Search
Varnish Helm Chart

Configurations

Configuration types

string A string. While the YAML spec does not require strings to be quoted, it is highly recommended to quote strings to prevent YAML type coercion (e.g., values such as country: NO are treated as country: false by YAML).

Example:

key1: "value"

# or multi-line
key2: |
  value

number

A number.

key1: 42

# or float
key2: 3.14

boolean

A true or false. While the YAML spec also treats keywords such as “yes” and “no” as true and false, respectively, it is highly recommended to use explicit true and false as the value for maintainability.

key1: true

object

A pair of key value.

key1:
  subkey1: "string"
  subkey2: 3.14
  subkey3: true

# alternatively, using JSON syntax
key2: { "subkey1": "string", "subkey2": 3.14, "subkey3": true }

array of objects

An array of objects.

key1:
  - name: "value1"
    subkey: "value"
  - name: "value2"
    subkey: "value"

array of strings

An array of strings.

key1:
  - "string1"
  - "string2"
  - "string3"

# alternatively, using JSON syntax
key1: ["string1", "string2", "string3"]

template string

A pair of key value as a string. Template functions exposed by Helm are available in this type.

key1: |
  subkey1: {{ .Release.Name | quote }}
  subkey2: "hello, world"

# in array of objects
key2: |
  - name: {{ .Release.Name | quote }}
    subkey1: "hello, world"

Chart configurations

nameOverride

  • Type: string

Overrides the name of the chart (without the release name). For example, setting nameOverride to “hello” would produce a workload named “release-name-hello”. Containers within a pod derive their name from this setting. By default, the name of the chart is used (i.e., “varnish-enterprise”)

fullnameOverride

  • Type: string

Overrides the full name of the chart (with the release name). This setting allows overriding both release name and a workload name altogether. For example, setting fullnameOverride to “hello” would produce a workload named “hello”. By default, a composition of a Helm release name and the name of the chart is used (i.e., “release-name-varnish-enterprise”).

Global configurations

global.annotations

  • Type: object or template string
  • Availability: v1.5.0

Applies extra annotations to all workloads. The value can be set as either an object or a template string. Workload annotations can be used to for applying additional metadata or for integrating with external tooling. The annotations specified here will be applied to the workload itself.

To apply annotations on a Pod, use global.podAnnotations. To apply annotations on a specific workload, use server.annotations.

global.imagePullSecrets

  • Type: array of object

An array of object that conforms to the Kubernetes imagePullSecrets definition. When set, each item in an array must consist of an object with a key name referencing the Kubernetes secret

For example:

global:
  imagePullSecrets:
    - name: registry-quay-k7c2f4m2d5

global.labels

  • Type: object or template string
  • Availability: v1.5.0

Applies extra labels to all workloads. The value can be set as either an object or a template string. Workload labels can be used to for applying additional metadata or for integrating with external tooling. The labels specified here will be applied to the workload itself.

To apply labels on a Pod, use global.podLabels. To apply labels on a specific workload, use server.labels.

global.podAnnotations

  • Type: object or template string
  • Availability: v1.5.0

Applies extra annotations to all Pods. The value can be set as either an object or a template string. Pod annotations can be used to for applying additional metadata or for integrating with external tooling. Annotations specified here will be applied to a Pod itself.

To apply labels on a workload, use global.annotations. To apply labels on a specific Pod, use server.podAnnotations.

global.podLabels

  • Type: object or template string
  • Availability: v1.5.0

Applies extra labels to all Pods. The value can be set as either an object or a template string. Pod labels can be used to for applying additional metadata or for integrating with external tooling. Labels specified here will be applied to a Pod itself.

To apply labels on a workload, use global.labels. To apply labels on a specific Pod, use server.podLabels.

global.podSecurityContext

  • Type: object

An object that conforms to the Kubernetes securityContext definition of a Pod

For example:

global:
  podSecurityContext:
    fsGroup: 999

This securityContext will be set on all Pods within this chart. For setting securityContext on all containers, see global.securityContext.

global.resources

  • Type: object
  • Availability: v1.5.0

An object that conforms to the Kubernetes resources definition of a Container. This configuration will resources constraint to all containers. To specify resources on a single container, use server.resources, server.agent.resources, and server.varnishncsa.resources.

global.securityContext

  • Type: object

An object that conforms to the Kubernetes securityContext definition of a Container

For example:

global:
  securityContext:
    runAsUser: 999
    runAsNonRoot: true

This securityContext will be set on all containers within this chart. For setting securityContext on the Pod itself, see global.podSecurityContext.

global.natsServer

  • Type: object

An object configuring Varnish Controller Agent access to NATS.

global.natsServer.externalAddress

  • Type: string

An FQDN to the NATS server. The value is ignored if global.natsServer.internal.enabled is set to true. Required when server.agent.enabled is set to true and global.natsServer.internal.enabled is set to false.

global.natsServer.internal.enabled

  • Type: boolean
  • Default: true

Configures Varnish Agent to use the internal NATS server.

global.natsServer.internal.namespace

  • Type: string

Discovers the internal NATS server within the given namespace. By default, the current namespace is used.

global.natsServer.internal.releaseName

  • Type: string

Overrides the full name of the internal NATS server. Required if nameOverride or fullnameOverride is used in the Varnish Controller Helm Chart. By default, “varnish-controller” is used.

global.natsServer.internal.clusterDomain

  • Type: string
  • Default: cluster.local

Overrides the Kubernetes cluster domain. Required if Kubernetes cluster is configured to use different cluster domain than the default. By default, “cluster.local” is used. In most cases, this value should not be changed.

global.natsServer.internal.passwordFrom

  • Type: object
  • Default:
    name: varnish-controller-credentials
    key: nats-varnish-password
    
  • Availability: v1.3.0

Sets internal NATS password from an external secret. Internal NATS must be configured separately. See Varnish Controller Helm Chart documentation for more information.

For example:

global:
  natsServer:
    internal:
      passwordFrom:
        name: secret-name
        key: nats-password

Note: if internal Varnish Controller is deployed on another namespace than the one Varnish Enterprise is deployed to, the varnish-controller-credentials secret needs to be manually copied from the Varnish Controller namespace.

Service Account configurations

serviceAccount.create

  • Type: boolean
  • Default: true

Create a Kubernetes service account to use with a workload.

serviceAccount.labels

  • Type: object or template string

Applies extra labels to the service account. The value can be set as either an object or a template string.

serviceAccount.annotations

  • Type: object or template string

Applies extra annotations to the service account. The value can be set as either an object or a template string.

serviceAccount.name

  • Type: string

Overrides the name of the service account. By default, the full name of the chart is used.

Server configurations

server.replicas

  • Type: number
  • Default: 1

Specifies the number of replicas to deploy Varnish Enterprise server. The value is ignored if server.kind is “DaemonSet”.

Before v1.6.0, when server.autoscaling.enabled is set to true, this value will be ignored and server.autoscaling.minReplicas must be used instead.

From v1.6.0, when server.autoscaling.enabled is set to true, and server.autoscaling.minReplicas is -, the value of server.replicas will be used. server.replicas is ignored if server.autoscaling.minReplicas is set to a number.

server.kind

  • Type: string
  • Default: Deployment

Specifies the type of workload to deploy Varnish Enterprise server. The value can be one of Deployment, DaemonSet, or StatefulSet depending on usage scenarios (see examples).

server.labels

  • Type: object or template string

Applies extra labels to a workload. The value can be set as either an object or a template string. Labels specified here will be applied to the workload itself. To apply labels on the Pod, use server.podLabels.

server.annotations

  • Type: object or template string

Applies extra annotations to a workload. The value can be set as either an object or a template string. workload annotations can be used to for applying additional metadata or for integrating with external tooling. The annotations specified here will be applied to the workload itself. To apply labels on the Pod, use server.podAnnotations.

server.strategy

  • Type: object or template string
  • Availability: v1.1.0

Configures deployment strategy to replace existing Pod with a new one. This configuration is only available when server.kind is set to Deployment. For StatefulSet and DaemonSet, see server.updateStrategy.

server.updateStrategy

  • Type: object or template string
  • Availability: v1.1.0

Configures update strategy for updating Pods when a change is made to the manifest. This configuration is only available when server.kind is set to StatefulSet or DaemonSet. For Deployment, see server.strategy.

Note: While both StatefulSet and DaemonSet share the same updateStrategy configuration key, its applicable values are different. See updateStrategy on StatefulSet and [updateStrategy on DaemonSet][k8s-daemonset-updatestrategy.

server.hostNetwork

  • Type: boolean
  • Default: false

Whether to enables hostNetwork for Varnish Enterprise pod. This will make the Varnish Enterprise pod binds to the port of the host instead of using a container network provided by Kubernetes.

Setting this will also set ClusterFirstWithHostNet to allow the Pod to communicate with Kubernetes DNS.

server.shareProcessNamespace

  • Type: boolean
  • Availability: v1.2.1

Whether to enable shared PID namespace between all containers in a Pod. This is useful for a scenario where it is necessary to send a signal to a process across a container.

server.http.enabled

  • Type: boolean
  • Default: true

Configures Varnish to listen for HTTP traffic.

server.http.port

  • Type: number
  • Default: 6081

Configures the TCP port on which Varnish will listen for HTTP traffic. This port is used for Varnish to bind to within a container. To change the port exposed via service to other applications, see server.service.http.port.

server.tls.enabled

  • Type: boolean
  • Default: false

Configures Varnish to enable In-Process TLS and listens to HTTPS traffic. When enabled, server.tls.config must also be configured. Certificates may be mounted into the Pod using server.extraVolumeMounts and server.extraVolumes.

This port is used by HTTP service as a targetPort.

server.tls.port

  • Type: number
  • Default: 6443

Configures the TCP port on which Varnish will listen for HTTPS traffic. This port is used for Varnish to bind to within a container. To change the port exposed via service to other applications, see server.service.https.port.

This port is used by HTTPS service as a targetPort.

server.tls.config

  • Type: template string

The TLS configuration. See also In-Process TLS for configuration options. It is recommended to reference to a port in a configuration using {{ .Values.server.tls.port }} template string for services integration.

For example:

server:
  tls:
    config: |
      frontend = {
        host = ""
        port = "{{ .Values.server.tls.port }}"
      }

      pem-file = "/certs/example.com.pem"

server.admin.address

  • Type: string
  • Default: 127.0.0.1

Configures the address for Varnish management interface.

server.admin.port

  • Type: number
  • Default: 6082

Configures the port for Varnish management interface.

server.extraEnvs

  • Type: array of objects, object, or template string
  • Availability: v1.5.0

Sets an additional environment variable for Varnish Enterprise container.

Can be set as an array of objects:

extraEnvs:
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

Or an object:

extraEnvs:
  MY_ENVIRONMENT_VARIABLE: my_value

Or a template string:

extraEnvs: |
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

server.extraListens

  • Type: array of objects

An array of extra ports for Varnish to listen to.

For example:

extraListens:
  - name: proxy
    address: "0.0.0.0"
    port: 6888
    proto: "PROXY"

  - name: proxy-sock
    path: "/tmp/varnish-proxy.sock"
    user: "www"
    group: "www"
    mode: "0700"
    proto: "PROXY"

server.extraListens[].name

  • Type: string

The name of the listen. This name will be accessible in VCLs via local.socket.

server.extraListens[].proto

  • Type: string

The protocol of the listen. Must be one of PROXY or HTTP. Default to HTTP if not set.

server.extraListens[].port

  • Type: number
  • Required: yes, unless server.extraListens[].path is set

The port to listens to. Only applicable for TCP listens.

server.extraListens[].address

  • Type: string

The address to listens to. Only applicable for TCP listens.

server.extraListens[].path

  • Type: string
  • Required: yes, unless server.extraListens[].port is set

The path of UNIX domain socket to listens as. Only applicable for UNIX domain socket.

server.extraListens[].user

  • Type: string

The user owning the UNIX domain socket. Only applicable for UNIX domain socket.

server.extraListens[].group

  • Type: string

The group owning the UNIX domain socket. Only applicable for UNIX domain socket.

server.extraListens[].mode

  • Type: string

The file mode octet for the UNIX domain socket. Only applicable for UNIX domain socket.

server.ttl

  • Type: number
  • Default: 120

Sets the default Time To Live (in seconds) for a cached object.

server.minThreads

  • Type: number
  • Default: 50

Sets the minimum number of worker threads in each pool. See also varnishd documentation.

server.maxThreads

  • Type: number
  • Default: 1000

Sets the maximum number of worker threads in each pool. See also varnishd documentation.

server.threadTimeout

  • Type: number
  • Default: 120

Sets the threshold in seconds where idle threads are destroyed after least this duration.

server.extraArgs

  • Type: array of strings
  • Default: []

Sets the extra arguments to the Varnish Enterprise.

server.extraInitContainers

  • Type: array of objects or template string
  • Default: []

An array of objects that conform to the Kubernetes initContainers definition of a Pod. This can be used to run initialization tasks before varnishd starts. Note that initContainers cannot be changed once it is applied. To update this value after the initial deploy, uninstall Varnish Enterprise Helm Chart from the cluster and reinstall. The value can be set as either an array of objects or a template string.

server.extraContainers

  • Type: array of objects or template string
  • Default: []

An array of objects that conforms to the Kubernetes containers definition of a Pod. This can be used to add a sidecar container to varnishd. The value can be set as either an array of objects or a template string.

server.extraVolumeClaimTemplates

  • Type: array of objects or template string
  • Availability: v1.3.0

An array of objects that conforms to the Kubernetes VolumeClaimTemplates definition of a StatefulSet workload. This configuration is only available when server.kind is set to StatefulSet.

server.extraVolumeMounts

  • Type: array of objects or template string

An array of objects that conforms to the Kubernetes volumeMounts definition of a Container. This configuration is used to mount extra volumes defined in server.extraVolumes into the Varnish Enterprise container. The value can be set as either an array of objects or a template string.

server.extraVolumes

  • Type: array of objects or template string

An array of objects that conforms to the Kubernetes volumes definition of a Pod. This configuration is used to define volumes to be used in server.extraVolumeMounts, or within server.extraContainers, or within server.extraInitContainers. The value can be set as either an array of objects or a template string.

server.secret

  • Type: string
  • Required: yes if server.agent.enabled is true and server.secretFrom isn’t set

Sets the Varnish secret for accessing the varnishd admin interface. Either this value or server.secretFrom can be set.

server.secretFrom

  • Type: object
  • Required: yes if server.agent.enabled is true and server.secret is not set
  • Availability: v1.3.0

Sets the Varnish secret from an external Kubernetes secret for accessing the varnishd admin interface. Either this value or server.secret can be set.

For example:

server:
  secretFrom:
    name: secret-name
    key: varnish-secret

server.vclConfig

  • Type: template string
  • Required:
    • From v1.0.0: yes, unless server.agent.enabled is true
    • From v1.6.0: no

A VCL configuration for Varnish Enterprise.

Before v1.6.0, required if Varnish Controller Agent is not used.

From v1.6.0,

For example:

server:
  vclConfig: |
    vcl 4.1;

    backend default {
      .host = "www.example.com";
      .port = "80";
    }

    sub vcl_backend_fetch {
      set bereq.http.Host = "www.example.com";
    }

server.vclConfigs

  • Type: object of template string
  • Availability: v1.2.0

Extra VCL configuration where a filename as a key and template string as a value. The path to store server.vclConfigs will be relative to that of server.vclConfigPath. For example, given the following configuration:

server:
  vclConfigPath: "/etc/varnish/default.vcl"

  vclConfigs:
    extra.vcl: |
      vcl 4.1;

      backend default {
        .host = "127.0.0.1";
        .port = "8090";
      }

The file will be saved as /etc/varnish/extra.vcl.

If the filename in server.vclConfigs matches the name in server.vclConfigPath, it will be treated in the same way as server.vclConfig. In this case, server.vclConfig must not be set. For example:

server:
  vclConfigPath: "/etc/varnish/default.vcl"

  # This is effectively the same as setting server.vclConfig: "..."
  vclConfigs:
    default.vcl: |
      vcl 4.1;

      backend default {
        .host = "127.0.0.1";
        .port = "8090";
      }

  # In this case, vclConfig must be unset.
  vclConfig: ""

server.vclConfigPath

  • Type: string
  • Default: /etc/varnish/default.vcl
  • Availability: v1.2.0

A path to the main VCL configuration. This configuration affects the location where server.vclConfig will be saved to, as well as the VARNISH_VCL_CONF environment variable in the Varnish Enterprise container.

server.cmdfileConfig

  • Type: template string
  • Availability: v1.2.0

A CLI command file for running management commands when varnishd is launched. For example, when loading extra VCL in multi-tenancy mode. See also External VCL ConfigMap.

For example:

server:
  cmdfileConfig: |
    vcl.load vcl_tenant1 /etc/varnish/tenant1.vcl
    vcl.label label_tenant1 vcl_tenant1
    vcl.load vcl_main /etc/varnish/main.vcl
    vcl.use vcl_main

server.cmdfileConfigPath

  • Type: string
  • Default: /etc/varnish/cmds.cli
  • Availability: v1.2.0

A path to the CLI command file. This configuration affects the location where server.cmdfileConfig will be saved to, as well as the -I argument in the Varnish Enterprise container when server.cmdfileConfig is not empty.

server.baseUrl

  • Type: string
  • Availability: v1.4.0

Sets a base URL for Varnish Controller and Varnish Controller Router when performing a HTTP-based routing. If unset, the URL will infer from a Pod IP and server.http.port.

server.image.repository

  • Type: string
  • Default: quay.io/varnish-software/varnish-plus

Sets the repository for Varnish Enterprise image.

server.image.pullPolicy

  • Type: string
  • Default: IfNotPresent

Sets the imagePullPolicy for the Varnish Enterprise image. This can be one of Always, Never, or IfNotPreset.

server.image.tag

  • Type: string
  • Default: same as appVersion

Sets the tag for the Varnish Enterprise image. By default, this is set to the same application version as in the Varnish Enterprise Helm Chart. If the tag is set to non-exact versions (such as “latest”, or “6.0”), make sure to set server.image.pullPolicy to “Always” to make sure the image is always updated.

server.podAnnotations

  • Type: object or template string

Applies extra annotations to the Pod. The value can be set as either an object or a template string. Pod annotations can be used to for applying additional metadata or for integrating with external tooling. Annotations specified here will be applied to the Pod. To apply labels on a workload, use server.annotations.

server.podLabels

  • Type: object or template string

Applies extra labels to the Pod. The value can be set as either an object or a template string. Labels specified here will be applied to the Pod itself. To apply labels on a workload, use server.labels.

server.securityContext

  • Type: object

An object that conforms to the Kubernetes securityContext definition of a Container

For example:

server:
  securityContext:
    runAsUser: 999

This securityContext will be set on the Varnish Enterprise container. For setting securityContext on the Pod itself, see global.podSecurityContext. For setting securityContext to all containers, see global.securityContext.

server.startupProbe

  • Type: object
  • Availability: v1.1.0

An object that conforms to the Kubernetes startupProbe definition of a Container

For example:

server:
  startupProbe:
    initialDelaySeconds: 5
    periodSeconds: 10
    timeoutSeconds: 1
    successThreshold: 1
    failureThreshold: 3

server.startupProbe.httpGet

  • Type: object
  • Availability: v1.2.0

Uses Kubernetes httpGet probe instead of TCP probe. Port will be automatically injected. It is possible to provide extra configuration options that conforms to the Kubernetes httpGet probe definition.

For example, to enable httpGet probe mode:

server:
  startupProbe:
    httpGet:

To specify path and add extra headers:

server:
  startupProbe:
    httpGet:
      path: "/healthz"
      httpHeaders:
        - name: X-Health-Check
          value: k8s

Varnish Helm Chart doesn’t provide a default health check endpoint, so it is necessary to configure Varnish to return 200 OK for this endpoint via a VCL. For example:

server:
  vclConfig: |
    vcl 4.1

    backend default {
      .host = "www.example.com";
      .port = "80";
    }

    sub vcl_recv {
      if (req.url ~ "^/healthz(/.*)?$") {
        # or pass to backend, etc.
        return (synth(200, "OK"));
      }
    }

server.readinessProbe

  • Type: object
  • Default:
    initialDelaySeconds: 30
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 3
    

An object that confirms to the Kubernetes readinessProbe definition of a Container.

server.readinessProbe.httpGet

  • Type: object
  • Availability: v1.2.0

Uses Kubernetes httpGet probe instead of TCP probe. Port will be automatically injected. It is possible to provide extra configuration options that conforms to the Kubernetes httpGet probe definition.

See also server.startupProbe.httpGet.

server.livenessProbe

  • Type: object
  • Default:
    initialDelaySeconds: 30
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 3
    

An object that confirms to the Kubernetes readinessProbe definition of a Container.

server.livenessProbe.httpGet

  • Type: object
  • Availability: v1.2.0

Uses Kubernetes httpGet probe instead of TCP probe. Port will be automatically injected. It is possible to provide extra configuration options that conforms to the Kubernetes httpGet probe definition.

See also server.startupProbe.httpGet.

server.resources

  • Type: object

An object that conforms to the Kubernetes resources definition of a Container. This configuration can be used to limit resources consumed by the Varnish Enterprise container.

server.useReleaseName

  • Type: boolean
  • Default: false
  • Availability: v1.4.0

When server.replicas is set to 1, use Helm Chart release name as Varnish Enterprise server name.

server.nodeSelector

  • Type: object or template string

An object that conforms to the Kubernetes nodeSelector definition of a Pod. This configuration is used to select a node to schedule a Pod to. The value can be set as either an object or a template string.

server.tolerations

  • Type: array of strings or template string

An object that conforms to the Kubernetes tolerations definition of a Pod. This configuration is used to allow the Pod to be scheduled to nodes with specific taints. The value can be set as either an array of strings or a template string.

server.affinity

  • Type: object or template string
  • Default (template string):
    podAntiAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        - labelSelector:
            matchLabels:
              app.kubernetes.io/name: {{ include "varnish-enterprise.name" . }}
              app.kubernetes.io/instance: {{ .Release.Name }}
          topologyKey: kubernetes.io/hostname
    

This configuration is used to fine-grain control the scheduling of the Pod. By default, this is set to ensure all Varnish Enterprise Pods are always run in a different node. To disable this behavior, set to empty string (""). The value can be set as either an object or a template string.

server.mse

  • Type: object

An object for configuring Massive Storage Engine.

server.mse.memoryTarget

  • Type: string

Sets the amount of memory to use for MSE. The value can be set as either a percentage (e.g., “80%”), or bytes (“512m”). If cgroups resource limits are used (i.e., server.resources), the percentage is calculated from the resource limit that is assigned to the container.

server.mse.config

  • Type: template string

An MSE configuration. By default, the value is unset and MSE is run in a memory-only mode. See also the examples in MSE Quick Start for more information on how to configure MSE.

If server.mse.persistence.enabled is true, it is recommended to reference to MSE path using {{ .Values.server.mse.persistence.mountPath }} template string in the configuration.

For example:

server:
  mse:
    config: |
      env: {
        id = "env";
        memcache_size = "auto";
        books = ( {
          id = "book1";
          directory = "{{ .Values.server.mse.persistence.mountPath }}/book1";
          database_size = "1G";
          stores = ( {
            id = "store";
            filename = "{{ .Values.server.mse.persistence.mountPath }}/store1.dat";
            size = "9G";
          } );
        } );
      };

server.mse.persistence.enabled

  • Type: boolean
  • Default: false

Enables MSE persistence mode using PersistentVolumes. This configuration is only available when server.kind is set to StatefulSet. See the using StatefulSet documentation for more information.

server.mse.persistence.mountPath

  • Type: string
  • Default: /var/lib/mse

Sets the mount path inside the container for PersistentVolume.

server.mse.persistence.labels

  • Type: object or template string

Applies extra labels to the PersistentVolume. The value can be set as either an object or a template string.

server.mse.persistence.annotations

  • Type: object or template string

Applies extra annotations to the PersistentVolume. The value can be set as either an object or a template string.

server.mse.persistence.accessModes

  • Type: array of strings
  • Default: ["ReadWriteOnce"]

Sets the AccessMode of the PersistentVolumes. The value is an array of ReadWriteOnce, ReadOnlyMany, or ReadWriteMany. Supports for AccessModes depends on PersistentVolume’s backing storage engine.

server.mse.persistence.storageClassName

  • Type: string

Sets the storage class name of a PersistentVolume for choosing which PersistentVolume’s backing storage engine is used. By default, the default PersistentVolume’s backing storage engine is used.

server.mse.persistence.storageSize

  • Type: string
  • Default: 10Gi

Sets the storage volume size to request for. This value should not be less than database size and store size in the MSE configuration.

server.mse.persistence.bookSize

  • Type: number or string
  • Default: 1%
  • Availability: v1.3.0

Sets the database size for MSE store. Can be set as a percentage (e.g. 1%) or a literal size (e.g. 10Gi). When the value is set as a percentage, the value will be relative to server.mse.persistence.storageSize.

server.mse.persistence.storeSize

  • Type: number or string
  • Default: 91%
  • Availability: v1.3.0

Sets the store size for MSE store. Can be set as a percentage (e.g. 1%) or a literal size (e.g. 10Gi). When the value is set as a percentage, the value will be relative to server.mse.persistence.storageSize.

server.autoscaling

  • Type: object

An object for configuring HorizontalPodAutoscaling.

server.autoscaling.enabled

  • Type: boolean
  • Default: false

Enables the HorizontalPodAutoscaling with the Varnish Enterprise Pod. server.replicas is ignored if autoscaling is enabled.

server.autoscaling.behavior

  • Type: object
  • Availability: v1.6.0

Configures the behavior attribute of HorizontalPodAutoscaling of the Varnish Enterprise Pod.

server.autoscaling.minReplicas

  • Type: string or number
  • Default:
    • From v1.0.0: 1
    • From v1.6.0: -

Sets the minimum number of replicas to always keep running.

From v1.6.0, when set to -, the value will inherit to that of server.replicas.

server.autoscaling.maxReplicas

  • Type: number
  • Default: 100

Sets the maximum number of replicas to run at most.

server.autoscaling.metrics

  • Type: object or template string

Sets the HorizontalPodAutoscaling metrics. The value can be set as either an object or a template string.

server.pdb

  • Type: object
  • Availability: v1.2.0

An object for configuring PodDisruptionBudget.

server.pdb.enabled

  • Type: boolean
  • Default: false
  • Availability: v1.2.0

Enables PodDisruptionBudget.

server.pdb.minAvailable

  • Type: string or number
  • Required: yes, if server.pdb.enabled is true and server.pdb.maxUnavailable is not set
  • Availability: v1.2.0

Sets the number or percentage of pods that must be available after the eviction.

server.pdb.maxUnavailable

  • Type: string or number
  • Required: yes, if server.pdb.enabled is true and server.pdb.minAvailable is not set
  • Availability: v1.2.0

Sets the number or percentage of pods that can be unavailable after the eviction.

server.delayedShutdown.method

  • Type: string
  • Default: none
  • Availability: v1.6.0

Sets the method for delaying shutdown of Varnish Enterprise. Can be one of none, sleep, mempool, or shutdown_delay (Varnish Enterprise 6.0.13r2 and newer).

This is useful for rolling updates or when scaling down, where the load balancer component may still attempt to forward requests to Varnish Enterprise instance when Varnish Enterprise has already received a SIGHUP, leading to HTTP 502 errors.

Multiple delayed shutdown methods are available:

  • sleep will simply sleep in the preStop for server.delayedShutdown.sleep.seconds seconds. This is the simplest way to delay the shutdown of Varnish Enterprise when the time taken for the load balancer component to stop forwarding traffic to Varnish Enterprise is largely static.
  • mempool polls varnishstat for MEMPOOL.sess to go down to zero. This allows for the quickest shutdown but requires tuning server.delayedShutdown.mempool.pollSeconds to the traffic patterns, as MEMPOOL.sess may become 0 momentary resulting in an early shutdown.
  • shutdown_delay similar to sleep, but utilizes Varnish Enterprise’s shutdown_delay feature (available since 6.0.13r2) to perform the wait in-engine instead of relying on preStop and an external command.

When server.delayedShutdown.method is set to a value other than “none”, server.terminationGracePeriodSeconds must also be set.

server.delayedShutdown.sleep.seconds

  • Type: number
  • Default: 90
  • Availability: v1.6.0

Sets the number of seconds to sleep before SIGHUP is sent to Varnish Enterprise. Only applicable when server.delayedShutdown.method is set to “sleep”.

server.delayedShutdown.mempool.pollSeconds

  • Type: number
  • Default: 1
  • Availability: v1.6.0

Sets the number of seconds to poll for MEMPOOL.sess stats. Only applicable when server.delayedShutdown.method is set to “mempool”.

This value needs to be tuned to the traffic patterns. If the time between each request took more than server.delayedShutdown.mempool.pollSeconds, then Varnish Enterprise could be signaled to SIGHUP too early, leading to an HTTP 502 error on the load balancer (as Varnish Enterprise already stopped accepting connection).

server.delayedShutdown.mempool.waitSeconds

  • Type: number
  • Default: 5
  • Availability: v1.6.0

Sets the number of seconds to wait after MEMPOOL.sess turned zero. Only applicable when server.delayedShutdown.method is set to “mempool”.

server.delayedShutdown.shutdownDelay.seconds

  • Type: number
  • Availability: v1.6.0
  • Compatibility: Varnish Enterprise 6.0.13r2 and newer

Sets the number of seconds for varnishd to wait before terminating itself. This is similar to sleep, but use an in-engine method of waiting instead of relying on preStop and an external command. Only applicable when server.delayedShutdown.method is set to “shutdown_delay”.

Setting this value is equivalent of setting -p shutdown_delay=<number_of_seconds> -p shutdown_close=off as an argument to varnishd.

server.terminationGracePeriodSeconds

  • Type: number
  • Availability: v1.6.0

Sets the termination grace period seconds to wait for Varnish Enterprise to shut down. Once this number of seconds is reached without Varnish Enterprise Pod shutting down, Kubernetes will send SIGKILL to the Pod. When server.delayedShutdown is used, this value should be set to a higher value than the maximum time (in seconds) it took for Varnish Enterprise to fully shutdown after a delayed shutdown.

The value to set here depends on the cluster setup. For example, an AWS Load Balancer may still forward requests to Varnish for deregistration_delay.timeout_seconds which is set to 300 seconds by default. If server.delayedShutdown took 30 seconds, then server.terminationGracePeriodSeconds should be set to at least 330 seconds in order to have a zero-downtime during a rolling update or scaling down.

server.varnishncsa

  • Type: object

An object for configuring varnishncsa.

server.varnishncsa.enabled

  • Type: boolean
  • Default: true

Enables HTTP request logging via varnishncsa.

server.varnishncsa.extraEnvs

  • Type: array of objects, object, or template string
  • Availability: v1.5.0

Sets an additional environment variable for varnishncsa container.

Can be set as an array of objects:

extraEnvs:
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

Or an object:

extraEnvs:
  MY_ENVIRONMENT_VARIABLE: my_value

Or a template string:

extraEnvs: |
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

server.varnishncsa.extraVolumeMounts

  • Type: array of objects or template string
  • Availability: v1.5.0

An array of objects that conforms to the Kubernetes volumeMounts definition of a Container. This configuration is used to mount extra volumes defined in server.extraVolumes into the varnishncsa container. The value can be set as either an array of objects or a template string.

server.varnishncsa.image.repository

  • Type: string
  • Default: -

Sets the repository for Varnish Enterprise image for use with varnishncsa. The Varnish image used here must be the same version as the Varnish Enterprise server. Set this to “-” to inherit the value of server.image.repository.

server.varnishncsa.image.pullPolicy

  • Type: string
  • Default: -

Sets the imagePullPolicy for the Varnish Enterprise image for use with varnishncsa. This can be one of Always, Never, or IfNotPreset. Set this to “-” to inherit the value of server.image.pullPolicy.

server.varnishncsa.image.tag

  • Type: string
  • Default: -

Sets the tag for the Varnish Enterprise image for use with varnishncsa. The Varnish image used here must be the same version as the Varnish Enterprise server. Set this to “-” to inherit the value of server.image.tag.

server.varnishncsa.securityContext

  • Type: object

An object that conforms to the Kubernetes securityContext definition of a Container.

For example:

server:
  securityContext:
    runAsUser: 999

This securityContext will be set on the varnishncsa container. For setting securityContext on the Pod itself, see global.podSecurityContext. For setting securityContext to all containers, see global.securityContext.

server.varnishncsa.extraArgs

  • Type: array of strings
  • Default: []

Sets the extra arguments to Varnish NCSA.

server.varnishncsa.startupProbe

  • Type: object
  • Availability: v1.1.0

An object that conforms to the Kubernetes startupProbe definition of a Container.

server.varnishncsa.readinessProbe

  • Type: object
  • Default:
    initialDelaySeconds: 5
    periodSeconds: 10
    timeoutSeconds: 1
    successThreshold: 1
    failureThreshold: 3
    

An object that confirms to the Kubernetes readinessProbe definition of a Container.

server.varnishncsa.livenessProbe

  • Type: object
  • Default:
    initialDelaySeconds: 30
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 3
    

An object that confirms to the Kubernetes livenessProbe definition of a Container.

server.varnishncsa.resources

  • Type: object

An object that conforms to the Kubernetes resources definition of a Container. This configuration can be used to limit resources consumed by the varnishncsa container.

server.agent

  • Type: object

An object for configuring Varnish Controller Agent.

server.agent.enabled

  • Type: boolean
  • Default: false

Enables the Varnish Controller Agent for integration with Varnish Controller.

If Varnish Controller is deployed in a different namespace than Varnish Enterprise, also set global.natsServer.internal.namespace.

If Varnish Controller is deployed outside the Kubernetes cluster, or is using an external NATS server not provided by Varnish Controller Helm Chart, set global.natsServer.internal.enabled to false and configures global.natsServer.externalAddress.

server.agent.autoRemove.method

  • Type: string
  • Default: none
  • Availability: v1.6.0

Enable automatic de-registering of Varnish Controller Agent during Pod rollout. The value can be one of none (disabled), or vcli (use VCLI to perform de-registration).

server.agent.autoRemove.vcli.image.repository

  • Type: string
  • Default: quay.io/varnish-software/varnish-controller-cli
  • Availability: v1.6.0

Sets the repository for Varnish Controller VCLI image. The Varnish Controller VCLI image used here must be the same version as the Varnish Controller. Since this is a different image from Varnish Enterprise, using “-” is unsupported.

server.agent.autoRemove.vcli.image.pullPolicy

  • Type: string
  • Default: IfNotPresent
  • Availability: v1.6.0

Sets the imagePullPolicy for the Varnish Controller VCLI image. This can be one of Always, Never, or IfNotPreset.

server.agent.autoRemove.vcli.image.tag

  • Type: string
  • Default: see changelogs
  • Availability: v1.6.0

Sets the tag for the Varnish Controller VCLI image for automatic de-registration. The Varnish Controller VCLI image used here must be the same version as the Varnish Controller. Since this is a different image from Varnish Enterprise, using “-” is unsupported.

server.agent.autoRemove.vcli.externalAddress

  • Type: string
  • Availability: v1.6.0

An FQDN to the Varnish Controller API-GW server. The value is ignored if server.agent.autoRemove.vcli.internal.enabled is set to true. Required when server.agent.autoRemove.method is set to “vcli” and server.agent.autoRemove.vcli.internal.enabled is set to false.

server.agent.autoRemove.vcli.username

  • Type: string
  • Default: admin
  • Availability: v1.6.0

Sets the username to connect to Varnish Controller. Required when server.agent.autoRemove.method is set to vcli.

server.agent.autoRemove.vcli.password

  • Type: string
  • Availability: v1.6.0

Sets the password to connect to Varnish Controller. Required when server.agent.autoRemove.method is set to vcli and server.agent.autoRemove.vcli.passwordFrom is not set.

server.agent.autoRemove.vcli.passwordFrom

  • Type: object
  • Default:
    name: varnish-controller-credentials
    key: varnish-admin-password
    
  • Availability: v1.6.0

Sets the Varnish Controller password from an external secret. Required when server.agent.autoRemove.method is set to vcli and server.agent.autoRemove.vcli.password is not set.

Note: if internal Varnish Controller is deployed on another namespace than the one Varnish Enterprise is deployed to, the varnish-controller-credentials secret needs to be manually copied from the Varnish Controller namespace.

server.agent.autoRemove.vcli.insecure

  • Type: boolean
  • Default: false
  • Availability: v1.6.0

Configures Varnish Controller CLI container to skip verifying the TLS certificate when communicating via HTTPS. This should be set to true if Varish Controller is running with a self-signed certificate.

server.agent.autoRemove.vcli.internal.enabled

  • Type: boolean
  • Default: true
  • Availability: v1.6.0

Configures whether to use the Varnish Controller instance deployed by the Varnish Controller Helm Chart. When server.agent.autoRemove.vcli.internal.enabled is set to true, most configurations should be auto-discovered.

server.agent.autoRemove.vcli.internal.namespace

  • Type: string
  • Availability: v1.6.0

Sets the namespace of the Varnish Controller when Varnish Controller is deployed in a different namespace than that of Varnish Enterprise. When this value is empty, the Varnish Enterprise Helm Chart will use the current namespace for auto-discovery.

server.agent.autoRemove.vcli.internal.releaseName

  • Type: string
  • Availability: v1.6.0

Sets the release name of the Varnish Controller when Varnish Controller is deployed with a different release name than “varnish-controller”. When this value is empty, the Varnish Enterprise Helm Chart will use “varnish-controller”.

server.agent.autoRemove.vcli.internal.port

  • Type: number
  • Default: 8080
  • Availability: v1.6.0

Sets the port for API-GW.

server.agent.autoRemove.vcli.internal.https

  • Type: boolean
  • Availability: v1.6.0

Sets whether to use HTTPS to connect to Varnish Controller API-GW.

server.agent.autoRemove.vcli.resources

  • Type: object

An object that conforms to the Kubernetes resources definition of a Container. This configuration can be used to limit resources consumed by the Varnish Controller VCLI container.

server.agent.autoRemove.vcli.extraEnvs

  • Type: array of objects, object, or template string
  • Availability: v1.6.0

Sets an additional environment variable for Varnish Controller VCLI container.

Can be set as an array of objects:

extraEnvs:
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

Or an object:

extraEnvs:
  MY_ENVIRONMENT_VARIABLE: my_value

Or a template string:

extraEnvs: |
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

server.agent.autoRemove.vcli.extraVolumeMounts

  • Type: array of objects or template string
  • Availability: v1.6.0

An array of objects that conforms to the Kubernetes volumeMounts definition of a Container. This configuration is used to mount extra volumes defined in server.extraVolumes into the Varnish Controller Agent container. The value can be set as either an array of objects or a template string.

server.agent.extraArgs

  • Type: array of strings
  • Default: []
  • Availability: v1.6.0

Sets the extra arguments to the Varnish Controller Agent.

server.agent.extraEnvs

  • Type: array of objects, object, or template string
  • Availability: v1.5.0

Sets an additional environment variable for Varnish Controller Agent container.

Can be set as an array of objects:

extraEnvs:
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

Or an object:

extraEnvs:
  MY_ENVIRONMENT_VARIABLE: my_value

Or a template string:

extraEnvs: |
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

server.agent.extraVolumeMounts

  • Type: array of objects or template string
  • Availability: v1.5.0

An array of objects that conforms to the Kubernetes volumeMounts definition of a Container. This configuration is used to mount extra volumes defined in server.extraVolumes into the Varnish Controller Agent container. The value can be set as either an array of objects or a template string.

server.agent.image.repository

  • Type: string
  • Default: quay.io/varnish-software/varnish-controller-agent

Sets the repository for Varnish Controller Agent image. The Varnish Controller image used here must be the same version as the Varnish Controller. Since this is a different image from Varnish Enterprise, using “-” is unsupported.

server.agent.image.pullPolicy

  • Type: string
  • Default: IfNotPresent

Sets the imagePullPolicy for the Varnish Controller image. This can be one of Always, Never, or IfNotPreset.

server.agent.image.tag

  • Type: string
  • Default: see changelogs

Sets the tag for the Varnish Controller image for use with varnishncsa. The Varnish Controller image used here must be the same version as the Varnish Controller. Since this is a different image from Varnish Enterprise, using “-” is unsupported.

server.agent.privateToken

  • Type: string
  • Availability: v1.5.0

Sets a Varnish Controller private token.

server.agent.securityContext

  • Type: object

An object that conforms to the Kubernetes securityContext definition of a Container.

For example:

server:
  securityContext:
    runAsUser: 999

This securityContext will be set on the Varnish Controller container. For setting securityContext on the Pod itself, see global.podSecurityContext. For setting securityContext to all containers, see global.securityContext.

server.agent.logLevel

  • Type: string
  • Default: debug

Sets the log level for the Varnish Controller Agent. The value can be one of debug, info, warning, error, or quiet.

server.agent.tags

  • Type: array of strings

Sets the tags for the Varnish Controller Agent.

server.agent.location

  • Type: object

Sets the latitude and longitude for Varnish Controller Agent. These values are used to display the location of Varnish instance on a map on the Varnish Controller UI, and for GeoIP routing in Varnish Traffic Router.

server.agent.location.latitude

  • Type: string

Sets the longitute where the server is located.

server.agent.location.longitude

  • Type: string

Sets the latitude where the server is located.

server.agent.resources

  • Type: object

An object that conforms to the Kubernetes resources definition of a Container. This configuration can be used to limit resources consumed by the Varnish Controller Agent container.

server.agent.persistence

  • Type: object

An object for configuring Varnish Controller Agent’s state persistency.

server.agent.persistence.enabled

  • Type: boolean
  • Default: false

Enables Varnish Controller Agent state persistency using PersistentVolumes. This configuration is only available when server.kind is set to StatefulSet. See the Integration with Varnish Controller Agent documentation for more information.

server.agent.persistence.enableWithVolumeName

  • Type: string

Enables Varnish Controller Agent state persistency using a custom volume mounts. This configuration overrides server.agent.persistence.enabled. See the Integration with Varnish Controller Agent documentation for more information.

server.agent.persistence.labels

  • Type: object or template string

Applies extra labels to the PersistentVolume. The value can be set as either an object or a template string.

server.agent.persistence.annotations

  • Type: object or template string

Applies extra annotations to the PersistentVolume. The value can be set as either an object or a template string.

server.agent.persistence.accessModes

  • Type: array of string
  • Default: ["ReadWriteOnce"]

Sets the AccessMode of the PersistentVolumes. The value is an array of ReadWriteOnce, ReadOnlyMany, or ReadWriteMany. Supports for AccessModes depends on PersistentVolume’s backing storage engine.

server.agent.persistence.storageClassName

  • Type: string

Sets the storage class name of a PersistentVolume for choosing which PersistentVolume’s backing storage engine is used. By default, the default PersistentVolume’s backing storage engine is used.

server.agent.persistence.storageSize

  • Type: string
  • Default: 512Mi

Sets the storage volume size to request for.

server.initAgent.enabled

  • Type: boolean
  • Default: true
  • Availability: v1.6.0

Configures whether to use init container to initialize Varnish Controller Agent state directory symbolic link. This is to allow Varnish Enterprise Pod to have a static path for accessing Varnish Controller Agent state files. When server.initAgent.enabled is false, the Varnish Controller Agent state directory will be discovered using a dynamic environment variable based on Pod name.

Before v1.6.0, the state directory symbolic link is created at /etc/varnish/agent.

From v1.6.0, the state directory symbolic link is created at /etc/varnish/shared/agent.

From v1.8.0, the default will be changed to false.

server.initAgent.extraEnvs

  • Type: array of objects, object, or template string
  • Availability: v1.5.0

Sets an additional environment variable for Varnish Controller Agent’s init container.

Can be set as an array of objects:

extraEnvs:
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

Or an object:

extraEnvs:
  MY_ENVIRONMENT_VARIABLE: my_value

Or a template string:

extraEnvs: |
  - name: MY_ENVIRONMENT_VARIABLE
    value: my_value

server.initAgent.securityContext

  • Type: object
  • Availability: v1.5.0

An object that conforms to the Kubernetes securityContext definition of a Container

For example:

server:
  initAgent:
    securityContext:
      runAsUser: 999

This securityContext will be set on the Varnish Controller Agent’s init container. For setting securityContext on the Pod itself, see global.podSecurityContext. For setting securityContext to all containers, see global.securityContext.

server.service

  • Type: object

An object for configuring Service.

server.service.enabled

  • Type: boolean
  • Default: true

Enables the Service for Varnish Enterprise.

server.service.labels

  • Type: object or template string

Applies extra labels to the Service. The value can be set as either an object or a template string.

server.service.annotations

  • Type: object or template string

Applies extra annotations to the Service. The value can be set as either an object or a template string.

server.service.type

  • Type: string
  • Default: NodePort

Sets the type of the Service. Can be either CluterIP, LoadBalancer, or NodePort.

See also Accessing Varnish Enterprise in Kubernetes Cluster

server.service.clusterIP

  • Type: string

Sets a custom Service ClusterIP. This value can be set as either an IP address, or a literal string “None”. Only applicable when server.service.type is set to ClusterIP. When set to “None”, Kubernetes will create a Headless Service, skipping the Kubernetes proxying mechanism. In such case, server.service.http.port and server.service.https.port will be ignored. Instead, server.http.port and server.tls.port must be used instead.

See also Accessing Varnish Enterprise in Kubernetes Cluster.

server.service.loadBalancerIP

  • Type: string
  • Availability: v1.4.0

Sets a pre-allocated IP address for use in LoadBalancer.

server.service.http.enabled

  • Type: boolean
  • Default: true

Enables HTTP service.

server.service.http.port

  • Type: number
  • Default: 80

Sets the port to expose HTTP service.

server.service.http.nodePort

  • Type: number

Sets the port to expose HTTP service directly on the node itself. Only applicable when server.service.type is set to NodePort. This value must be within the Kubernetes service-node-port-range (default: 30000-32767).

See also Accessing Varnish Enterprise in Kubernetes Cluster.

server.service.https.enabled

  • Type: boolean
  • Default: false

Enables HTTPS service. Requires server.tls.enabled to be enabled.

server.service.https.port

  • Type: number
  • Default: 443

Sets the port to expose HTTPS service.

server.service.https.nodePort

  • Type: number

Sets the port to expose HTTPS service directly on the node itself. Only applicable when server.service.type is set to NodePort. This value must be within the Kubernetes service-node-port-range (default: 30000-32767).

See also [accessing Varnish via NodePort][access-nodeport].

server.service.extraServices

  • Type: array of object

An array of extra services to expose to as a Service.

For example:

extraServices:
  - name: "varnish-proxy"
    targetPort: 6888
    port: 88

server.service.extraServices[].name

  • Type: string
  • Required: yes

Sets the name of the Service.

server.service.extraServices[].targetPort

  • Type: number
  • Required: yes

Sets the target ports that are exposed via server.extraListens.

server.service.extraServices[].port

  • Type: number

Sets the port to expose this extra service.

server.service.extraServices[].nodePort

  • Type: number

Sets the port to expose this extra service on the node itself. Only applicable when server.service.type is set to NodePort. This value must be within the Kubernetes service-node-port-range (default: 30000-32767).

server.ingress

  • Type: object

An object for configuring Ingress.

server.ingress.enabled

  • Type: boolean
  • Default: false

Enables the Ingress for Varnish Enterprise.

server.ingress.labels

  • Type: object or template string

Applies extra labels to the Ingress. The value can be set as either an object or a template string.

server.ingress.annotations

  • Type: object or template string

Applies extra annotations to the Ingress. The value can be set as either an object or a template string.

server.ingress.ingressClassName

  • Type: string

Sets the Ingress Class for selecting Ingress controller to use.

server.ingress.pathType

  • Type: string
  • Default: Prefix

Sets the Ingress Path Type for the Varnish Enterprise endpoint. The value can be either Prefix, Exact, or ImplementationSpecific. The value to use here depends on the Ingress controller.

server.ingress.hosts

  • Type: array of object

Sets the hostname for the Ingress. This hostname is used for routing traffic.

server.ingress.tls

  • Type: array of objects

An array of objects that conforms to Ingress TLS.

extraManifests

  • Type: array of object
  • Availability: v1.2.1

An array of objects to attach Kubernetes manifests to a workload.

For example:

extraManifests:
  - name: clusterrole
    data: |
      apiVersion: rbac.authorization.k8s.io/v1
      kind: ClusterRole
      metadata:
        name: {{ .Release.Name }}-clusterrole
      # ...

extraManifests[].name

  • Type: string
  • Availability: v1.2.1

The name of the manifest. Only used if extraManifests[].checksum is true.

extraManifests[].checksum

  • Type: boolean
  • Availability: v1.2.1

Whether to attach the manifest’s checksum to that of the workload in order to force an automatic rollout when the manifest is updated.

extraManifests[].data

  • Type: object or template string
  • Availability: v1.2.1

The full content of the manifest.