s3proxy-python/chart/values.yaml at f151c94a181f6d16e689a9c53f8849038103bf8f · ServerSideHannes/s3proxy-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
# S3Proxy Helm Chart Values

replicaCount: 3

image:
  repository: ghcr.io/ServerSideHannes/s3proxy-python
  tag: latest
  pullPolicy: IfNotPresent

s3:
  host: "s3.amazonaws.com"
  region: "us-east-1"

server:
  port: 4433
  noTls: true

performance:
  memoryLimitMb: 64

externalRedis:
  url: ""
  uploadTtlHours: 24
  existingSecret: ""
  passwordKey: "redis-password"

redis-ha:
  enabled: true
  replicas: 1
  auth: false
  redisPassword: ""
  existingSecret: ""
  authKey: "auth"

  persistentVolume:
    enabled: true
    size: 10Gi
    storageClass: ""

  haproxy:
    enabled: true
    replicas: 2
    # CRITICAL: Health check and timeout settings for high load tolerance
    # Redis can be slow during BGSAVE - don't mark as DOWN too quickly
    checkInterval: 5s         # Check every 5 seconds (default: 1s)
    timeout:
      check: "10s"            # Wait 10s for health check response (default: 2s)
      server: "60s"           # Server response timeout (default: 30s)
      client: "60s"           # Client connection timeout (default: 30s)
    resources:
      requests:
        cpu: "50m"
        memory: "64Mi"
      limits:
        cpu: "200m"
        memory: "128Mi"

  sentinel:
    port: 26379
    quorum: 2
    config:
      down-after-milliseconds: 10000
      failover-timeout: 180000
      parallel-syncs: 5

  redis:
    port: 6379
    config:
      maxmemory: "200mb"
      maxmemory-policy: noeviction

      min-replicas-to-write: 2
      min-replicas-max-lag: 10

  hardAntiAffinity: true

  resources:
    requests:
      cpu: "100m"
      memory: "128Mi"
    limits:
      cpu: "500m"
      memory: "256Mi"

secrets:
  existingSecrets:
    enabled: false
    name: ""
    keys:
      encryptKey: "S3PROXY_ENCRYPT_KEY"
      awsAccessKeyId: "AWS_ACCESS_KEY_ID"
      awsSecretAccessKey: "AWS_SECRET_ACCESS_KEY"

  encryptKey: ""
  awsAccessKeyId: ""
  awsSecretAccessKey: ""

admin:
  enabled: false
  path: "/admin"

logLevel: "DEBUG"

resources:
  requests:
    cpu: "100m"
    memory: "512Mi"
  limits:
    cpu: "500m"
    memory: "512Mi"

service:
  type: ClusterIP
  port: 4433

gateway:
  enabled: false
  serviceName: s3-gateway
  ingressService: ingress-nginx-controller.ingress-nginx.svc.cluster.local

nodeSelector: {}

tolerations: []

affinity: {}

topologySpreadConstraints: []

# Pod Disruption Budget - ensures HA during node maintenance/upgrades
podDisruptionBudget:
  enabled: true
  minAvailable: 1
  # maxUnavailable: 1  # Alternative to minAvailable

ingress:
  enabled: false
  className: "nginx"
  annotations:
    nginx.ingress.kubernetes.io/proxy-buffering: "off"
    nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
  tls: []
  hosts: []