affinity | Enable and define the affinity for the crossplane pod. | {} - Affinities aren’t configured. |
configuration.packages | The list of configuration packages to install together with UXP. These packages install UXP resources after the crossplane pod starts. | {} - Configurations aren’t installed by default. |
customAnnotations | Custom annotations to add to the crossplane deployment and pod. | {} - Annotations aren’t configured. |
customLabels | Custom labels to add to the crossplane and crossplane-rbac-manager deployments and pods. Overwriting default labels isn’t supported and causes the install to fail. | {app=crossplane, app.kubernetes.io/component=cloud-infrastructure-controller, app.kubernetes.io/instance=universal-crossplane, app.kubernetes.io/managed-by=Helm, app.kubernetes.io/name=crossplane, app.kubernetes.io/part-of=crossplane, app.kubernetes.io/version=<crossplane version>, helm.sh/chart=<crossplane version>, release=universal-crossplane} |
deploymentStrategy | The deployment strategy for the crossplane and crossplane-rbac-manager pods. | RollingUpdate |
extraEnvVarsCrossplane | List of extra environment variables to set in the crossplane deployment. A _ replaces any . character in a variable name. For example SAMPLE.KEY=value1 becomes SAMPLE\_KEY=value1 . | {POD_NAMESPACE:(v1:metadata.namespace),olala:olala,LEADER_ELECTION:true} |
extraEnvVarsRBACManager | List of extra environment variables to set in the crossplane-rbac-manager deployment. A _ replaces any . character in a variable name. For example SAMPLE.KEY=value1 becomes SAMPLE\_KEY=value1 . | {LEADER_ELECTION:true} |
image.pullPolicy | Kubernetes image pull policy. | IfNotPresent |
image.repository | Container image repository to download UXP from. | The DockerHub repository upbound/crossplane . |
image.tag | Image tag to install a specific Crossplane version. Provides the same function as up uxp install <image.tag> . | "" - Without an image tag Up installs the latest UXP version. |
imagePullSecrets | List of Kubernetes image pull secrets. Required if image.repository uses authentication. | "" - Secrets aren’t configured. |
leaderElection | Enable leader election for the crossplane deployment and pods. Set leaderElection as true for any deployment with more than 1 replica to prevent race-conditions. | true |
metrics.enabled | Exposes port 8080 in the crossplane and crossplane-rbac-manager pods. Configures pod annotations prometheus.io/path:/metrics , prometheus.io/port:"8080" and prometheus.io/scrape:"true" . | false |
nodeSelector | Apply a nodeSelector map to the crossplane pod. | {} - Node selectors aren’t configured. |
packageCache.medium | The Kubernetes emptyDir Volume type for the crossplane pod’s package cache. The only valid value is "memory" . Not supported with packageCache.pvc . | "" - Kubernetes pod default of local node storage. |
packageCache.pvc | A PersistentVolumeClaim for the crossplane pod’s package cache. packageCache.pvc is an alternative to the default emptyDir volume mount. Not supported with packageCache.medium or packageCache.sizeLimit . | "" - emptyDir is the default mounted pod volume. |
packageCache.sizeLimit | The size limit for the crossplane pod’s emptyDir package cache. Not supported with pacakgeCache.pvc . | 5Mi |
priorityClassName | Applies a priority class name to the crossplane and crossplane-rbac-manager deployments and pods. | "" - A priority class isn’t set. |
provider.packages | The list of provider packages to install together with UXP. These packages install UXP resources after the crossplane pod starts. | [] - Providers aren’t installed by default. |
rbacManager.affinity | Enable and define the affinity for the crossplane pod. | {} - Affinities aren’t configured. |
rbacManager.deploy | Deploy RBAC Manager and its required roles. | true |
rbacManager.leaderElection | Enable leader election for the crossplane-rbac-manager deployment and pods. Set leaderElection as true for any deployment with more than 1 replica to prevent race-conditions. | true |
rbacManager.managementPolicy | The scope of crossplane-rbac-manager permissions control. A value of all all Crossplane controller and user roles. basic only manages Crossplane controller roles and the crossplane-admin , crossplane-edit , and crossplane-view user roles. | all |
rbacManager.nodeSelector | Apply a nodeSelector map to the crossplane pod. | {} - Node selectors aren’t configured. |
rbacManager.replicas | The number of crossplane-rbac-manager replicas. | 1 |
rbacManager.skipAggregatedClusterRoles | Skip the deployment of ClusterRoles along with the crossplane-rbac-manager . Set to true to manually build Crossplane ClusterRoles. | false |
rbacManager.tolerations | Enable tolerations for the crossplane-rbac-manager pod. | {} - Tolerations aren’t configured. |
registryCaBundleConfig.key | Use a custom CA certification for downloading images and configurations. The value of the configMap key. Use with registryCaBundleConfig.name | {} - Crossplane uses the default system certificates. |
registryCaBundleConfig.name | Use a custom CA certification for downloading images and configurations. The value of the configMap name. Use with registryCaBundleConfig.key | {} - Crossplane uses the default system certificates. |
replicas | The number of crossplane-rbac-manager replicas. | 1 |
resourcesCrossplane.limits.cpu | CPU resource limits for the crossplane pods. | 100m |
resourcesCrossplane.limits.memory | Memory resource limits for the crossplane pods. | 512Mi |
resourcesCrossplane.requests.cpu | CPU resource requests for the crossplane pods. | 100m |
resourcesCrossplane.requests.memory | Memory resource requests for the crossplane pods. | 256Mi |
resourcesRBACManager.limits.cpu | CPU resource limits for the crossplane-rbac-manager pods. | 100m |
resourcesRBACManager.limits.memory | Memory resource limits for the crossplane-rbac-manager pods. | 512Mi |
resourcesRBACManager.requests.cpu | CPU resource requests for the crossplane-rbac-manager pods. | 100m |
resourcesRBACManager.requests.memory | Memory resource requests for the crossplane-rbac-manager pods. | 256Mi |
securityContextCrossplane.allowPrivilegeEscalation | Allow privilege escalation the crossplane pods. | false |
securityContextCrossplane.readOnlyRootFilesystem | Set a ReadOnly root file system for the crossplane pods. | true |
securityContextCrossplane.runAsGroup | Set the Run as group for the crossplane pods. | 65532 |
securityContextCrossplane.runAsUser | Set the Run as user the crossplane pods. | 65532 |
securityContextRBACManager.allowPrivilegeEscalation | Allow privilege escalation the crossplane-rbac-manager pods. | false |
securityContextRBACManager.readOnlyRootFilesystem | Set a ReadOnly root file system for the crossplane-rbac-manager pods. | true |
securityContextRBACManager.runAsGroup | Set the Run as group for the crossplane-rbac-manager pods. | 65532 |
securityContextRBACManager.runAsUser | Set the Run as user the crossplane-rbac-manager pods. | 65532 |
serviceAccount.customAnnotations | Custom annotations for the crossplane serviceaccount | {meta.helm.sh/release-name: universal-crossplane, meta.helm.sh/release-namespace: upbound-system} |
tolerations | Enable tolerations for the crossplane pod. | {} - Tolerations aren’t configured. |
webhooks.enabled | Create a service and expose TCP port 9443 to support webhooks for all Crossplane created pods. | false |