dan
/
improwised-charts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Feat/frigate (#30) 

* feat:added frigate chart

* modified README.md

* modified chart.yaml

* modified values.yaml

* changed storageclass

* changed values.yaml

* changed values.yaml

* changed values.yaml

* changed values.yaml

* Storageclass
main
shivani446 2023-05-27 19:29:43 +05:30 committed by GitHub
parent 87d029991e
commit 990ff96e00
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 765 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
charts/frigate/.helmignore Normal file
View File

@ -0,0 +1,24 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# OWNERS file for Kubernetes
OWNERS

28
charts/frigate/CHANGELOG.md Normal file
View File

@ -0,0 +1,28 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
## [6.3.1] - 2022-05-27
### Fixed
- Frigate container no longer hard-coded to run as root
- README errors
### Updated
- `securityContext` now configurable
- Frigate to `v0.10.1`
## [6.3.0] - 2022-01-05
### Added
- CHANGELOG
- ReadMe template to be utilized by helm-docs
### Updated
- Documentation
### Removed
- `replicaCount` configuration option as this is not supported >1
## [6.2.0] - 2022-01-05
### Updated
- added helper function to allow imageTag to be pulled from appVersion

11
charts/frigate/Chart.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v2
appVersion: "0.12.0"
description: NVR With Realtime Object Detection for IP Cameras
name: frigate
version: 1.0.0
keywords:
- tensorflow
- coral
- ml
maintainers:
- name: Improwised

78
charts/frigate/INSTALL.md Normal file
View File

@ -0,0 +1,78 @@
# Frigate - NVR With Realtime Object Detection for IP Cameras
This is a helm chart for [frigate](https://github.com/blakeblackshear/frigate)
## TL;DR;
```shell
$ helm repo add blakeshome https://blakeblackshear.github.io/blakeshome-charts/
$ helm install blakeshome/frigate
```
## Requirements
MQTT server in either thesame namespace or reachable via IP or FQDN
## Installing the Chart
To install the chart with the release name `frigate`:
### Create credentials seceret
```console
kc create secret generic frigate-rstp-credentials --from-literal=FRIGATE_RTSP_USERNAME=<username> --from-literal=FRIGATE_RTSP_PASSWORD=<password> -n <namespace>
```
### Install MQTT is not already available
```console
helm install mosquitto k8s-at-home/mosquitto
```
### Install Frigate
```console
helm install frigate blakeshome/frigate
```
If using the Coral USB TPU module (strongly recommended), you can use `nodeAffinity` rules to designate which node the pod is scheduled to in order to have host-access to the device, for example:
```yaml
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: tpu
operator: In
values:
- google-coral
```
... where a node with an attached Coral USB device is labeled with `tpu: google-coral`
## Uninstalling the Chart
To uninstall/delete the `frigate` deployment:
```console
helm delete frigate
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
Read through the [values.yaml](https://github.com/blakeblackshear/blakeshome-charts/blob/master/charts/frigate/values.yaml) file. It has several commented out suggested values.
Also reference https://blakeblackshear.github.io/frigate/configuration/index for detailed frigate configuration settings.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
helm install frigate \
--set rtspPassword="someValue" \
blakeshome/frigate
```
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
```console
helm install --name frigate -f values.yaml blakeshome/frigate
```

4
charts/frigate/OWNERS Normal file
View File

@ -0,0 +1,4 @@
approvers:
- deltasquare4
reviewers:
- deltasquare4

66
charts/frigate/README.md Normal file
View File

@ -0,0 +1,66 @@
# frigate
NVR With Realtime Object Detection for IP Cameras
This Helm Chart installs [Frigate](https://frigate.video/) on to Kubernetes.
**Homepage:** helm repo index --url https://improwised.github.io/charts .
## Install
Using [Helm](https://helm.sh), you can easily install and test Frigate in a
Kubernetes cluster by running the following:
#### Add Helm repo
First, add the repo if you haven't already done so:
```bash
helm repo add improwised https://improwised.github.io/charts/
```
#### Minimum Config
At minimum, you'll need to define the following Frigate configuration properties. For information, see the [Docs](https://docs.frigate.video/configuration/index).
```yaml
# values.yaml
config: |
mqtt:
host: "mqtt.example.com"
port: 1883
user: admin
password: "<your_mqtt_password>"
cameras:
# Define at least one camera
back:
ffmpeg:
inputs:
- path: rtsp://viewer:{FRIGATE_RTSP_PASSWORD}@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2
roles:
- detect
- rtmp
detect:
width: 1280
height: 720
```
#### Install Chart
Now install the chart:
```bash
helm upgrade --install \
my-release \
improwised/frigate \
-f values.yaml
```
## Maintainers
| Name | URL
| ---- | ------
| Improwised | improwised.com |

16
charts/frigate/ci/ci-values.yaml Normal file
View File

@ -0,0 +1,16 @@
# Probes configuration
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
config: |
mqtt:
host: test.mosquitto.org
topic_prefix: frigate
detectors:
cpu1:
type: cpu

19
charts/frigate/templates/NOTES.txt Normal file
View File

@ -0,0 +1,19 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "frigate.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ include "frigate.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "frigate.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "frigate.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:5000 to use your application"
kubectl port-forward $POD_NAME 5000:5000
{{- end }}

156
charts/frigate/templates/Statefulset.yaml Normal file
View File

@ -0,0 +1,156 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "frigate.fullname" . }}
labels:
{{ include "frigate.labels" . | indent 4 }}
spec:
replicas: 1
revisionHistoryLimit: 3
# strategy:
# type: {{ .Values.strategyType }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "frigate.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
serviceName: "frigate"
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "frigate.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
annotations:
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
{{- if .Values.podAnnotations }}
{{- range $key, $value := .Values.podAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- if and .Values.gpu.nvidia.enabled (.Values.gpu.nvidia.runtimeClassName) }}
runtimeClassName: {{ .Values.gpu.nvidia.runtimeClassName }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ include "frigate.imageTag" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- if and .Values.coral.enabled (not .Values.securityContext) }}
privileged: true
{{- else }}
{{- toYaml .Values.securityContext | nindent 12 }}
{{- end }}
ports:
- name: http
containerPort: 5000
protocol: TCP
- name: rtmp
containerPort: 1935
protocol: TCP
{{- if .Values.probes.liveness.enabled }}
livenessProbe:
httpGet:
path: /
port: http
scheme: HTTP
initialDelaySeconds: {{ .Values.probes.liveness.initialDelaySeconds }}
failureThreshold: {{ .Values.probes.liveness.failureThreshold }}
timeoutSeconds: {{ .Values.probes.liveness.timeoutSeconds }}
{{- end }}
{{- if .Values.probes.readiness.enabled }}
readinessProbe:
httpGet:
path: /
port: http
scheme: HTTP
initialDelaySeconds: {{ .Values.probes.readiness.initialDelaySeconds }}
failureThreshold: {{ .Values.probes.readiness.failureThreshold }}
timeoutSeconds: {{ .Values.probes.readiness.timeoutSeconds }}
{{- end }}
{{- if .Values.probes.startup.enabled }}
startupProbe:
httpGet:
path: /
port: http
scheme: HTTP
failureThreshold: {{ .Values.probes.startup.failureThreshold }}
periodSeconds: {{ .Values.probes.startup.periodSeconds }}
{{- end }}
env:
{{- if .Values.gpu.nvidia.enabled }}
- name: NVIDIA_DRIVER_CAPABILITIES
value: "all"
- name: NVIDIA_VISIBLE_DEVICES
value: "all"
{{- end }}
{{- range $key, $value := .Values.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
envFrom:
{{- range .Values.envFromSecrets }}
- secretRef:
name: {{ . }}
{{- end }}
volumeMounts:
{{- if .Values.coral.enabled }}
- mountPath: {{ .Values.coral.hostPath }}
name: coral-dev
{{- end }}
- mountPath: /config
name: config
- mountPath: /data
name: data
- mountPath: /media/frigate
name: data
- name: dshm
mountPath: /dev/shm
{{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 12 }}{{ end }}
resources:
{{- if .Values.gpu.nvidia.enabled }}
limits:
"nvidia.com/gpu": 1
{{- end }}
{{- if .Values.resources }}
{{- toYaml .Values.resources | nindent 12 }}
{{- end }}
volumes:
- name: config
configMap:
name: {{ template "frigate.fullname" . }}
{{- if .Values.coral.enabled }}
- name: coral-dev
hostPath:
path: {{ .Values.coral.hostPath }}
{{- end }}
- name: dshm
emptyDir:
medium: Memory
sizeLimit: {{ .Values.shmSize }}
{{- if .Values.extraVolumes }}{{ toYaml .Values.extraVolumes | trim | nindent 8 }}{{ end }}
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
# storageClassName: {{ .Values.storageClassName }}
resources:
requests:
storage: 1Gi
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

56
charts/frigate/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,56 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "frigate.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "frigate.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "frigate.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "frigate.labels" -}}
app.kubernetes.io/name: {{ include "frigate.name" . }}
helm.sh/chart: {{ include "frigate.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Gets the image Tag to use when pulling the docker image
*/}}
{{- define "frigate.imageTag" -}}
{{- if .Values.image.tag -}}
{{ .Values.image.tag }}
{{- else -}}
{{ .Chart.AppVersion }}
{{- end -}}
{{- end -}}

13
charts/frigate/templates/configmap.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "frigate.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "frigate.name" . }}
helm.sh/chart: {{ include "frigate.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
config.yml: |
{{ .Values.config | indent 4 }}

44
charts/frigate/templates/ingress.yaml Normal file
View File

@ -0,0 +1,44 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "frigate.fullname" . -}}
{{- $ingressPath := .Values.ingress.path -}}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else -}}
apiVersion: networking.k8s.io/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{ include "frigate.labels" . | indent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ . }}
pathType: "ImplementationSpecific"
backend:
service:
name: {{ $fullName }}
port:
name: http
{{- end }}
{{- end }}
{{- end }}

56
charts/frigate/templates/service.yaml Normal file
View File

@ -0,0 +1,56 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "frigate.fullname" . }}
labels:
{{ include "frigate.labels" . | indent 4 }}
{{- if .Values.service.labels }}
{{ toYaml .Values.service.labels | indent 4 }}
{{- end }}
{{- with .Values.service.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }}
type: ClusterIP
{{- if .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{end}}
{{- else if eq .Values.service.type "LoadBalancer" }}
type: {{ .Values.service.type }}
{{- if .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.service.type }}
{{- end }}
{{- if .Values.service.externalIPs }}
externalIPs:
{{ toYaml .Values.service.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
{{- end }}
ports:
- name: http
port: {{ .Values.service.port }}
protocol: TCP
targetPort: http
{{ if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
nodePort: {{.Values.service.nodePort}}
{{ end }}
- name: rtmp
port: 1935
protocol: TCP
targetPort: rtmp
{{ if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
nodePort: {{.Values.service.nodePort}}
{{ end }}
selector:
app.kubernetes.io/name: {{ include "frigate.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}

194
charts/frigate/values.yaml Normal file
View File

@ -0,0 +1,194 @@
# Default values for frigate.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# -- upgrade strategy type (e.g. Recreate or RollingUpdate)
strategyType: Recreate
image:
# -- Docker registry/repository to pull the image from
repository: ghcr.io/blakeblackshear/frigate
# -- Overrides the default tag (appVersion) used in Chart.yaml ([Docker Hub](https://hub.docker.com/r/blakeblackshear/frigate/tags?page=1))
tag: 0.12.0
# -- Docker image pull policy
pullPolicy:
# if using nfs then use nfs-client to mount
storageClassName: local-path
# -- Docker image pull policy
imagePullSecrets: []
# -- additional ENV variables to set. Prefix with FRIGATE_ to target Frigate configuration values
env: {}
# TZ: UTC
# -- set environment variables from Secret(s)
envFromSecrets: []
# secrets are required before `helm install`
# - frigate-rstp-credentials
coral:
# -- enables the use of a Coral device
enabled: true
# -- path on the host to which to mount the Coral device
hostPath: /dev/bus/usb
gpu:
nvidia:
# -- Enables NVIDIA GPU compatibility. Must also use the "amd64nvidia" tagged image
enabled: false
# -- Overrides the default runtimeClassName
runtimeClassName:
# -- declare extra volumes to use for Frigate
extraVolumes: []
# -- declare additional volume mounts
extraVolumeMounts: []
# -- amount of shared memory to use for caching
shmSize: 1Gi
# nameOverride -- Overrides the name of resources
nameOverride: ""
# fullnameOverride -- Overrides the Full Name of resources
fullnameOverride: ""
# -- frigate configuration - see [Docs](https://docs.frigate.video/configuration/index) for more info
config: |
mqtt:
enabled: False
cameras:
name_of_your_camera: # <------ Name the camera
ffmpeg:
inputs:
- path: rtsp://10.0.10.10:554/rtsp # <----- The stream you want to use for detection
roles:
- detect
detect:
enabled: False # <---- disable detection until you have a working camera feed
width: 1280 # <---- update for your camera's resolution
height: 720 # <---- update for your camera's resolution
# Probes configuration
probes:
liveness:
enabled: true
initialDelaySeconds: 30
failureThreshold: 5
timeoutSeconds: 10
readiness:
enabled: true
initialDelaySeconds: 30
failureThreshold: 5
timeoutSeconds: 10
startup:
enabled: false
failureThreshold: 30
periodSeconds: 10
service:
# -- Type of Service to use
type: ClusterIP
# -- Port the Service should communicate on
port: 5000
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
labels: {}
# -- Set specific IP address for LoadBalancer. `service.type` must be set to `LoadBalancer`
loadBalancerIP:
# loadBalancerSourceRanges: []
## Set the externalTrafficPolicy in the Service to either Cluster or Local
# externalTrafficPolicy: Cluster
ingress:
# -- Enables the use of an Ingress Controller to front the Service and can provide HTTPS
enabled: true
# -- annotations to configure your Ingress. See your Ingress Controller's Docs for more info.
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# For NGINX INC, these may be neccessary
# nginx.org/proxy-read-timeout: "3600"
# nginx.org/proxy-send-timeout: "3600"
# nginx.org/websocket-services: "<release_name>-frigate" # TODO: can this be automated?
# nginx.ingress.kubernetes.io/auth-url: "https://oauth2-proxy.chart-frigate-local.com/oauth2/auth"
# nginx.ingress.kubernetes.io/auth-signin: "https://oauth2-proxy.chart-frigate-local.com/oauth2/start?rd=$scheme://$host$request_uri"
# -- list of hosts and their paths that ingress controller should repsond to.
hosts:
- host: chart.frigate.local.com
paths:
- '/'
# -- list of TLS configurations
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
persistence:
data:
# -- Enables persistence for the data directory
enabled: true
## frigate data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
storageClass: "nfs-client"
##
## If you want to reuse an existing claim, you can pass the name of the PVC using
## the existingClaim variable
# existingClaim: my-claim
# subPath: some-subpath
# -- [access mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) to use for the PVC
accessMode: ReadWriteOnce
# -- size/capacity of the PVC
size: 500Mi
# -- Do not delete the pvc upon helm uninstall
skipuninstall: false
# -- Set resource limits/requests for the Pod(s)
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# gpu.intel.com/i915: 1
# requests:
# cpu: 100m
# memory: 128Mi
# gpu.intel.com/i915: 1
# -- Set Security Context
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
# privileged: true
# -- Node Selector configuration
nodeSelector: {}
# -- Node toleration configuration
tolerations: []
# -- Set Pod affinity rules
affinity: {}
# -- Set additonal pod Annotations
podAnnotations: {}