Update K8S to include an auto generator of values template

opencloud/values.yaml.template

@@ -0,0 +1,588 @@
+env: {{ .Release.Name }} # For storage class provisioning
+host: ${HOST:-exemple.com}  # For reverse proxy rule
+registryHost: ${REGISTRY_HOST:-registry.exemple.com} # For reverse proxy rule
+scheme: https # For reverse proxy rule
+
+mongo-express:
+  enabled: ${OC_MONGOEXPRESS_ENABLED:-true}
+  mongodbServer: "{{ .Release.Name }}-mongodb.{{ .Release.Namespace }}" # TO LOOK AFTER
+  mongodbPort: 27017
+  mongodbEnableAdmin: true
+  mongodbAdminUsername: ${OC_MONGO_ADMIN:-admin}
+  mongodbAdminPassword: ${OC_MONGO_PWD:-admin}
+  siteBaseUrl: /mongoexpress
+  basicAuthUsername: ${OC_MONGOEXPRESS_ADMIN:-admin}
+  basicAuthPassword: ${OC_MONGOEXPRESS_PWD:-admin}
+  mongodb:
+    enabled: false
+
+mongodb:
+  enabled: ${OC_MONGO_ENABLED:-true}
+  global:
+    defaultStorageClass: longhorn-nor1
+    storageClass: longhorn-nor1
+  architecture: standalone
+  useStatefulSet: false
+  auth:
+    enabled: true
+    rootUser: ${OC_MONGO_ADMIN:-admin}
+    rootPassword: ${OC_MONGO_PWD:-admin}
+    databases: [ ${OC_MONGO_DATABASE:-opencloud} ]
+    usernames: []
+    passwords: []
+  resourcesPreset: "small"
+  replicaCount: 1
+  persistence:
+    enabled: true
+    storageClass: longhorn-nor1
+    existingClaim: mongo-pvc
+    accessModes: 
+    - ReadWriteOnce
+    size: ${OC_MONGO_SIZE:-5000Mi} 
+  persistentVolumeClaimRetentionPolicy:
+    enabled: true
+    whenDeleted: Retain
+    whenScaled: Retain
+  arbiter:
+    enabled: false
+  livenessProbe:
+    enabled: true
+  readinessProbe:
+    enabled: true
+
+nats:
+  enabled: ${OC_NATS_ENABLED:-true}
+  jetstream:
+    enabled: true
+    fileStore:
+      size: ${OC_NATS_SIZE:-20Mi} 
+      storageClassName: longhorn-nor1
+
+openldap:
+  enabled: ${OC_LDAP_ENABLED:-true}
+  test:
+    enabled: false
+  ltb-passwd:
+    enabled: false
+  replicaCount: 1
+  image:
+    repository: ${OC_LDAP_IMAGE:-osixia/openldap}
+  tls:
+    enabled: false
+  env:
+    LDAP_ORGANISATION: ${OC_LDAP_ORGANISATION:-Opencloud}
+    LDAP_DOMAIN: ${OC_LDAP_DOMAIN:-opencloud.com}
+    LDAP_BACKEND: "mdb"
+    LDAP_TLS: ${OC_LDAP_TLS:-false}
+    LDAP_TLS_ENFORCE: ${OC_LDAP_TLS:-false}
+    LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
+  adminPassword: ${OC_LDAP_ADMIN_PWD:-admin}
+  configPassword: "${OC_LDAP_CONFIG_PWD:-config}"
+  phpldapadmin:
+    enabled: false
+  persistence:
+    enabled: true
+    accessMode: ReadWriteOnce
+    size: ${OC_LDAP_SIZE:-10Mi}
+    storageClass: longhorn-nor1
+  replication:
+    enabled: false
+  externalLDAP:
+    enabled: ${OC_LDAP_EXTERNAL:-false}
+    url: ${OC_LDAP_EXTERNAL_ENDPOINT}
+    bindDN: ${OC_LDAP_EXTERNAL_DN:-cn=admin,dc=example,dc=com}
+    bindPassword: ${OC_LDAP_EXTERNAL_PWD:-admin}
+  customLdifFiles:
+    01-schema.ldif: |-
+      dn: ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: organizationalUnit
+      ou: ${OC_LDAP_GROUPS_OU:-groups}
+
+      dn: ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: organizationalUnit
+      ou: ${OC_LDAP_USERS_OU:-users}
+
+      dn: cn=lastGID,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: device
+      objectClass: top
+      description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.
+      cn: lastGID
+      serialNumber: 2001
+
+      dn: cn=lastUID,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: device
+      objectClass: top
+      serialNumber: 2001
+      description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
+      cn: lastUID
+
+      dn: cn=everybody,ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: top
+      objectClass: posixGroup
+      cn: everybody
+      memberUid: admin
+      gidNumber: 2003
+
+    02-ldapadmin.ldif : |-
+      dn: cn=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: top
+      objectClass: posixGroup
+      cn: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
+      memberUid: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
+      gidNumber: 2001
+
+      dn: uid=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      givenName: ldap
+      sn: admin
+      uid: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
+      cn: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
+      mail: ldapadmin@example.com
+      objectClass: person
+      objectClass: inetOrgPerson
+      objectClass: posixAccount
+      userPassword: sai1yeiT
+      uidNumber: 2001
+      gidNumber: 2001
+      loginShell: /bin/bash
+      homeDirectory: /home/ldapadmin
+
+    03-opencloudadmin.ldif : |-
+      dn: uid=admin,ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: inetOrgPerson
+      cn: Admin
+      sn: Istrator
+      uid: ${OC_LDAP_ADMIN_USER:-admin}
+      userPassword: ${OC_LDAP_ADMIN_PWD:-admin}
+      mail: admin@example.com
+      ou: ${OC_LDAP_USERS_OU:-users}
+
+      dn: ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: organizationalunit
+      ou: AppRoles
+      description: AppRoles
+
+      dn: ou=App1,ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+      objectClass: organizationalunit
+      ou: App1
+      description: App1
+
+prometheus:
+  enabled: ${OC_PROMETHEUS_ENABLED:-true}
+  server:
+    persistentVolume:
+      enabled: true
+      size: ${OC_PROMETHEUS_SIZE:-5Gi}
+    service:
+        type: ClusterIP
+    resources:
+      limits:
+        cpu: ${OC_PROMETHEUS_LIMITS_CPU:-500m}
+        memory: ${OC_PROMETHEUS_LIMITS_MEMORY:-512Mi}
+      requests:
+        cpu: ${OC_PROMETHEUS_REQUESTS_CPU:-128m}
+        memory: ${OC_PROMETHEUS_REQUESTS_MEMORY:-256Mi}
+
+# ldap user manager configuration
+ldapUserManager:
+  enabled: true
+  env:
+    SERVER_HOSTNAME: ${OC_LDAP_MNGT_HOST:-ldap.exemple.com}
+    LDAP_BASE_DN: ${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+    LDAP_REQUIRE_STARTTLS: ${OC_LDAP_MNGT_REQUIRE_TLS:-false} 
+    LDAP_ADMINS_GROUP: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
+    LDAP_ADMIN_BIND_DN: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=example,dc=com}
+    LDAP_ADMIN_BIND_PWD: ${OC_LDAP_MNGT_ADMIN_PWD:-admin}
+    LDAP_IGNORE_CERT_ERRORS: ${OC_LDAP_MNGT_IGNORE_CERTS_ERRORS:-true}
+    EMAIL_DOMAIN: ${OC_LDAP_MNGT_EMAIL_DOMAIN:- }
+    NO_HTTPS: ${OC_LDAP_MNGT_NO_HTTPS:-true} 
+    SERVER_PATH: "/users"
+    ORGANISATION_NAME: ${OC_LDAP_ORGANISATION:-Opencloud}
+    LDAP_USER_OU: ${OC_LDAP_USERS_OU:-users} 
+    LDAP_GROUP_OU: ${OC_LDAP_GROUPS_OU:-groups}
+    ACCEPT_WEAK_PASSWORDS: "true"
+  resources:
+    limits:
+      cpu: ${OC_FRONT_LIMITS_CPU:-128m}
+      memory: ${OC_FRONT_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_FRONT_REQUESTS_CPU:-128m}
+      memory: ${OC_FRONT_REQUESTS_MEMORY:-256Mi}
+
+traefik:
+  enabled: ${OC_TRAEFIK_ENABLED:-true}
+  service:
+    type: NodePort
+  ingressRoute:
+    dashboard:
+      enabled: true
+      matchRule: Host(`localhost`) && PathPrefix(`/api`) || PathPrefix(`/dashboard`)
+      entryPoints: [web]
+  ports:
+    web:
+      nodePort: 30950
+
+hydra:
+  enabled: ${OC_HYDRA_ENABLED:-true}
+  maester:
+    enabled: true
+  secret:
+    enabled: false
+    nameOverride: hydra-secret
+    hashSumEnabled: false
+  hydra:
+    dev: true
+    existingSecret: hydra-secret
+    config:
+      dsn: memory
+      urls:
+      #  login: https://localhost-login/authentication/login
+      #  consent: https://localhost-consent/consent/consent
+      #  logout: https://localhost-logout/authentication/logout
+        self:
+          issuer: "http://{{ .Release.Name }}-hydra-public.{{ .Release.Namespace }}:4444/"
+
+keto:
+  enabled: ${OC_KETO_ENABLED:-true}
+  keto:
+    config:
+      serve:
+        read:
+          port: 4466
+        write:
+          port: 4467
+        metrics:
+          port: 4468
+      namespaces:
+        - id: 0
+          name: open-cloud
+      dsn: memory
+
+
+loki:
+  enabled: ${OC_LOKI_ENABLED:-true}
+  loki:
+    auth_enabled: false
+    commonConfig:
+      replication_factor: 1
+    storage:
+      type: filesystem
+      filesystem:
+        chunks_directory: /var/loki/chunks
+        rules_directory: /var/loki/rules
+        admin_api_directory: /var/loki/admin
+    storage_config:
+      boltdb_shipper:
+        active_index_directory: /var/loki/index
+      filesystem:
+        directory: /var/loki/chunks
+    limits_config:
+      allow_structured_metadata: false
+    schemaConfig:
+      configs:
+        - from: "2020-01-01"
+          store: boltdb-shipper
+          object_store: filesystem
+          schema: v11
+          index:
+            prefix: index_
+            period: 24h
+    ingester:
+      chunk_encoding: snappy
+    tracing:
+      enabled: true
+    querier:
+      max_concurrent: 2
+
+  deploymentMode: SingleBinary
+  singleBinary:
+    extraVolumes:
+      - name: loki-storage
+        persistentVolumeClaim:
+          claimName: loki-pvc
+    persistence:
+      enabled: false # Deactivate loki auto provisioning, rely on existing PVC
+      accessMode: ReadWriteOnce
+      size: ${OC_LOKI_SIZE:-1Gi}
+      storageClassName: longhorn-nor1
+      claimName: loki-pvc
+
+    extraVolumeMounts:
+      - name: loki-storage
+        mountPath: /var/loki 
+    replicas: 1
+    resources:
+      limits:
+        cpu: ${OC_LOKI_LIMITS_CPU:-3}
+        memory: ${OC_LOKI_LIMITS_MEMORY:-4Gi}
+      requests:
+        cpu: ${OC_LOKI_REQUESTS_CPU:-1}
+        memory: ${OC_LOKI_REQUESTS_MEMORY:-0.5Gi}
+    extraEnv:
+      - name: GOMEMLIMIT
+        value: 3750MiB
+
+  chunksCache:
+    # default is 500MB, with limited memory keep this smaller
+    writebackSizeLimit: 10MB
+
+  # Enable minio for storage
+  minio:
+    enabled: ${OC_MINIO_ENABLED:-false}
+  # Zero out replica counts of other deployment modes
+  backend:
+    replicas: 0
+  read:
+    replicas: 0
+  write:
+    replicas: 0
+  ingester:
+    replicas: 0
+  querier:
+    replicas: 0
+  queryFrontend:
+    replicas: 0
+  queryScheduler:
+    replicas: 0
+  distributor:
+    replicas: 0
+  compactor:
+    replicas: 0
+  indexGateway:
+    replicas: 0
+  bloomCompactor:
+    replicas: 0
+  bloomGateway:
+    replicas: 0
+
+grafana:
+  enabled: ${OC_GRAFANA_ENABLED:-true}
+  adminUser: ${OC_GRAFANA_ADMIN_USER:-admin}
+  adminPassword: ${OC_GRAFANA_ADMIN_PWD:-admin}
+  persistence:
+    enabled: true
+    size: ${OC_GRAFANA_SIZE:-1Gi}
+  service:
+    type: ClusterIP
+
+argo-workflows:
+  enabled: ${OC_ARGO_ENABLED:-false}
+  workflow:
+    serviceAccount:
+      create: false
+      name: argo-workflow
+    rbac:
+      create: false # Manual provisioning
+  controller:
+    workflowNamespaces: [] #All of them
+    controller:
+    workflowDefaults:
+      spec:
+        serviceAccountName: argo-workflow
+
+ocAuth:
+  enabled: ${OC_AUTH_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_AUTH_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-auth:0.0.1}
+  authType: hydra
+  keto:
+    adminRole: admin
+  hydra:
+    openCloudOauth2ClientSecretName: oc-oauth2-client-secret
+  ldap:
+    bindDn: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=example,dc=com}
+    binPwd: ${OC_LDAP_ADMIN_PWD:-admin}
+    baseDn: ${OC_LDAP_MNGT_DN:-dc=example,dc=com}
+    roleBaseDn: ${OC_LDAP_ROLE_DN:-ou=AppRoles,dc=example,dc=com}
+  resources:
+    limits:
+      cpu: ${OC_AUTH_LIMITS_CPU:-128m}
+      memory: ${AUTH_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${AUTH_REQUESTS_CPU:-128m}
+      memory: ${AUTH_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_AUTH_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_AUTH_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_AUTH_REPLICAS_USAGE:-80}
+
+ocFront:
+  enabled: ${OC_FRONT_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_FRONT_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-front:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_FRONT_LIMITS_CPU:-128m}
+      memory: ${OC_FRONT_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_FRONT_REQUESTS_CPU:-128m}
+      memory: ${OC_FRONT_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_FRONT_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_FRONT_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_FRONT_REPLICAS_USAGE:-80}
+
+ocWorkspace:
+  enabled: ${OC_WORKSPACE_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_WORKSPACE_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-workspace:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_WORKSPACE_LIMITS_CPU:-128m}
+      memory: ${OC_WORKSPACE_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_WORKSPACE_REQUESTS_CPU:-128m}
+      memory: ${OC_WORKSPACE_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_WORKSPACE_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_WORKSPACE_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_WORKSPACE_REPLICAS_USAGE:-80}
+
+
+ocShared:
+  enabled: ${OC_SHARED_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_SHARED_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-shared:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_SHARED_LIMITS_CPU:-128m}
+      memory: ${OC_SHARED_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_SHARED_REQUESTS_CPU:-128m}
+      memory: ${OC_SHARED_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_SHARED_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_SHARED_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_SHARED_REPLICAS_USAGE:-80}
+
+ocWorkflow:
+  enabled: ${OC_WORKFLOW_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_WORKFLOW_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-workflow:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_WORKFLOW_LIMITS_CPU:-128m}
+      memory: ${WORKFLOW_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_WORKFLOW_REQUESTS_CPU:-128m}
+      memory: ${OC_WORKFLOW_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_WORKFLOW_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_WORKFLOW_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_WORKFLOW_REPLICAS_USAGE:-80}
+
+ocCatalog:
+  enabled: ${OC_CATALOG_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_CATALOG_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-catalog:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_CATALOG_LIMITS_CPU:-128m}
+      memory: ${OC_CATALOG_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_CATALOG_REQUESTS_CPU:-128m}
+      memory: ${OC_CATALOG_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_CATALOG_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_CATALOG_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_CATALOG_REPLICAS_USAGE:-80}
+
+ocPeer:
+  enabled: ${OC_PEER_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_PEER_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-peer:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_PEER_LIMITS_CPU:-128m}
+      memory: ${OC_PEER_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_PEER_REQUESTS_CPU:-128m}
+      memory: ${OC_PEER_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_CATALOG_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_CATALOG_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_CATALOG_REPLICAS_USAGE:-80}
+
+ocDatacenter:
+  enabled: ${OC_DATACENTER_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_DATACENTER_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-datacenter:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_DATACENTER_LIMITS_CPU:-128m}
+      memory: ${OC_DATACENTER_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_DATACENTER_REQUESTS_CPU:-128m}
+      memory: ${OC_DATACENTER_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_DATACENTER_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_DATACENTER_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_DATACENTER_REPLICAS_USAGE:-80}
+
+ocSchedulerd:
+  enabled: ${OC_SCHEDULERD_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_SCHEDULERD_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-schedulerd:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_SCHEDULERD_LIMITS_CPU:-128m}
+      memory: ${SCHEDULERD_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_SCHEDULERD_REQUESTS_CPU:-128m}
+      memory: ${OC_SCHEDULERD_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_SCHEDULERD_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_SCHEDULERD_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_SCHEDULERD_REPLICAS_USAGE:-80}
+
+ocScheduler:
+  enabled: ${OC_SCHEDULER_ENABLED:-true}
+  enableTraefikProxyIntegration: true
+  image: ${OC_SCHEDULER_IMAGE:-registry-opencloud.pf.irt-saintexupery.com/oc-scheduler:0.0.1}
+  resources:
+    limits:
+      cpu: ${OC_SCHEDULER_LIMITS_CPU:-128m}
+      memory: ${OC_SCHEDULER_LIMITS_MEMORY:-256Mi}
+    requests:
+      cpu: ${OC_SCHEDULER_REQUESTS_CPU:-128m}
+      memory: ${OC_SCHEDULER_REQUESTS_MEMORY:-256Mi}
+  replicas: 1
+  hpa:
+    enabled: ${OC_SCHEDULER_REPLICAS_ENABLED:-true}
+    minReplicas: 1
+    maxReplicas: ${OC_SCHEDULER_REPLICAS_MAX:-5}
+    targetCPUUtilizationPercentage: ${OC_SCHEDULER_REPLICAS_USAGE:-80}
+
+docker-registry-ui:
+  enabled: true
+  ui:
+    title: "opencloud docker registry"
+    proxy: true
+    dockerRegistryUrl: "http://{{ .Release.Name }}-docker-registry-ui-registry-server.{{ .Release.Namespace }}.svc.cluster.local:5000"
+  registry:
+    secretName: regcred
+    enabled: true
+    dataVolume:
+      persistentVolumeClaim:
+        claimName: docker-registry-pvc
+    persistence:
+      accessMode: ReadWriteOnce
+      storage: 5000Mi
+      storageClassName: longhorn-nor1