diff options
Diffstat (limited to 'kubernetes/common/mongodb/values.yaml')
| -rw-r--r-- | kubernetes/common/mongodb/values.yaml | 64 |
1 files changed, 42 insertions, 22 deletions
diff --git a/kubernetes/common/mongodb/values.yaml b/kubernetes/common/mongodb/values.yaml index 8d995ce973..7628846a3e 100644 --- a/kubernetes/common/mongodb/values.yaml +++ b/kubernetes/common/mongodb/values.yaml @@ -120,7 +120,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/mongodb - tag: 7.0.5-debian-12-r5 + tag: 7.0.8-debian-12-r2 digest: "" ## Specify a imagePullPolicy ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images @@ -246,7 +246,7 @@ tls: image: registry: docker.io repository: bitnami/nginx - tag: 1.25.4-debian-12-r1 + tag: 1.25.4-debian-12-r7 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -307,6 +307,14 @@ hostAliases: [] ## @param replicaSetName Name of the replica set (only when `architecture=replicaset`) ## Ignored when mongodb.architecture=standalone ## +replicaSet: + emptyDir: + sizeLimit: 1Gi + +standalone: + emptyDir: + sizeLimit: 1Gi + replicaSetName: rs0 ## @param replicaSetHostnames Enable DNS hostnames in the replicaset config (only when `architecture=replicaset`) ## Ignored when mongodb.architecture=standalone @@ -571,15 +579,17 @@ podSecurityContext: ## containerSecurityContext: enabled: true - seLinuxOptions: null + seLinuxOptions: {} runAsUser: 1001 - runAsGroup: 0 + runAsGroup: 1001 runAsNonRoot: true privileged: false - readOnlyRootFilesystem: false + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: - drop: ["ALL"] + drop: + - ALL + - CAP_NET_RAW seccompProfile: type: "RuntimeDefault" ## MongoDB(®) containers' resource requests and limits. @@ -834,7 +844,7 @@ externalAccess: image: registry: docker.io repository: bitnami/kubectl - tag: 1.29.2-debian-12-r1 + tag: 1.29.3-debian-12-r3 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1164,6 +1174,8 @@ backup: ## @param backup.enabled Enable the logical dump of the database "regularly" ## enabled: false + emptyDir: + sizeLimit: 1Gi ## Fine tuning cronjob's config ## cronjob: @@ -1203,15 +1215,17 @@ backup: ## containerSecurityContext: enabled: true - seLinuxOptions: null + seLinuxOptions: {} runAsUser: 1001 - runAsGroup: 0 + runAsGroup: 1001 runAsNonRoot: true privileged: false - readOnlyRootFilesystem: false + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: - drop: ["ALL"] + drop: + - ALL + - CAP_NET_RAW seccompProfile: type: "RuntimeDefault" ## @param backup.cronjob.command Set backup container's command to run @@ -1382,7 +1396,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r15 + tag: 12-debian-12-r18 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1429,11 +1443,13 @@ volumePermissions: ## @param volumePermissions.securityContext.runAsUser User ID for the volumePermissions container ## securityContext: - seLinuxOptions: null + seLinuxOptions: {} runAsUser: 0 ## @section Arbiter parameters ## arbiter: + emptyDir: + sizeLimit: 1Gi ## @param arbiter.enabled Enable deploying the arbiter ## https://docs.mongodb.com/manual/tutorial/add-replica-set-arbiter/ ## @@ -1603,15 +1619,17 @@ arbiter: ## containerSecurityContext: enabled: true - seLinuxOptions: null + seLinuxOptions: {} runAsUser: 1001 - runAsGroup: 0 + runAsGroup: 1001 runAsNonRoot: true privileged: false - readOnlyRootFilesystem: false + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: - drop: ["ALL"] + drop: + - ALL + - CAP_NET_RAW seccompProfile: type: "RuntimeDefault" ## MongoDB(®) Arbiter containers' resource requests and limits. @@ -1777,6 +1795,8 @@ hidden: ## https://docs.mongodb.com/manual/tutorial/configure-a-hidden-replica-set-member/ ## enabled: false + emptyDir: + sizeLimit: 1Gi ## @param hidden.automountServiceAccountToken Mount Service Account token in pod ## automountServiceAccountToken: false @@ -1946,12 +1966,12 @@ hidden: ## containerSecurityContext: enabled: true - seLinuxOptions: null + seLinuxOptions: {} runAsUser: 1001 - runAsGroup: 0 + runAsGroup: 1001 runAsNonRoot: true privileged: false - readOnlyRootFilesystem: false + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: ["ALL"] @@ -1963,7 +1983,7 @@ hidden: ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param hidden.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if hidden.resources is set (hidden.resources is recommended for production). + ## @param hidden.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if hidden.resources is set (hidden.resources is recommended for production). ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 ## resourcesPreset: "none" @@ -2180,7 +2200,7 @@ metrics: image: registry: docker.io repository: bitnami/mongodb-exporter - tag: 0.40.0-debian-12-r11 + tag: 0.40.0-debian-12-r15 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. |