The mogenius platform is available as a SaaS option on app.mogenius.com. If you prefer the self-hosted version of mogenius, you can install it with our Helm chart. This way you can run mogenius on your own clusters and even in air-gapped environments.
Prerequisites
- A Kubernetes cluster with at least 1 CPU and 1 GB of memory available.
- Credentials for pulling the mogenius images from the container registry (see below).
- The traefik ingress controller.
- A working local installation of Helm.
- A MySQL server (optional).
Running the platform as a self-hosted version requires a subscription. Contact our sales team for more information.
Quickstart
For a quick installation of the mogenius platform with defaults where possible, follow these steps.
Create a Namespace
On the cluster where you’re installing the mogenius platform, create a new namespace mogenius-platform.
Create Secrets
The platform services require a few secrets containing critical credentials that aren’t created by the Helm chart. The following secrets are required for the minimum configuration. Additional secrets can be used when working with more sophisticated Helm chart configurations.
1. Container Registry
After obtaining a subscription for the self-hosted version, you will have received credentials for the container registry where the platform images are stored. In your mogenius-platform namespace create a new secret mo-registry-credentials and store the credentials as type kubernetes.io/dockerconfigjson.
2. Valkey (Redis-compatible)
Create a secret mo-redis-secret with the key REDIS_SECRET. Define a secure password as a value that you store in a safe place (e.g. a vault).
3. Encryption Key
Create a secret mo-platform-shared with the key MO_CORE_NEST__SSH_SYM_ENC_KEY. As a value, use openssl rand -base64 32 or a similar method on your terminal to create a base64-encrypted key.
4. MySQL
Create the secret mo-mysql-secret with the keys MYSQL_PASSWORD and MYSQL_ROOT_PASSWORD. Use secure passwords as values.
5. Admin User
Create the secret mo-platform-user-secret with the following keys and values:
MO_USER_NEST__SYSTEM_ADMIN_EMAIL
The email address to log in with your admin user.
MO_USER_NEST__SYSTEM_ADMIN_PASSWORD
The password for your admin user.
MO_CORE_NEST__SSH_SYM_ENC_KEY
Use the same value that you set in the secret mo-platform-shared.
MO_USER_NEST__JWT_PRIVATE
Create a private key using the following commands and retrieve the value from the text file.
openssl ecparam -genkey -name secp521r1 -noout -out ec512-key-pair.pem
openssl base64 -A -in ec512-key-pair.pem -out ec512-key-pair.txt
MO_USER_NEST__JWT_PUBLIC
Create a public key using the following commands and retrieve the value from the text file.
openssl ec -in ec512-key-pair.pem -pubout -out public.pem
openssl base64 -A -in public.pem -out public.txt
MO_USER_NEST__SESSION_SECRET
Define a secure secret of your choice.
Prepare your values.yaml
The Helm chart supports wide range of values that you can use to configure your installation of the mogenius platform. Skip to values for a full reference of the chart.
Below is an example values.yaml for a minimal setup to install the mogenius platform in a development environment. Make sure to review the configuration and ensure that it matches your infrastructure.
values.yaml quickstart example
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
traefik.ingress.kubernetes.io/forward-headers: "true"
traefik.ingress.kubernetes.io/router.middlewares: mogenius-platform-cors-middleware@kubernetescrd
traefik.ingress.kubernetes.io/secure-headers: "true"
api_service_url: platform-api.YOURDOMAIN.com
hostname: mogenius.YOURDOMAIN.com
k8s_cmd_stream_url: k8s-cmd-stream.YOURDOMAIN.com
k8s_dispatcher_url: k8s-dispatcher.YOURDOMAIN.com
k8s_logs_url: k8s-logs.YOURDOMAIN.com
k8s_websocket_url: k8s-ws.YOURDOMAIN.com
rootDomain: YOURDOMAIN.com
socket_service_url: platform-ws.YOURDOMAIN.com
tls:
- hosts:
- mogenius.YOURDOMAIN.com
- platform-api.YOURDOMAIN.com
- platform-user.YOURDOMAIN.com
- platform-ws.YOURDOMAIN.com
- k8s-ws.YOURDOMAIN.com
- k8s-logs.YOURDOMAIN.com
- k8s-cmd-stream.YOURDOMAIN.com
- k8s-dispatcher.YOURDOMAIN.com
secretName: mo-platform-tls
traefik:
apiVersion: traefik.io/v1alpha1
user_service_url: platform-user.YOURDOMAIN.com
mo_platform:
metrics:
enabled: true
resources:
requests:
cpu: 10m
memory: 50Mi
mo_platform_api:
enableAutoRefreshToken: true
refreshTokenTask: true
mo_platform_user:
openid:
enabled: false
mogenius:
imagePullSecrets:
- mo-registry-credentials
mysql:
enabled: true
ssl: false
storage:
accessMode: ReadWriteOnce
className: local-path
This chart configuration deploys the MySQL Docker image as part of the platform deployment. This setup is not recommended for running the mogenius platform in production scenarios. We recommend configuring the mysql values with connection to a high-availability MySQL for use in a production environment.
Deploy the Helm chart
Run the following command on your cluster to install the Helm chart with your values.yaml.
helm repo add mogenius https://helm.mogenius.com/private
helm install mogenius-platform mogenius/mo-infrastructure -n mogenius-platform -f values.yaml
Access the mogenius web interface
Check the status of the installation and make sure all Pods are starting properly.
kubectl get Pods -n mogenius-platform
When all Pods are Running, access the mogenius platform with the hostname you specified in your Ingress (e.g. mogenius.yourdomain.com). You can log in with the credentials of your admin user.
Next steps
Now that mogenius is up and running you can prepare the platform for your team. Check out the following resources as next steps:
Support
Need help setting up the mogenius platform? Contact us via support@mogenius.com.
Values
Global Settings
| Key | Type | Default | Description |
|---|
| stage | string | "production" | Current environment, one of [dev, production] |
| revisionHistoryLimit | int | 1 | Global revisionHistoryLimit for all resources |
| progressDeadlineSeconds | int | 600 | Deployment progress deadline |
| secrets | object | {} | secrets.<secretName>.<secretKey>.<secretValue> |
| dockersecrets | object | {} | Docker registry secrets |
| mogenius.imagePullSecrets | list | [] | List of image pull secrets for mogenius images |
| global.imagePullSecrets | list | [] | List of image pull secrets for all images |
| global.serviceMonitor.fallbackScrapeProtocol | string | "PrometheusText0.0.4" | Fallback scrape protocol for service monitors |
| global.podLabels | object | {} | Global pod labels applied to all pods |
Ingress
| Key | Type | Default | Description |
|---|
| ingress.rootDomain | string | nil | Root domain that the platform will be hosted on, e.g. example.com |
| ingress.ingressClassName | string | "traefik" | Ingress class name |
| ingress.annotations | object | See below | Annotations to be placed on the ingress |
| ingress.tls | list | [] | Secret reference for TLS |
| ingress.hostname | string | nil | Platform hostname e.g. app.example.com |
| ingress.api_service_url | string | nil | API hostname e.g. api-app.example.com |
| ingress.user_service_url | string | nil | User service hostname e.g. user-app.example.com |
| ingress.socket_service_url | string | nil | WebSocket hostname e.g. ws-app.example.com |
| ingress.k8s_websocket_url | string | nil | Kubernetes WebSocket hostname e.g. k8s-ws.example.com |
| ingress.k8s_logs_url | string | nil | Kubernetes log hostname e.g. k8s-logs.example.com |
| ingress.k8s_cmd_stream_url | string | nil | Kubernetes cmd stream hostname e.g. k8s-cmd-stream.example.com |
| ingress.k8s_dispatcher_url | string | nil | Kubernetes dispatcher hostname e.g. k8s-dispatcher.example.com |
| ingress.traefik.apiVersion | string | "traefik.containo.us/v1alpha1" | The apiVersion that shall be used for traefik resources |
Default ingress annotations:
traefik.ingress.kubernetes.io/router.middlewares: mogenius-cors-middleware@kubernetescrd
traefik.ingress.kubernetes.io/forward-headers: "true"
traefik.ingress.kubernetes.io/secure-headers: "true"
Feature Toggles
| Key | Type | Default | Description |
|---|
| features.sso.enabled | bool | true | Enable SSO feature with ingress for SSO wildcard domain |
| features.sso.ingress.tls | list | [] | TLS configuration for SSO ingress |
| features.sso.ingress.annotations | object | {} | Annotations for SSO ingress |
| features.portForwarding.enabled | bool | true | Enable port forwarding feature |
| features.portForwarding.hostname | string | "tunnel.mogenius.com" | Hostname for port forwarding |
| features.portForwarding.ingress.tls | list | [] | TLS configuration for port forwarding ingress |
| features.portForwarding.ingress.annotations | object | {} | Annotations for port forwarding ingress |
| Key | Type | Default | Description |
|---|
| mo_platform.enabled | bool | true | Enable frontend service |
| mo_platform.replicas | int | 1 | Number of replicas |
| mo_platform.image.registry | string | "ghcr.io" | Image registry |
| mo_platform.image.repository | string | "mogenius/mo-frontend" | Image repository |
| mo_platform.image.tag | string | "v2.8.3" | Image tag |
| mo_platform.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform.port | int | 8080 | Service port |
| mo_platform.resources | object | {} | Resource requests/limits |
| mo_platform.tolerations | object | {} | Pod tolerations |
| mo_platform.metrics.enabled | bool | false | Enable Prometheus metrics exporter for nginx |
| mo_platform.metrics.port | int | 9113 | Metrics port |
| mo_platform.metrics.serviceMonitor.enabled | bool | false | Enable ServiceMonitor |
| Key | Type | Default | Description |
|---|
| mo_platform_api.enabled | bool | true | Enable API service |
| mo_platform_api.replicas | int | 1 | Number of replicas |
| mo_platform_api.image.registry | string | "ghcr.io" | Image registry |
| mo_platform_api.image.repository | string | "mogenius/mo-platform-api-service" | Image repository |
| mo_platform_api.image.tag | string | "v4.4.6" | Image tag |
| mo_platform_api.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform_api.port | int | 1337 | HTTP port |
| mo_platform_api.port_tcp | int | 7000 | TCP port |
| mo_platform_api.ws_port | int | 7001 | WebSocket port |
| mo_platform_api.ws_log_port | int | 7002 | WebSocket log port |
| mo_platform_api.ws_cmd_stream_port | int | 7003 | WebSocket cmd stream port |
| mo_platform_api.refreshTokenTask | bool | false | If set to true will refresh the tokens in the database |
| mo_platform_api.enableAutoRefreshToken | bool | false | Enable automatic token refresh |
| mo_platform_api.resources | object | {} | Resource requests/limits |
| mo_platform_api.tolerations | object | {} | Pod tolerations |
| mo_platform_api.probes.enabled | bool | true | Enable health probes |
| mo_platform_api.probes.port | int | 1337 | Probe port |
| mo_platform_api.probes.livenessProbe.path | string | "/core/status" | Liveness probe path |
| mo_platform_api.probes.readinessProbe.path | string | "/core/status" | Readiness probe path |
| mo_platform_api.probes.startupProbe.path | string | "/core/status" | Startup probe path |
| mo_platform_api.sshSymEncKey.secretName | string | "mo-platform-shared" | Secret name for SSH symmetric encryption key |
| mo_platform_api.sshSymEncKey.secretKey | string | "MO_CORE_NEST__SSH_SYM_ENC_KEY" | Secret key for SSH symmetric encryption key |
| mo_platform_api.initContainer.image.registry | string | "docker.io" | Init container image registry |
| mo_platform_api.initContainer.image.repository | string | "alpine/curl" | Init container image repository |
| mo_platform_api.initContainer.image.tag | string | "8.20.0" | Init container image tag |
| Key | Type | Default | Description |
|---|
| mo_platform_user.enabled | bool | true | Enable user service |
| mo_platform_user.replicas | int | 1 | Number of replicas |
| mo_platform_user.image.registry | string | "ghcr.io" | Image registry |
| mo_platform_user.image.repository | string | "mogenius/mo-platform-user" | Image repository |
| mo_platform_user.image.tag | string | "v2.0.17" | Image tag |
| mo_platform_user.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform_user.port | int | 1337 | HTTP port |
| mo_platform_user.port_ws | int | 7000 | WebSocket port |
| mo_platform_user.resources | object | {} | Resource requests/limits |
| mo_platform_user.tolerations | object | {} | Pod tolerations |
| mo_platform_user.probes.enabled | bool | true | Enable health probes |
| mo_platform_user.sshSymEncKey.secretName | string | "mo-platform-shared" | Secret name for SSH symmetric encryption key |
| mo_platform_user.sshSymEncKey.secretKey | string | "MO_CORE_NEST__SSH_SYM_ENC_KEY" | Secret key for SSH symmetric encryption key |
OpenID Configuration:
| Key | Type | Default | Description |
|---|
| mo_platform_user.openid.enabled | bool | true | Enable OpenID |
| mo_platform_user.openid.issuer | string | "https://login-dev.mogenius.com" | OpenID issuer URL |
| mo_platform_user.openid.accessTokenLifetime | string | "600" | Access token lifetime in seconds |
| mo_platform_user.openid.refreshTokenLifetime | string | "7776000" | Refresh token lifetime in seconds |
| mo_platform_user.openid.adminAccessTokenLifetime | string | "28800" | Admin access token lifetime in seconds |
| mo_platform_user.openid.provider.github.enabled | bool | false | Enable GitHub OAuth |
| mo_platform_user.openid.provider.gitlab.enabled | bool | false | Enable GitLab OAuth |
| mo_platform_user.openid.provider.google.enabled | bool | false | Enable Google OAuth |
| mo_platform_user.openid.provider.linkedin.enabled | bool | false | Enable LinkedIn OAuth |
| mo_platform_user.openid.provider.microsoft.enabled | bool | false | Enable Microsoft OAuth |
| Key | Type | Default | Description |
|---|
| mo_platform_websocket.enabled | bool | true | Enable WebSocket service |
| mo_platform_websocket.replicas | int | 1 | Number of replicas |
| mo_platform_websocket.image.registry | string | "ghcr.io" | Image registry |
| mo_platform_websocket.image.repository | string | "mogenius/mo-platform-websocket" | Image repository |
| mo_platform_websocket.image.tag | string | "v2.0.7" | Image tag |
| mo_platform_websocket.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform_websocket.port | int | 1337 | HTTP port |
| mo_platform_websocket.port_ws | int | 7000 | WebSocket port |
| mo_platform_websocket.resources | object | {} | Resource requests/limits |
| mo_platform_websocket.tolerations | object | {} | Pod tolerations |
| mo_platform_websocket.sshSymEncKey.secretName | string | "mo-platform-shared" | Secret name for SSH symmetric encryption key |
| mo_platform_websocket.sshSymEncKey.secretKey | string | "MO_CORE_NEST__SSH_SYM_ENC_KEY" | Secret key for SSH symmetric encryption key |
| Key | Type | Default | Description |
|---|
| mo_platform_notification.enabled | bool | true | Enable notification service |
| mo_platform_notification.replicas | int | 1 | Number of replicas |
| mo_platform_notification.image.registry | string | "ghcr.io" | Image registry |
| mo_platform_notification.image.repository | string | "mogenius/mo-platform-notification" | Image repository |
| mo_platform_notification.image.tag | string | "v2.0.7" | Image tag |
| mo_platform_notification.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform_notification.port | int | 7000 | Service port |
| mo_platform_notification.email.fromName | string | "Mogenius Team" | Email sender name |
| mo_platform_notification.email.fromAddress | string | "no-reply@mogenius.com" | Email sender address |
| mo_platform_notification.resources | object | {} | Resource requests/limits |
| mo_platform_notification.tolerations | object | {} | Pod tolerations |
| mo_platform_notification.sshSymEncKey.secretName | string | "mo-platform-shared" | Secret name for SSH symmetric encryption key |
| mo_platform_notification.sshSymEncKey.secretKey | string | "MO_CORE_NEST__SSH_SYM_ENC_KEY" | Secret key for SSH symmetric encryption key |
| Key | Type | Default | Description |
|---|
| mo_platform_queue.enabled | bool | true | Enable queue service |
| mo_platform_queue.replicas | int | 1 | Number of replicas |
| mo_platform_queue.image.registry | string | "ghcr.io" | Image registry |
| mo_platform_queue.image.repository | string | "mogenius/mo-platform-queue" | Image repository |
| mo_platform_queue.image.tag | string | "v3.0.4" | Image tag |
| mo_platform_queue.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform_queue.resources | object | {} | Resource requests/limits |
| mo_platform_queue.tolerations | object | {} | Pod tolerations |
| mo_platform_queue.sshSymEncKey.secretName | string | "mo-platform-shared" | Secret name for SSH symmetric encryption key |
| mo_platform_queue.sshSymEncKey.secretKey | string | "MO_CORE_NEST__SSH_SYM_ENC_KEY" | Secret key for SSH symmetric encryption key |
| Key | Type | Default | Description |
|---|
| mo_platform_message_dispatcher.enabled | bool | true | Enable message dispatcher |
| mo_platform_message_dispatcher.replicas | int | 1 | Number of replicas |
| mo_platform_message_dispatcher.image.registry | string | "ghcr.io" | Image registry |
| mo_platform_message_dispatcher.image.repository | string | "mogenius/mo-platform-message-dispatcher" | Image repository |
| mo_platform_message_dispatcher.image.tag | string | "v1.1.4" | Image tag |
| mo_platform_message_dispatcher.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform_message_dispatcher.listen_host | string | "0.0.0.0" | Listen host |
| mo_platform_message_dispatcher.port | int | 7060 | Service port |
| mo_platform_message_dispatcher.resources | object | {} | Resource requests/limits |
| mo_platform_message_dispatcher.tolerations | object | {} | Pod tolerations |
Valkey (Redis-compatible Cache)
The platform uses Valkey, an open-source Redis-compatible in-memory data store, for caching and message queuing. The chart deploys multiple Valkey instances for different purposes.
| Key | Type | Default | Description |
|---|
| mo_platform_api_valkey.enabled | bool | true | Enable Valkey for API service |
| mo_platform_api_valkey.image.registry | string | "docker.io" | Image registry |
| mo_platform_api_valkey.image.repository | string | "valkey/valkey" | Image repository |
| mo_platform_api_valkey.image.tag | string | "9.1.0" | Image tag |
| mo_platform_api_valkey.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_platform_api_valkey.port | int | 6379 | Service port |
| mo_platform_api_valkey.host | string | "mo-platform-api-valkey" | Service hostname |
| mo_platform_api_valkey.password.secretName | string | "mo-redis-secret" | Secret name for password |
| mo_platform_api_valkey.password.secretKey | string | "REDIS_SECRET" | Secret key for password |
| mo_platform_api_valkey.resources | object | {} | Resource requests/limits |
| mo_platform_api_valkey.metrics.enabled | bool | false | Enable Prometheus metrics exporter |
| mo_platform_api_valkey.metrics.port | int | 9121 | Metrics port |
| mo_platform_api_valkey.metrics.serviceMonitor.enabled | bool | false | Enable ServiceMonitor |
mo_valkey_shared
Shared Valkey instance used for queue processing and cross-service communication.
| Key | Type | Default | Description |
|---|
| mo_valkey_shared.enabled | bool | true | Enable shared Valkey |
| mo_valkey_shared.tls | bool | false | Enable TLS |
| mo_valkey_shared.queue_db | int | 7 | Database number for queue |
| mo_valkey_shared.image.registry | string | "docker.io" | Image registry |
| mo_valkey_shared.image.repository | string | "valkey/valkey" | Image repository |
| mo_valkey_shared.image.tag | string | "9.1.0" | Image tag |
| mo_valkey_shared.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mo_valkey_shared.port | int | 6379 | Service port |
| mo_valkey_shared.host | string | "mo-valkey-shared" | Service hostname |
| mo_valkey_shared.password.secretName | string | "mo-redis-secret" | Secret name for password |
| mo_valkey_shared.password.secretKey | string | "REDIS_SECRET" | Secret key for password |
| mo_valkey_shared.resources | object | {} | Resource requests/limits |
| mo_valkey_shared.strategy | string | "RollingUpdate" | Update strategy |
| mo_valkey_shared.metrics.enabled | bool | false | Enable Prometheus metrics exporter |
| mo_valkey_shared.metrics.serviceMonitor.enabled | bool | false | Enable ServiceMonitor |
mo_websocket_valkey
| Key | Type | Default | Description |
|---|
| mo_websocket_valkey.enabled | bool | true | Enable Valkey for WebSocket service |
| mo_websocket_valkey.image.registry | string | "docker.io" | Image registry |
| mo_websocket_valkey.image.repository | string | "valkey/valkey" | Image repository |
| mo_websocket_valkey.image.tag | string | "9.1.0" | Image tag |
| mo_websocket_valkey.port | int | 6379 | Service port |
| mo_websocket_valkey.host | string | "mo-websocket-valkey" | Service hostname |
| mo_websocket_valkey.password.secretName | string | "mo-redis-secret" | Secret name for password |
| mo_websocket_valkey.password.secretKey | string | "REDIS_SECRET" | Secret key for password |
| mo_websocket_valkey.resources | object | {} | Resource requests/limits |
| mo_websocket_valkey.metrics.enabled | bool | false | Enable Prometheus metrics exporter |
mo_user_valkey
| Key | Type | Default | Description |
|---|
| mo_user_valkey.enabled | bool | true | Enable Valkey for user service |
| mo_user_valkey.image.registry | string | "docker.io" | Image registry |
| mo_user_valkey.image.repository | string | "valkey/valkey" | Image repository |
| mo_user_valkey.image.tag | string | "9.1.0" | Image tag |
| mo_user_valkey.port | int | 6379 | Service port |
| mo_user_valkey.host | string | "mo-user-valkey" | Service hostname |
| mo_user_valkey.password.secretName | string | "mo-redis-secret" | Secret name for password |
| mo_user_valkey.password.secretKey | string | "REDIS_SECRET" | Secret key for password |
| mo_user_valkey.resources | object | {} | Resource requests/limits |
| mo_user_valkey.metrics.enabled | bool | false | Enable Prometheus metrics exporter |
mo_message_dispatcher_valkey
| Key | Type | Default | Description |
|---|
| mo_message_dispatcher_valkey.enabled | bool | true | Enable Valkey for message dispatcher |
| mo_message_dispatcher_valkey.image.registry | string | "docker.io" | Image registry |
| mo_message_dispatcher_valkey.image.repository | string | "valkey/valkey" | Image repository |
| mo_message_dispatcher_valkey.image.tag | string | "9.1.0" | Image tag |
| mo_message_dispatcher_valkey.port | int | 6379 | Service port |
| mo_message_dispatcher_valkey.host | string | "mo-message-dispatcher-valkey" | Service hostname |
| mo_message_dispatcher_valkey.tls | bool | false | Enable TLS |
| mo_message_dispatcher_valkey.password.secretName | string | "mo-redis-secret" | Secret name for password |
| mo_message_dispatcher_valkey.password.secretKey | string | "REDIS_SECRET" | Secret key for password |
| mo_message_dispatcher_valkey.resources | object | {} | Resource requests/limits |
| mo_message_dispatcher_valkey.metrics.enabled | bool | false | Enable Prometheus metrics exporter |
MySQL
| Key | Type | Default | Description |
|---|
| mysql.enabled | bool | false | Enable MySQL deployment (use external MySQL for production) |
| mysql.replicas | int | 1 | Number of replicas |
| mysql.image.registry | string | "docker.io" | Image registry |
| mysql.image.repository | string | "mysql" | Image repository |
| mysql.image.tag | string | "8.4.10" | Image tag |
| mysql.imagePullPolicy | string | "IfNotPresent" | Image pull policy |
| mysql.port | int | 3306 | Service port |
| mysql.host | string | "mysql" | Service hostname |
| mysql.database | string | "platform" | Database name |
| mysql.user | string | "platform_user" | Database user |
| mysql.password.secretName | string | "mo-mysql-secret" | Secret name for password |
| mysql.password.secretKey | string | "MYSQL_PASSWORD" | Secret key for password |
| mysql.root_password.secretName | string | "mo-mysql-secret" | Secret name for root password |
| mysql.root_password.secretKey | string | "MYSQL_ROOT_PASSWORD" | Secret key for root password |
| mysql.ssl | bool | false | Enable SSL |
| mysql.sslRejectUnauthorized | bool | true | Reject unauthorized SSL connections |
| mysql.allow_empty_root_password | int | 0 | Allow empty root password (0 = no) |
| mysql.subpath | string | "{{ tpl .Release.Namespace }}-mysql-storage" | Storage subpath |
| mysql.mountpoint | string | "/var/lib/mysql" | Data mount point |
| mysql.storage.capacity | string | "50Gi" | Storage capacity |
| mysql.resources | object | {} | Resource requests/limits |
| mysql.tolerations | object | {} | Pod tolerations |
Storage
| Key | Type | Default | Description |
|---|
| storage.className | string | "default" | Storage class name |
| storage.accessMode | string | "ReadWriteMany" | Access mode |