string
A string. While the YAML spec does not require strings to be quoted, it is highly recommended to quote strings
to prevent YAML type coercion (e.g., values such as country: NO
are treated as country: false
by YAML).
Example:
key1: "value"
# or multi-line
key2: |
value
number
A number.
key1: 42
# or float
key2: 3.14
boolean
A true or false. While the YAML spec also treats keywords such as “yes” and “no” as true and false, respectively, it is highly recommended to use explicit true and false as the value for maintainability.
key1: true
object
A pair of key value.
key1:
subkey1: "string"
subkey2: 3.14
subkey3: true
# alternatively, using JSON syntax
key2: { "subkey1": "string", "subkey2": 3.14, "subkey3": true }
array of objects
An array of objects.
key1:
- name: "value1"
subkey: "value"
- name: "value2"
subkey: "value"
array of strings
An array of strings.
key1:
- "string1"
- "string2"
- "string3"
# alternatively, using JSON syntax
key1: ["string1", "string2", "string3"]
template string
A pair of key value as a string. Template functions exposed by Helm are available in this type.
key1: |
subkey1: {{ .Release.Name | quote }}
subkey2: "hello, world"
# in array of objects
key2: |
- name: {{ .Release.Name | quote }}
subkey1: "hello, world"
Overrides the name of the chart (without the release name). For example, setting nameOverride
to “hello” would produce
a deployment named “release-name-hello”. Containers within a pod derive their name from this setting. By default,
the name of the chart is used (i.e., “varnish-enterprise”)
Overrides the full name of the chart (with the release name). This setting allows overriding both release name and
a deployment name altogether. For example, setting fullnameOverride
to “hello” would produce a deployment named
“hello”. By default, a composition of a Helm release name and the name of the chart is used
(i.e., “release-name-varnish-enterprise”).
An array of object that conforms to the Kubernetes imagePullSecrets definition.
When set, each item in an array must consist of an object with a key name
referencing the Kubernetes
secret
For example:
global:
imagePullSecrets:
- name: registry-quay-k7c2f4m2d5
An object that conforms to the Kubernetes securityContext definition of a Pod
For example:
global:
podSecurityContext:
fsGroup: 999
This securityContext will be set on all Pods within this chart. For setting securityContext on all containers,
see global.securityContext
.
An object that conforms to the Kubernetes securityContext definition of a Container
For example:
global:
securityContext:
runAsUser: 999
runAsNonRoot: true
This securityContext will be set on all containers within this chart. For setting securityContext on the Pod
itself, see global.podSecurityContext
.
An object configuring Varnish Controller Agent access to NATS.
An FQDN to the NATS server. The value is ignored if global.natsServer.internal.enabled
is set to true.
Required when running Varnish Enterprise with Varnish Controller.
true
Configures Varnish Agent to use the internal NATS server.
Discovers the internal NATS server within the given namespace. By default, the current namespace is used.
Overrides the full name of the internal NATS server. Required if nameOverride
or fullnameOverride
is used in the Varnish Controller Helm Chart. By default, “varnish-controller” is used.
cluster.local
Overrides the Kubernetes cluster domain. Required if Kubernetes cluster is configured to use different cluster domain than the default. By default, “cluster.local” is used. In most cases, this value should not be changed.
name: varnish-controller-credentials
key: nats-varnish-password
Sets internal NATS password from external secret. Internal NATS must be configured separately. See Varnish Controller Helm Chart documentation for more information.
For example:
global:
natsServer:
internal:
passwordFrom:
name: secret-name
key: nats-password
true
Create a Kubernetes service account to use with the deployment.
Applies extra labels to the service account. The value can be set as either an object or a template string.
Applies extra annotations to the service account. The value can be set as either an object or a template string.
Overrides the name of the service account. By default, the full name of the chart is used.
1
Specifies the number of replicas to deploy Varnish Enterprise server. The value is ignored if
server.autoscaling.enabled
is set to true, or server.kind
is “DaemonSet”.
Deployment
Specifies the type of deployment to deploy Varnish Enterprise server. The value can be one of
Deployment
, DaemonSet
, or StatefulSet
depending on usage scenarios (see examples).
Applies extra labels to the deployment. The value can be set as either an object or a template string.
Labels specified here will be applied to the deployment itself. To apply labels on the Pod, use
server.podLabels
.
Applies extra annotations to the deployment. The value can be set as either an object or a template string.
Deployment annotations can be used to for applying additional metadata or for integrating with external tooling.
The annotations specified here will be applied to the deployment itself. To apply labels on the Pod, use
server.podAnnotations
.
Configures deployment strategy to replace existing Pod with a new one.
This configuration is only available when server.kind
is set to Deployment. For StatefulSet and
DaemonSet, see server.updateStrategy
.
Configures update strategy for updating Pods when a change is made to the manifest. This configuration
is only available when server.kind
is set to StatefulSet or DaemonSet. For Deployment, see
server.strategy
.
Note: While both StatefulSet and DaemonSet share the same updateStrategy
configuration key, its applicable values are different. See updateStrategy on StatefulSet and [updateStrategy on DaemonSet][k8s-daemonset-updatestrategy.
Whether to enable shared PID namespace between all containers in a Pod. This is useful for a scenario where it is necessary to send a signal to a process across a container.
true
Configures Varnish to listen for HTTP traffic.
6081
Configures the TCP port on which Varnish will listen for HTTP traffic. This port is used for Varnish to
bind to within a container. To change the port exposed via service to other applications, see
server.service.http.port
.
false
Configures Varnish to enable In-Process TLS and listens to HTTPS traffic. When enabled,
server.tls.config
must also be configured. Certificates may be mounted into the Pod using
server.extraVolumeMounts
and server.extraVolumes
.
This port is used by HTTP service as a targetPort.
6443
Configures the TCP port on which Varnish will listen for HTTPS traffic. This port is used for Varnish to
bind to within a container. To change the port exposed via service to other applications, see
server.service.https.port
.
This port is used by HTTPS service as a targetPort.
The TLS configuration. See also In-Process TLS for configuration options. It is recommended
to reference to a port in a configuration using {{ .Values.server.tls.port }}
template string for
services integration.
For example:
server:
tls:
config: |
frontend = {
host = ""
port = "{{ .Values.server.tls.port }}"
}
pem-file = "/certs/example.com.pem"
127.0.0.1
Configures the address for Varnish management interface.
6082
Configures the port for Varnish management interface.
An array of extra ports for Varnish to listen to.
For example:
extraListens:
- name: proxy
address: "0.0.0.0"
port: 6888
proto: "PROXY"
- name: proxy-sock
path: "/tmp/varnish-proxy.sock"
user: "www"
group: "www"
mode: "0700"
proto: "PROXY"
The name of the listen. This name will be accessible in VCLs via local.socket
.
The protocol of the listen. Must be one of PROXY
or HTTP
. Default to HTTP if not set.
server.extraListens[].path
is setThe port to listens to. Only applicable for TCP listens.
The address to listens to. Only applicable for TCP listens.
server.extraListens[].port
is setThe path of UNIX domain socket to listens as. Only applicable for UNIX domain socket.
The user owning the UNIX domain socket. Only applicable for UNIX domain socket.
The group owning the UNIX domain socket. Only applicable for UNIX domain socket.
The file mode octet for the UNIX domain socket. Only applicable for UNIX domain socket.
120
Sets the default Time To Live (in seconds) for a cached object.
50
Sets the minimum number of worker threads in each pool. See also varnishd documentation.
1000
Sets the maximum number of worker threads in each pool. See also varnishd documentation.
120
Sets the threshold in seconds where idle threads are destroyed after least this duration.
[]
Sets the extra arguments to the varnishd.
[]
An array of objects that conform to the Kubernetes initContainers definition of a Pod.
This can be used to run initialization tasks before varnishd starts. Note that initContainers
cannot be changed once it is applied. To update this value after the initial deploy, uninstall
Varnish Enterprise Helm Chart from the cluster and reinstall. The value can be set as either an array
of objects or a template string.
[]
An array of objects that conforms to the Kubernetes containers definition of a Pod. This can be used to add a sidecar container to varnishd. The value can be set as either an array of objects or a template string.
An array of objects that conforms to the Kubernetes VolumeClaimTemplates
definition of a StatefulSet workload. This configuration is only available when server.kind
is
set to StatefulSet.
An array of objects that conforms to the Kubernetes volumeMounts
definition of a Container. This configuration is used to mount extra volumes defined in
server.extraVolumes
into the Varnish Enterprise container. The value can be set as either
an array of objects or a template string.
An array of objects that conforms to the Kubernetes volumes definition of a Pod.
This configuration is used to define volumes to be used in server.extraVolumeMounts
, or
within server.extraContainers
, or within server.extraInitContainers
. The value can be set as
either an array of objects or a template string.
server.agent.enabled
is true and server.secretFrom
isn’t setSets the Varnish secret for accessing the varnishd admin interface. Either this value or
server.secretFrom
can be set.
server.agent.enabled
is true and server.secret
is not setSets the Varnish secret from external Kubernetes secret for accessing the varnishd admin
interface. Either this value or server.secret
can be set.
For example:
server:
secretFrom:
name: secret-name
key: varnish-secret
server.agent.enabled
is trueA VCL configuration for Varnish Enterprise. Only required if Varnish Controller Agent is not used.
For example:
server:
vclConfig: |
vcl 4.1;
backend default {
.host = "www.example.com";
.port = "80";
}
sub vcl_backend_fetch {
set bereq.http.Host = "www.example.com";
}
Extra VCL configuration where a filename as a key and template string as a value. The path to store
server.vclConfigs
will be relative to that of server.vclConfigPath
. For example, given the
following configuration:
server:
vclConfigPath: "/etc/varnish/default.vcl"
vclConfigs:
extra.vcl: |
vcl 4.1;
backend default {
.host = "127.0.0.1";
.port = "8090";
}
The file will be saved as /etc/varnish/extra.vcl
.
If the filename in server.vclConfigs
matches the name in server.vclConfigPath
, it will be treated
in the same way as server.vclConfig
. In this case, server.vclConfig
must not be set.
For example:
server:
vclConfigPath: "/etc/varnish/default.vcl"
# This is effectively the same as setting server.vclConfig: "..."
vclConfigs:
default.vcl: |
vcl 4.1;
backend default {
.host = "127.0.0.1";
.port = "8090";
}
# In this case, vclConfig must be unset.
vclConfig: ""
/etc/varnish/default.vcl
A path to the main VCL configuration. This configuration affects the location where server.vclConfig
will be saved to, as well as the VARNISH_VCL_CONF
environment variable in the Varnish Enterprise
container.
A CLI command file for running management commands when varnishd
is launched.
For example, when loading extra VCL in multi-tenancy mode. See also
External VCL ConfigMap.
For example:
server:
cmdfileConfig: |
vcl.load vcl_tenant1 /etc/varnish/tenant1.vcl
vcl.label label_tenant1 vcl_tenant1
vcl.load vcl_main /etc/varnish/main.vcl
vcl.use vcl_main
/etc/varnish/cmds.cli
A path to the CLI command file. This configuration affects the location
where server.cmdfileConfig
will be saved to, as well as the -I
argument in the Varnish
Enterprise container when server.cmdfileConfig
is not empty.
quay.io/varnish-software/varnish-plus
Sets the repository for Varnish Enterprise image.
IfNotPresent
Sets the imagePullPolicy for the Varnish Enterprise image. This can be one of Always, Never, or IfNotPreset.
Sets the tag for the Varnish Enterprise image. By default, this is set to the same application
version as in the Varnish Enterprise Helm Chart. If the tag is set to non-exact versions
(such as “latest”, or “6.0”), make sure to set server.image.pullPolicy
to “Always” to make
sure the image is always updated.
Applies extra annotations to the Pod. The value can be set as either an object or a template string.
Pod annotations can be used to for applying additional metadata or for integrating with external tooling.
Annotations specified here will be applied to the Pod. To apply labels on the deployment, use
server.annotations
.
Applies extra labels to the Pod. The value can be set as either an object or a template string.
Labels specified here will be applied to the Pod itself. To apply labels on the deployment, use
server.labels
.
An object that conforms to the Kubernetes securityContext definition of a Container
For example:
server:
securityContext:
runAsUser: 999
This securityContext will be set on the Varnish Enterprise container. For setting securityContext
on the Pod itself, see global.podSecurityContext
. For setting securityContext to all containers,
see global.securityContext
.
An object that conforms to the Kubernetes startupProbe definition of a Container
For example:
server:
startupProbe:
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
Uses Kubernetes httpGet probe instead of TCP probe. Port will be automatically injected. It is possible to provide extra configuration options that conforms to the Kubernetes httpGet probe definition.
For example, to enable httpGet probe mode:
server:
startupProbe:
httpGet:
To specify path and add extra headers:
server:
startupProbe:
httpGet:
path: "/healthz"
httpHeaders:
- name: X-Health-Check
value: k8s
Varnish Helm Chart doesn’t provide a default health check endpoint, so it is necessary to configure Varnish to return 200 OK for this endpoint via a VCL. For example:
server:
vclConfig: |
vcl 4.1
backend default {
.host = "www.example.com";
.port = "80";
}
sub vcl_recv {
if (req.url ~ "^/healthz(/.*)?$") {
# or pass to backend, etc.
return (synth(200, "OK"));
}
}
An object that confirms to the Kubernetes readienssProbe definition of a Container.
Uses Kubernetes httpGet probe instead of TCP probe. Port will be automatically injected. It is possible to provide extra configuration options that conforms to the Kubernetes httpGet probe definition.
See also server.startupProbe.httpGet.
5
Sets the initial delay before the first probe is sent to determine if the Varnish Enterprise Pod is ready to accept an incoming connection.
10
Sets the delay between each probe to determine if the Varnish Enterprise Pod is ready to accept an incoming connection after the initial probe.
1
Sets the timeout for the probe to wait for a response from the Varnish Enterprise Pod.
1
Sets the number of times when a consecutive successful response is considered a success and the Varnish Enterprise Pod is considered ready to accept an incoming connection.
3
Sets the number of times when a consecutive failure response is considered a failure and the Varnish Enterprise Pod is considered unhealthy.
An object that confirms to the Kubernetes readienssProbe definition of a Container.
Uses Kubernetes httpGet probe instead of TCP probe. Port will be automatically injected. It is possible to provide extra configuration options that conforms to the Kubernetes httpGet probe definition.
See also server.startupProbe.httpGet.
30
Sets the initial delay before the first probe is sent to determine if the Varnish Enterprise Pod is still ready to accept an incoming connection (i.e., live).
10
Sets the delay between each probe to determine if the Varnish Enterprise Pod is still ready to accept an incoming connection after the initial probe.
5
Sets the timeout for the probe to wait for a response from the Varnish Enterprise Pod.
1
Sets the number of times when a consecutive successful response is considered a success and the Varnish Enterprise Pod is considered still ready to accept an incoming connection.
3
Sets the number of times when a consecutive failure response is considered a failure and the Varnish Enterprise Pod is considered unhealthy (i.e., down).
An object that conforms to the Kubernetes resources definition of a Container. This configuration can be used to limit resources consumed by the Varnish Enterprise container.
An object that conforms to the Kubernetes nodeSelector definition of a Pod. This configuration is used to select a node to schedule a Pod to. The value can be set as either an object or a template string.
An object that conforms to the Kubernetes tolerations definition of a Pod. This configuration is used to allow the Pod to be scheduled to nodes with specific taints. The value can be set as either an array of strings or a template string.
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "varnish-enterprise.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
topologyKey: kubernetes.io/hostname
This configuration is used to fine-grain control the scheduling of the Pod. By default, this is set to ensure all Varnish Enterprise Pods are always run in a different node. To disable this behavior, set to empty string (""). The value can be set as either an object or a template string.
An object for configuring Massive Storage Engine.
Sets the amount of memory to use for MSE. The value can be set as either a percentage
(e.g., “80%”), or bytes (“512m”). If cgroups resource limits are used (i.e., server.resources
),
the percentage is calculated from the resource limit that is assigned to the container.
An MSE configuration. By default, the value is unset and MSE is run in a memory-only mode. See also the examples in MSE Quick Start for more information on how to configure MSE.
If server.mse.persistence.enabled
is true, it is recommended to reference to MSE path
using {{ .Values.server.mse.persistence.mountPath }}
template string in the configuration.
For example:
server:
mse:
config: |
env: {
id = "env";
memcache_size = "auto";
books = ( {
id = "book1";
directory = "{{ .Values.server.mse.persistence.mountPath }}/book1";
database_size = "1G";
stores = ( {
id = "store";
filename = "{{ .Values.server.mse.persistence.mountPath }}/store1.dat";
size = "9G";
} );
} );
};
false
Enables MSE persistence mode using PersistentVolumes. This
configuration is only available when server.kind
is set to StatefulSet. See the
using StatefulSet documentation for more information.
/var/lib/mse
Sets the mount path inside the container for PersistentVolume.
Applies extra labels to the PersistentVolume. The value can be set as either an object or a template string.
Applies extra annotations to the PersistentVolume. The value can be set as either an object or a template string.
["ReadWriteOnce"]
Sets the AccessMode of the PersistentVolumes. The value is an array of ReadWriteOnce, ReadOnlyMany, or ReadWriteMany. Supports for AccessModes depends on PersistentVolume’s backing storage engine.
Sets the storage class name of a PersistentVolume for choosing which PersistentVolume’s backing storage engine is used. By default, the default PersistentVolume’s backing storage engine is used.
10Gi
Sets the storage volume size to request for. This value should not be less than database size and store size in the MSE configuration.
1%
Sets the database size for MSE store. Can be set as a percentage (e.g. 1%
) or a literal size
(e.g. 10Gi
). When the value is set as a percentage, the value will be relative to
server.mse.persistence.storageSize
.
91%
Sets the store size for MSE store. Can be set as a percentage (e.g. 1%
) or a literal size
(e.g. 10Gi
). When the value is set as a percentage, the value will be relative to
server.mse.persistence.storageSize
.
An object for configuring HorizontalPodAutoscaling.
false
Enables the HorizontalPodAutoscaling with the Varnish Enterprise Pod. server.replicas
is ignored if autoscaling is enabled.
1
Sets the minimum number of replicas to always keep running.
100
Sets the maximum number of replicas to run at most.
Sets the HorizontalPodAutoscaling metrics. The value can be set as either an object or a template string.
An object for configuring PodDisruptionBudget.
false
Enables PodDisruptionBudget.
server.pdb.enabled
is true and server.pdb.maxUnavailable
is not setSets the number or percentage of pods that must be available after the eviction.
server.pdb.enabled
is true and server.pdb.minAvailable
is not setSets the number or percentage of pods that can be unavailable after the eviction.
An object for configuring varnishncsa.
true
Enables HTTP request logging via varnishncsa.
-
Sets the repository for Varnish Enterprise image for use with varnishncsa. The Varnish image used
here must be the same version as the Varnish Enterprise server. Set this to “-” to inherit the value
of server.image.repository
.
-
Sets the imagePullPolicy for the Varnish Enterprise image for use with
varnishncsa. This can be one of Always, Never, or IfNotPreset. Set this to “-” to inherit the value
of server.image.pullPolicy
.
-
Sets the tag for the Varnish Enterprise image for use with varnishncsa. The Varnish image used
here must be the same version as the Varnish Enterprise server. Set this to “-” to inherit the value
of server.image.tag
.
An object that conforms to the Kubernetes securityContext definition of a Container.
For example:
server:
securityContext:
runAsUser: 999
This securityContext will be set on the varnishncsa container. For setting securityContext
on the Pod itself, see global.podSecurityContext
. For setting securityContext to all containers,
see global.securityContext
.
Sets the extra arguments to varnishncsa.
An object that conforms to the Kubernetes startupProbe definition of a Container.
An object that confirms to the Kubernetes readinessProbe definition of a Container.
5
Sets the initial delay before the first probe is sent to determine if the varnishncsa Pod is ready to handle the logs.
10
Sets the delay between each probe to determine if the varnishncsa Pod is ready to handle the logs after the initial probe.
1
Sets the timeout for the probe to wait for a response from the varnishncsa Pod.
1
Sets the number of times when a consecutive successful response is considered a success and the varnishncsa Pod is considered ready to handle the logs.
3
Sets the number of times when a consecutive failure response is considered a failure and the varnishncsa Pod is considered unhealthy.
An object that confirms to the Kubernetes livenessProbe definition of a Container.
30
Sets the initial delay before the first probe is sent to determine if the varnishncsa Pod is still ready to handle the logs.
10
Sets the delay between each probe to determine if the varnishncsa Pod is still ready to handle the logs after the initial probe.
5
Sets the timeout for the probe to wait for a response from the varnishncsa Pod.
1
Sets the number of times when a consecutive successful response is considered a success and the varnishncsa Pod is considered still ready to handle the logs.
3
Sets the number of times when a consecutive failure response is considered a failure and the varnishncsa Pod is considered unhealthy.
An object that conforms to the Kubernetes resources definition of a Container. This configuration can be used to limit resources consumed by the varnishncsa container.
An object for configuring Varnish Controller Agent.
false
Enables the Varnish Controller Agent for integration with Varnish Controller.
If Varnish Controller is deployed in a different namespace than Varnish Enterprise,
also set global.natsServer.internal.namespace
.
If Varnish Controller is deployed outside the Kubernetes cluster, or is using an
external NATS server not provided by Varnish Controller Helm Chart, set
global.natsServer.internal.enabled
to false
and configures
global.natsServer.externalAddress
.
quay.io/varnish-software/varnish-controller-agent
Sets the repository for Varnish Controller Agent image. The Varnish Controller image used here must be the same version as the Varnish Controller. Since this is a different image from Varnish Enterprise, using “-” is unsupported.
IfNotPresent
Sets the imagePullPolicy for the Varnish Controller image. This can be one of Always, Never, or IfNotPreset.
latest
Sets the tag for the Varnish Controller image for use with varnishncsa. The Varnish Controller image used here must be the same version as the Varnish Controller. Since this is a different image from Varnish Enterprise, using “-” is unsupported.
An object that conforms to the Kubernetes securityContext definition of a Container.
For example:
server:
securityContext:
runAsUser: 999
This securityContext will be set on the Varnish Controller container. For setting
securityContext on the Pod itself, see global.podSecurityContext
. For setting
securityContext to all containers, see global.securityContext
.
debug
Sets the log level for the Varnish Controller Agent. The value can be one of
debug
, info
, warning
, error
, or quiet
.
Sets the extra environment variables for the Varnish Controller Agent.
Sets the tags for the Varnish Controller Agent.
Sets the latitude and longitude for Varnish Controller Agent. These values are used to display the location of Varnish instance on a map on the Varnish Controller UI, and for GeoIP routing in Varnish Traffic Router.
Sets the longitute where the server is located.
Sets the latitude where the server is located.
An object that conforms to the Kubernetes resources definition of a Container. This configuration can be used to limit resources consumed by the Varnish Controller Agent container.
An object for configuring Varnish Controller Agent’s state persistency.
false
Enables Varnish Controller Agent state persistency using PersistentVolumes.
This configuration is only available when server.kind
is set to StatefulSet. See the
Integration with Varnish Controller Agent documentation
for more information.
Enables Varnish Controller Agent state persistency using a custom volume mounts.
This configuration overrides server.agent.persistence.enabled
. See the
Integration with Varnish Controller Agent documentation
for more information.
Applies extra labels to the PersistentVolume. The value can be set as either an object or a template string.
Applies extra annotations to the PersistentVolume. The value can be set as either an object or a template string.
["ReadWriteOnce"]
Sets the AccessMode of the PersistentVolumes. The value is an array of ReadWriteOnce, ReadOnlyMany, or ReadWriteMany. Supports for AccessModes depends on PersistentVolume’s backing storage engine.
Sets the storage class name of a PersistentVolume for choosing which PersistentVolume’s backing storage engine is used. By default, the default PersistentVolume’s backing storage engine is used.
512Mi
Sets the storage volume size to request for.
An object for configuring Service.
true
Enables the Service for Varnish Enterprise.
Applies extra labels to the Service. The value can be set as either an object or a template string.
Applies extra annotations to the Service. The value can be set as either an object or a template string.
NodePort
Sets the type of the Service. Can be either CluterIP
, LoadBalancer
, or NodePort
. See also
relevant section in this documentation:
Sets a custom Service ClusterIP. This value can be set as either an IP address,
or a literal string “None”. Only applicable when server.service.type
is set to ClusterIP. When set to
“None”, Kubernetes will create a Headless Service, skipping the Kubernetes proxying mechanism.
See also accessing Varnish via ClusterIP.
true
Enables HTTP service.
80
Sets the port to expose HTTP service.
Sets the port to expose HTTP service directly on the node itself. Only applicable when server.service.type
is set to NodePort. This value must be within the Kubernetes service-node-port-range (default: 30000-32767).
See also accessing Varnish via NodePort.
false
Enables HTTPS service. Requires server.tls.enabled
to be enabled.
443
Sets the port to expose HTTPS service.
Sets the port to expose HTTPS service directly on the node itself. Only applicable when server.service.type
is set to NodePort. This value must be within the Kubernetes service-node-port-range (default: 30000-32767).
See also accessing Varnish via NodePort.
An array of extra services to expose to as a Service.
For example:
extraServices:
- name: "varnish-proxy"
targetPort: 6888
port: 88
Sets the name of the Service.
Sets the target ports that are exposed via server.extraListens
.
Sets the port to expose this extra service.
Sets the port to expose this extra service on the node itself. Only applicable when server.service.type
is set to NodePort. This value must be within the Kubernetes service-node-port-range (default: 30000-32767).
An object for configuring Ingress.
false
Enables the Ingress for Varnish Enterprise.
Applies extra labels to the Ingress. The value can be set as either an object or a template string.
Applies extra annotations to the Ingress. The value can be set as either an object or a template string.
Sets the Ingress Class for selecting Ingress controller to use.
Prefix
Sets the Ingress Path Type for the Varnish Enterprise endpoint. The value can be
either Prefix
, Exact
, or ImplementationSpecific
. The value to use here depends on the Ingress
controller.
Sets the hostname for the Ingress. This hostname is used for routing traffic.
An array of objects that conforms to Ingress TLS.
An array of objects to attach Kubernetes manifests to the deployment.
For example:
extraManifests:
- name: clusterrole
data: |
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Release.Name }}-clusterrole
# ...
The name of the manifest. Only used if extraManifests[].checksum is true
.
Whether to attach the manifest’s checksum to that of the workload in order to force an automatic rollout when the manifest is updated.
The full content of the manifest.