Helm and terraform values
  • 11 Jan 2024
  • 4 Minutes to read
  • PDF

Helm and terraform values

  • PDF

Article Summary

The following tables summarize the different Helm and Terraform values and their description.

Administration

Helm Value

Terraform Variable

Default Value

Description

token

token

-

API token that is used to communicate with Traceable's SaaS platform.

environment

environment

-

The environment in which the platform agent is being installed. For example, production, development, and QA.

logLevel

logLevel

INFO

Defines the log level. Set it to DEBUG to enable debug logging.


Resources

Helm Value

Terraform Variable

Default Value

Description

resources.limits.cpu

resources.limits.cpu

1

Platform agent max CPU

resources.limits.memory

resources.limits.memory

2Gi

Platform agent max memory

resources.requests.cpu

resources.requests.cpu

200m

Platform agent requested CPU

resources.requests.memory

resources.requests.memory

400Mi

Platform agent requested memory

multipartMaxFileSize

multipart_max_file_size

2048

Limits the number of a file's first bytes that are captured for multipart/form-data content type


Autoscaling

Helm Value

Terraform Variable

Default Value

Description

autoscaling.minReplicas

autoscaling.min_replicas

1

Defines the minimum number of traceable-agent replicas.

autoscaling.maxReplicas

autoscaling.max_replicas

1

Defines the maximum number of traceable-agent replicas.

autoscaling.targetMemoryUtilization

autoscaling.target_memory_utilization

80

Target memory utilization.

autoscaling.targetCpuUtilization

autoscaling.target_cpu_utilization

80

Target CPU utilization.

autoscaling.enabled

autoscaling.enabled

true

Enable Kubernetes horizontal pod autoscaling.


Labels, security policy, and token

Helm Value

Terraform Variable

Default Value

Description

labels

labels

-

List of labels to add to the deployment.

podSecurityPoliciesEnabled

pod_security_policies_enabled

false

Set it to true to enable the use of pod security policies.

externalTokenSecret.name

external_token_secret.name

-

Configuring this field allows you to provide the secret before installation instead of specifying the token as a value. 

The name is the secret name.

tlsEnabled

tls_enabled

false

Set to true when end-to-end TLS is required for all ports. All traffic must be directed to tlsServerPort. The agent service will expose no other agent ports.

additionalCertAltNames

-


Additional certificate alternative names that are added to the auto-generated certificate.

externalTokenSecret.key

external_token_secret.key

-

key is the key name that contains the token value.

remoteCaBundle

remote_ca_bundle


Platform CA bundle, which is base64 encoded.

remoteCaCertSecret.secretName

remote_ca_cert_secret.secret_name


Platform CA as a secret in the same namespace, Traceable Platform agent deployment.

remoteCaCertSecret.caCertFileName

remote_ca_cert_secret.ca_cert_file_name


Platform CA key name within the secret.

remoteCaCertFile

remote_ca_cert_file


Platform CA as a file injected into the Traceable Platform agent container. Make sure that this is the absolute path to the file.

serviceType

service_type

ClusterIP

Defines the service type of the Platform agent. Supported values are:

  • ClusterIP

  • NodePort

  • LoadBalancer


Ingress

Helm Values

Terraform Variable

Default Value

Description

ingress.enabled

ingress.enabled

false

Enables an ingress controller for the platform agent when true

ingress.domain

ingress.domain

-

The domain name of the Ingress controller

ingress.http.annotations

ingress.http.annotations

-

Ingress controller annotations for the HTTP services

ingress.grpc.annotations

ingress.grpc.annotations

-

Ingress controller annotations for the GRPC services


Collector

Helm Value

Terraform Variable

Default Value

Description

collector.batch.timeout

collector.batch.timeout

200ms

The time duration after which a batch is sent to the Traceable platform regardless of size.

collector.batch.sendBatchSize

collector.batch.send_batch_size

8192

The number of spans after which a batch is sent to the Traceable platform, regardless of the timeout.

collector.batch.sendBatchMaxSize

collector.batch.send_batch_max_size

10000

Defines the upper limit of the batch size. 0 means no upper limit on the batch size. This property ensures that larger batches are split into smaller units. It must be greater or equal to send_batch_size

collector.receivers.opencensus.enabled

collector.receivers.opencensus.enabled

true

Set to true to enable OpenCensus receiver.

collector.receivers.zipkin.enabled

collector.receivers.zipkin.enabled

true

Set to true to enable Zipkin receiver.

collector.receivers.jaeger.enabled

collector.receivers.jaeger.enabled

true

Set to true to enable Jaeger receiver.

collector.receivers.otlp.enabled

collector.receivers.otlp.enabled

true

Set to true to enable OTLP receiver.

collector.exporters.otlp.compression

collector.exporters.otlp.compression

gzip

Compression format used to send data to the Traceable platform. An empty value denotes no compression.

collector.ports.opentelemetry

collector.ports.opentelemetry

4317

Configure the OTLP gRPC receiver port.

collector.ports.opentelemetryHttp

collector.ports.opentelemetry_http

4318

Configure the OTLP HTTP receiver port


Injector

Helm Value

Terraform Variable

Default Value

Description

injector.propagationFormats

injector.propagation_formats

[“TRACECONTEXT”]

List of propagation formats used by the injected sidecar proxy and Java agent. The supported values are TRACECONEXT and B3.

injector.captureContentType

injector.capture_content_Type

[“json“,

“grpc“,

“x-www-form-urlencoded”]

List of content types that the injected proxy captures. This is a substring match.

injector.proxy.inboundInterceptionMode

injector.proxy.inbound_interception_mode

REDIRECT

Defines the iptables interception mode. The supported values are REDIRECT and TPROXY.

injector.traceReporterType

injector.trace_reporter_type

OTLP

Use this to configure the trace reporting format from OTLP or ZIPKIN.

injectorEnabled

injector_enabled

true

Enables the mutatingwebhook injector service.


eBPF

Helm value

Terraform value

Default value

Description

ebpfCaptureEnabled

ebpf_capture_enabled

false

Enables the data capture mode using eBPF.

ebpfTraceReporterType

ebpf_trace_reporter_type

OTLP

Configure the trace reporter. Possible values are OTLP or ZIPKIN.

ebpfServiceNameLabels

ebpf_service_name_labels

[]

You can use this configuration to name services using Kubernetes labels assigned to the instrumented application.
Example:

ebpfServiceNameLabels: [app, service] If this configuration is added to the configmap, app and service labels are checked on the deployment of the instrumented app in the same order, and whichever is found first that is used to name the service. If the deployment has service: myservice as the label, myservice will be used as the service name.

ebpfEnableGoMemoryLimit

ebpf_enable_go_memory_limit

true

Sets the container memory limit for the eBPF tracer binary. Set the value to false to disable.

ebpfNodeAffinityMatchExpressions

ebpf_node_affinity_match_expressions

[]

Set node affinity for the eBPF pods.

Example:

ebpfNodeAffinityMatchExpressions:
  - matchExpressions:
    - key: "pool_type"
      operator: "In"
      values:
      - "frontgate"

In this example, daemonSet is scheduled on all nodes, which has a label with key pool_type and value frontgate. Any node that does not satisfy this criteria is ignored.

You can use the operator field to specify a logical operator for Kubernetes to use when interpreting the rules. You can use In, NotIn, Exists, DoesNotExist, Gt and Lt.

If you specify multiple expressions in a single matchExpressions field, then the Pod can be scheduled onto a node only if all the expressions are satisfied (expressions are ANDed).

If you specify multiple matchExpressions in ebpfNodeAffinityMatchExpressions then the Pod can be scheduled onto a node if one of the specified matchExpressions can be satisfied (matchExpressions are ORed).

Consider the following values.yaml:

ebpfNodeAffinityMatchExpressions:
  - matchExpressions:
      - key: "env"
        operator: "In"
        values:
          - "staging"
          - "preprod"
      - key: "pool_type"
        operator: "Exists"
  - matchExpressions:
      - key: "python_app"
        operator: "DoesNotExist"

In this example, daemonSet is scheduled on all nodes which satisfy the following rule:

(("env" IN ["staging", "preprod"]) 
AND ("pool_type" EXISTS)) 
OR ("python_app" DOES_NOT_EXIST)

Miscellaneous

Helm value

Terraform value

Default value

Description

allowedContentTypes

allowed_content_types

["json", "x-www-form-urlencoded"]

List of content types captured for Traceable Module Extension (TME) based agents.

tolerations

tolerations

-

Tolerations are configured on a pod to schedule it on nodes with the corresponding taints. For more information on Tolerations and taints, see Taints and Tolerations.

httpsProxy

https_proxy

-

Value of https_proxy environment variable to connect to an HTTPS proxy for traffic outgoing to the Traceable Platform.



Was this article helpful?