Values.yml

Goals

Learn the possibilities when defining values
Know the different sections of the values.yaml

The values.yml file will hold the configuration used by the Magnolia Helm Chart.

Ingress

`annotations:`
`nginx.ingress.kubernetes.io/proxy-body-size`	configures the maximum request body size.

ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/proxy-body-size: 512m
    cert-manager.io/cluster-issuer: "letsencrypt-prod"

Sticky session

The load balancer remains linked to a specific node
Needed when the project has transactions or required data in the session

`nginx.ingress.kubernetes.io/session-cookie-max-age:`	Number in seconds you want the cookie to persist
`nginx.ingress.kubernetes.io/configuration-snippet: \| more_set_headers "X-Robots-Tag: noindex, nofollow";`	Only use the `configuration-snippet` exactly as instructed

ingress:
  annotations:
    nginx.ingress.kubernetes.io/affinity: "cookie" 
    nginx.ingress.kubernetes.io/affinity-mode: "persistent" 
    nginx.ingress.kubernetes.io/session-cookie-name: "COOKIE_NAME" 
    nginx.ingress.kubernetes.io/session-cookie-max-age: 10 
    nginx.ingress.kubernetes.io/configuration-snippet: | more_set_headers "X-Robots-Tag: noindex, nofollow";

Whitelisting

Add individual IP addresses.
Add IPv4 or IPv6 range address
Separate the IP addresses or ranges by commas (,)

nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.1.1/32, 10.0.0.0/16"

Host

`hosts:`	host rules for routing traffic to different application contexts
`host: {{ .Env.DEPLOYMENT }}.<realm>.magnolia-platform.com`	address to which traffic is directed
`tls:`	Transport Layer Security (TLS) is configured to encrypt communication

  #
  # run author and public in different contexts and use the same domain name
  # only one of these hosts/tls sections may be active
  #
  hosts:
    - host: {{ .Env.DEPLOYMENT }}.<realm>.magnolia-platform.com  
      paths:
        - path: /
          instance: public
        - path: /author
          instance: author
  tls:
  - hosts:
    - {{ .Env.DEPLOYMENT }}.<realm>.magnolia-platform.com  
    secretName: {{ .Env.DEPLOYMENT }}-<realm>-magnolia-platform-com

Run author and public in ROOT context and use different domain names

  hosts:
  - host: {{ .Env.DEPLOYMENT }}.author.training.magnolia-platform.com
    paths:
    - path: /
      instance: author
  - host: {{ .Env.DEPLOYMENT }}.frontend-author.training.magnolia-platform.com
    paths:
    - path: /
      instance: frontend-author
  - host: {{ .Env.DEPLOYMENT }}.public.training.magnolia-platform.com
    paths:
    - path: /
      instance: public
  - host: {{ .Env.DEPLOYMENT }}.frontend-public.training.magnolia-platform.com
    paths:
    - path: /
      instance: frontend-public
  tls:
  - hosts:
    - {{ .Env.DEPLOYMENT }}.author.training.magnolia-platform.com
    - {{ .Env.DEPLOYMENT }}.public.training.magnolia-platform.com
    - {{ .Env.DEPLOYMENT }}.frontend-author.training.magnolia-platform.com
    - {{ .Env.DEPLOYMENT }}.frontend-public.training.magnolia-platform.com
    secretName: {{ .Env.DEPLOYMENT }}-training-magnolia-platform-com

Image

Specify how container images are handled
Specify what secrets are used to authenticate the downloading of images
Specify when images should be re-downloaded

image:
  pullSecrets:
    - name: gitlab
  pullPolicy: Always

MagnoliaInstance (magnoliaAuthor - magnoliaPublic)

It will be necessary to create one definition for Author and one for Public instances
'replicas' define How many public instances to deploy.
You can set values such as:
- Memory
- Storage
- resource limits

magnolia<Instance>:
enabled: true replicas: 1 # only in public instances restartPolicy: Always
redeploy: true
bootstrap:
password: superuser!

contextPath: /<instance> base_url: https://{{ .Env.DEPLOYMENT }}.training.magnolia-platform.com/ sameSiteCookies: strict
webarchive:
repository: {{ .Env.CI_REGISTRY_IMAGE }}/magnolia-webapp
tag: {{ .Env.GIT_TAG | quote }}
activation:
useExistingSecret: True
secret:
name: activation-key
key: activation-secret
env:
- name: instance
value: "<instance>"
- name: deployment
value: {{ .Env.DEPLOYMENT }}
- name: magnolia.superuser.enabled
value: "true"
- name: magnolia.superuser.password
value: "superuser!"
- name: magnolia.bootstrap.license.owner
value: "[replace with email]"
- name: magnolia.bootstrap.license.key
value: "[replace with key]"
setenv:
memory:
maxPercentage: 80
resources:
requests:
memory: 4Gi
limits:
memory: 4Gi
livenessProbe:
enabled: true
path: "/.rest/status"

db:
persistence:
size: "10Gi"
contentsync:
enabled: true
restore:
enabled: false

Backup

S3 backup

Configuration needed to set up and enable S3 Backup
You need to define
- Region
- Endpoint
- Access key
- Secret key

# Backup to S3
magnolia<instance>:
  db:
    backup:
      enabled: true
      env: 
        - name: MGNLBACKUP_S3_ENDPOINT
          value: "s3.eu-central-1.amazonaws.com"
        - name: MGNLBACKUP_S3_REGION
          value: "eu-central-1"
        - name: MGNLBACKUP_S3_ACCESSKEY
          valueFrom:
            secretKeyRef:
              name: s3-backup-key
              key: accesskey
        - name: MGNLBACKUP_S3_SECRETKEY
          valueFrom:
            secretKeyRef:
              name: s3-backup-key
              key: secretkey
        - name: MGNLBACKUP_TAGS_RELEASE
          value: {{ .Env.DEPLOYMENT }}

Azure backup

Configuration needed to set up and enable Azure Backup
You need to define
- Account name
- Account key

# Backup to Azure storage
magnolia<instance>:
  db:
    backup:
      enabled: true
      env:    
        - name: MGNLBACKUP_AZ_ACCOUNT_NAME
          valueFrom:
            secretKeyRef:
              name: az-backup-key
              key: AccountName
        - name: MGNLBACKUP_AZ_ACCOUNT_KEY
          valueFrom:
            secretKeyRef:
              name: az-backup-key
              key: AccountKey

To see the complete list of available properties you can view it at: HELM VALUES

Page tree