.resources.requests.memory

Memory request of Pattern Extractor Pods

"384Mi"

No

telemetry-collector.enabled

Enable telemetry collector

true

No

telemetry-collector.fullnameOverride

Override component name

"telemetry-collector"

No

telemetry-collector.agent.resources.requests.cpu

CPU request

"100m"

No

telemetry-collector.agent.resources.requests.memory

Memory request

"256Mi"

No

cert-manager.enabled

Enable cert-manager

false

No

cert-manager.fullnameOverride

Override cert-manager name

"cert-manager"

No

metrics-server.enabled

Enable metrics server

false

No

metrics-server.fullnameOverride

Override metrics server name

"metrics-server"

No

global.customVolumes

Custom volume definitions. See examples below for more details.

[]

No

global.customVolumeMounts

Custom volume mount definitions. See examples below for more details.

[]

No