Configure Installation

How to configure the installation of Control Center using Helm.

Values

This page explains how to configure the installation of Control Center using Helm. Many parameters can be set, including your domain and user information.

Below is an example using the Helm command to configure several items. You would change the values in the example to your particular use.

helm install control-center-name oci://docker.io/vaadin/control-center \
    -n foo-namespace --create-namespace \
    --set domain=mydomain.com \
    --set user.email=example@mydomain.com \
    --set app.host=cc.mydomain.com \
    -f values-ingress.yaml \
    --wait

In the first line of the example above, the name of the installed application is set to control-center-name. The second line gives the namespace in which the application is installed, which is set to foo-namespace. In the third line, the value of domain, which is required, is set to mydomain.com.

The required value of user.email is set to example@mydomain.com. The optional value of app.host is set to cc.mydomain.com. And in the second to last line, the values for the Ingress are set using a file named values-ingress.yaml.

More command options, than the ones shown in the example above, are available for configuring the installation. All of them are explained in detail in the Helm documentation.

Values

The following table lists the available values and their descriptions. Each of the values can be set using the --set flag when installing Control Center using Helm.

Value Required Default Description

Value	Required	Default	Description
domain	Yes		The domain name of the Control Center installation. This is used to determine the host names for Control Center and Keycloak.
user.email	Yes		The email address of the Control Center administrator user.
nameOverride	No		Replace every occurrence of "control-center".
fullnameOverride	No		The full name is generated as "control-center" if the release name is "control-center". However, if the release name is "foo", the full name is "foo-control-center". This value overrides the full name.
serviceAccount.create	No	true	Specifies whether a service account should be created.
serviceAccount.automount	No	true	Specifies whether to automount the service account token.
serviceAccount.name	No		The name of the service account to use.
serviceAccount.annotations	No		Annotations to add to the service account.
app.host	No		The host name of the Control Center application. If none is specified, `control.${domain}` is used.
app.tlsSecret	No		The name of the secret with the `keystore` for the Control Center application.
app.image.repository	No	vaadin/control-center	The image repository to use for the Control Center application.
app.image.pullPolicy	No		The pull policy to use for the image. If none is specified, the Kubernetes default is used.
app.image.tag	No		The image tag to use for the Control Center application. If none is specified, the chart’s `appVersion` is used.
app.imagePullSecrets	No		The image pull secrets to use for the Control Center application.
app.podLabels	No		Additional labels to add to the Control Center application pods.
app.podAnnotations	No		Additional annotations to add to the Control Center application pods.
app.podSecurityContext	No		The security context for the Control Center application pods.
app.securityContext	No		The security context for the Control Center application deployment.
app.replicaCount	No	1	The number of replicas for the Control Center application.
app.autoscaling.enabled	No	false	Specifies whether `autoscaling` should be enabled for the Control Center application.
app.autoscaling.minReplicas	No	1	The minimum number of replicas for the Control Center application.
app.autoscaling.maxReplicas	No	100	The maximum number of replicas for the Control Center application.
app.autoscaling.targetCPUUtilizationPercentage	No	80	The target CPU utilization percentage for the Control Center application.
app.autoscaling.targetMemoryUtilizationPercentage	No	90	The target memory utilization percentage for the Control Center application.
app.resources	No		The resource to allocate for the Control Center application containers.
startupProbe.httpGet.path	No	/actuator/health	The path to use for the startup probe for the Control Center application.
startupProbe.httpGet.port	No	`http`	The port to use for the startup probe.
startupProbe.initialDelaySeconds	No	0	The initial delay in seconds for the startup probe.
startupProbe.failureThreshold	No	30	The failure threshold for the startup probe. If the probe fails this many times, the container is restarted.
livenessProbe.httpGet.path	No	/actuator/health/liveness	The path to use for the liveness probe for the Control Center application.
livenessProbe.httpGet.port	No	`http`	The port to use for the liveness probe.
livenessProbe.initialDelaySeconds	No	0	The initial delay in seconds for the liveness probe.
livenessProbe.failureThreshold	No	3	The failure threshold for the liveness probe. If the probe fails this many times, the container is restarted.
readinessProbe.httpGet.path	No	/actuator/health/readiness	The path to use for the readiness probe for the Control Center application.
readinessProbe.httpGet.port	No	`http`	The port to use for the readiness probe.
readinessProbe.initialDelaySeconds	No	0	The initial delay in seconds for the readiness probe.
readinessProbe.failureThreshold	No	3	The failure threshold for the readiness probe.
app.volumes	No		The volume definitions for the Control Center application.
app.volumeMounts	No		The volume mounts for the Control Center application.
app.nodeSelector	No		The custom node selectors for the Control Center application.
app.tolerations	No		The custom `tolerations` for the Control Center application.
app.affinity	No		The custom affinity for the Control Center application.
app.service.type	No	ClusterIP	The type of service to create for the Control Center application.
app.service.port	No	80	The port to expose for the Control Center application.
app.service.targetPort	No	8080	The port for the Control Center application containers.
app.ingress.enabled	No	true	Specifies whether to create an Ingress for the Control Center application.
app.ingress.annotations	No		The annotations to add to the Ingress.
app.ingress.hosts	No		The hosts to add to the Ingress. If none is specified, `app.host` is used.
app.ingress.tls	No		The TLS configuration for the Ingress.
postgres.replicaCount	No	1	The number of replicas for the PostgreSQL database.
postgres.storage.size	No	1Gi	The storage size for the PostgreSQL database.
keycloak.image.repository	No	vaadin/control-center-keycloak	The image repository to use for the Keycloak instance.
keycloak.image.tag	No		The image tag to use for the Keycloak instance. If none is specified, the chart’s appVersion is used.
keycloak.resources	No		The resources to allocate for the Keycloak containers.
keycloak.host	No		The hosts for the Keycloak instance. If none is specified, `auth.${domain}` is used.
keycloak.tlsSecret	No		The name of the secret with the keystore for the Keycloak instance.
acme.enabled	No	false	Specifies whether to enable ACME for the Ingress. When enabled, certificates are automatically requested from `Let’s Encrypt using CertManager`. This requires public DNS records for the Ingress hosts.
acme.server	No	https://acme-v02.api.letsencrypt.org/directory	The ACME server to use.
keycloak-operator.enabled	No	true	Specifies whether to enable the Keycloak Operator.
keycloak-operator.image.repository	No	quay.io/keycloak/keycloak-operator	The image repository to use for the Keycloak Operator.
cloudnative-pg.enabled	No	true	Specifies whether to enable Cloud Native PostgreSQL Operator.
cloudnative-pg.crds.create	No	false	Specifies whether to create the CRDs for the Operator.
ingress-nginx.enabled	No	true	Specifies whether to enable the Ingress NGINX Controller.
ingress-nginx.controller.scope.enabled	No	true	Specifies whether to enable the scope for the Ingress NGINX Controller.
cert-manager.enabled	No	true	Specifies whether to enable CertManager.
cert-manager.enableCertificateOwnerRef	No	true	Specifies whether to enable the certificate owner reference for CertManager.
external-dns.enabled	No	false	Specifies whether to enable ExternalDNS
external-dns.namespaced	No	true	Specifies whether ExternalDNS should be namespaced.
external-dns.txtOwnerId	No	control-center	The TXT owner ID for ExternalDNS.
external-dns.sources	No	[ingress]	The sources for ExternalDNS.

domain

Yes

The domain name of the Control Center installation. This is used to determine the host names for Control Center and Keycloak.

user.email

Yes

The email address of the Control Center administrator user.

nameOverride

Replace every occurrence of "control-center".

fullnameOverride

The full name is generated as "control-center" if the release name is "control-center". However, if the release name is "foo", the full name is "foo-control-center". This value overrides the full name.

serviceAccount.create

true

Specifies whether a service account should be created.

serviceAccount.automount

true

Specifies whether to automount the service account token.

serviceAccount.name

The name of the service account to use.

serviceAccount.annotations

Annotations to add to the service account.

app.host

The host name of the Control Center application. If none is specified, control.${domain} is used.

app.tlsSecret

The name of the secret with the keystore for the Control Center application.

app.image.repository

vaadin/control-center

The image repository to use for the Control Center application.

app.image.pullPolicy

The pull policy to use for the image. If none is specified, the Kubernetes default is used.

app.image.tag

The image tag to use for the Control Center application. If none is specified, the chart’s appVersion is used.

app.imagePullSecrets

The image pull secrets to use for the Control Center application.

app.podLabels

Additional labels to add to the Control Center application pods.

app.podAnnotations

Additional annotations to add to the Control Center application pods.

app.podSecurityContext

The security context for the Control Center application pods.

app.securityContext

The security context for the Control Center application deployment.

app.replicaCount

The number of replicas for the Control Center application.

app.autoscaling.enabled

false

Specifies whether autoscaling should be enabled for the Control Center application.

app.autoscaling.minReplicas

The minimum number of replicas for the Control Center application.

app.autoscaling.maxReplicas

100

The maximum number of replicas for the Control Center application.

app.autoscaling.targetCPUUtilizationPercentage

The target CPU utilization percentage for the Control Center application.

app.autoscaling.targetMemoryUtilizationPercentage

The target memory utilization percentage for the Control Center application.

app.resources

The resource to allocate for the Control Center application containers.

startupProbe.httpGet.path

/actuator/health

The path to use for the startup probe for the Control Center application.

startupProbe.httpGet.port

http

The port to use for the startup probe.

startupProbe.initialDelaySeconds

The initial delay in seconds for the startup probe.

startupProbe.failureThreshold

The failure threshold for the startup probe. If the probe fails this many times, the container is restarted.

livenessProbe.httpGet.path

/actuator/health/liveness

The path to use for the liveness probe for the Control Center application.

livenessProbe.httpGet.port

http

The port to use for the liveness probe.

livenessProbe.initialDelaySeconds

The initial delay in seconds for the liveness probe.

livenessProbe.failureThreshold

The failure threshold for the liveness probe. If the probe fails this many times, the container is restarted.

readinessProbe.httpGet.path

/actuator/health/readiness

The path to use for the readiness probe for the Control Center application.

readinessProbe.httpGet.port

http

The port to use for the readiness probe.

readinessProbe.initialDelaySeconds

The initial delay in seconds for the readiness probe.

readinessProbe.failureThreshold

The failure threshold for the readiness probe.

app.volumes

The volume definitions for the Control Center application.

app.volumeMounts

The volume mounts for the Control Center application.

app.nodeSelector

The custom node selectors for the Control Center application.

app.tolerations

The custom tolerations for the Control Center application.

app.affinity

The custom affinity for the Control Center application.

app.service.type

ClusterIP

The type of service to create for the Control Center application.

app.service.port

The port to expose for the Control Center application.

app.service.targetPort

8080

The port for the Control Center application containers.

app.ingress.enabled

true

Specifies whether to create an Ingress for the Control Center application.

app.ingress.annotations

The annotations to add to the Ingress.

app.ingress.hosts

The hosts to add to the Ingress. If none is specified, app.host is used.

app.ingress.tls

The TLS configuration for the Ingress.

postgres.replicaCount

The number of replicas for the PostgreSQL database.

postgres.storage.size

1Gi

The storage size for the PostgreSQL database.

keycloak.image.repository

vaadin/control-center-keycloak

The image repository to use for the Keycloak instance.

keycloak.image.tag

The image tag to use for the Keycloak instance. If none is specified, the chart’s appVersion is used.

keycloak.resources

The resources to allocate for the Keycloak containers.

keycloak.host

The hosts for the Keycloak instance. If none is specified, auth.${domain} is used.

keycloak.tlsSecret

The name of the secret with the keystore for the Keycloak instance.

acme.enabled

false

Specifies whether to enable ACME for the Ingress. When enabled, certificates are automatically requested from Let’s Encrypt using CertManager. This requires public DNS records for the Ingress hosts.

acme.server

https://acme-v02.api.letsencrypt.org/directory

The ACME server to use.

keycloak-operator.enabled

true

Specifies whether to enable the Keycloak Operator.

keycloak-operator.image.repository

quay.io/keycloak/keycloak-operator

The image repository to use for the Keycloak Operator.

cloudnative-pg.enabled

true

Specifies whether to enable Cloud Native PostgreSQL Operator.

cloudnative-pg.crds.create

false

Specifies whether to create the CRDs for the Operator.

ingress-nginx.enabled

true

Specifies whether to enable the Ingress NGINX Controller.

ingress-nginx.controller.scope.enabled

true

Specifies whether to enable the scope for the Ingress NGINX Controller.

cert-manager.enabled

true

Specifies whether to enable CertManager.

cert-manager.enableCertificateOwnerRef

true

Specifies whether to enable the certificate owner reference for CertManager.

external-dns.enabled

false

Specifies whether to enable ExternalDNS

external-dns.namespaced

true

Specifies whether ExternalDNS should be namespaced.

external-dns.txtOwnerId

control-center

The TXT owner ID for ExternalDNS.

external-dns.sources

[ingress]

The sources for ExternalDNS.

Docs

Docs

Configure Installation

Values