Image#

ValueTypeDefaultDescription
image.repositorystring(set by chart)Container image repository
image.pullPolicystringIfNotPresentImage pull policy
image.tagstring(chart appVersion)Image tag override

General#

ValueTypeDefaultDescription
nameOverridestring""Override chart name
fullnameOverridestring""Override full release name
defaultAnnouncerstring"PureLB"When "PureLB", handle services without loadBalancerClass. Set to anything else to require explicit loadBalancerClass: purelb.io/purelb.
priorityClassNamestring""PriorityClass for allocator and lbnodeagent pods
memberlistSecretKeystring(deprecated)Deprecated. No longer used. Kept for backward compatibility.

Lease Configuration#

ValueTypeDefaultDescription
leaseConfig.leaseDurationstring"10s"How long a Lease is valid before expiry
leaseConfig.renewDeadlinestring"7s"How long to retry renewals before giving up
leaseConfig.retryPeriodstring"2s"Interval between renewal attempts

ServiceGroup#

ValueTypeDefaultDescription
serviceGroup.namestring"default"Name of the ServiceGroup to create
serviceGroup.createboolfalseCreate a default ServiceGroup during install
serviceGroup.specobject{}ServiceGroup spec (e.g., local.v4pool.subnet, local.v4pool.pool, local.v4pool.aggregation)

LBNodeAgent#

ValueTypeDefaultDescription
lbnodeagent.localInterfacestring"default"Interface for local address announcement
lbnodeagent.dummyInterfacestring"kube-lb0"Dummy interface for remote addresses
lbnodeagent.garpConfigobject(not set)GARP configuration: enabled, count, interval, initialDelay
lbnodeagent.containerSecurityContextobject(see below)Container security context
lbnodeagent.tolerations[]object[]Pod tolerations
lbnodeagent.nodeSelectorobjectNode selector labels

Default lbnodeagent security context: runAsUser: 0, capabilities: [NET_ADMIN, NET_RAW], readOnlyRootFilesystem: false.

Allocator#

ValueTypeDefaultDescription
allocator.containerSecurityContextobject(see below)Container security context
allocator.tolerations[]object[]Pod tolerations
allocator.securityContextobject(see below)Pod security context

Default allocator security context: runAsNonRoot: true, runAsUser: 65534, readOnlyRootFilesystem: true, capabilities: drop all.

k8gobgp Sidecar#

ValueTypeDefaultDescription
gobgp.enabledbooltrueEnable k8gobgp BGP sidecar in the lbnodeagent DaemonSet
gobgp.image.repositorystringghcr.io/purelb/k8gobgpk8gobgp container image
gobgp.image.tagstring"0.2.2"k8gobgp image tag
gobgp.image.pullPolicystringIfNotPresentImage pull policy
gobgp.containerSecurityContextobject(see below)Container security context
gobgp.resources.requests.cpustring250mCPU request
gobgp.resources.requests.memorystring128MiMemory request
gobgp.resources.limits.cpustring1000mCPU limit
gobgp.resources.limits.memorystring512MiMemory limit

Default k8gobgp security context: capabilities: [NET_ADMIN, NET_BIND_SERVICE, NET_RAW], readOnlyRootFilesystem: true.

Prometheus Monitoring#

ValueTypeDefaultDescription
Prometheus.allocator.Metrics.enabledboolfalseCreate metrics Service for allocator
Prometheus.allocator.serviceMonitor.enabledboolfalseCreate ServiceMonitor for allocator
Prometheus.allocator.serviceMonitor.extraLabelsobject{}Additional labels on ServiceMonitor
Prometheus.allocator.prometheusRules.enabledboolfalseCreate PrometheusRules for allocator
Prometheus.allocator.prometheusRules.namespacestring""Namespace for PrometheusRules
Prometheus.allocator.prometheusRules.rules[]object[]Alert rules
Prometheus.lbnodeagent.Metrics.enabledboolfalseCreate metrics Service for lbnodeagent
Prometheus.lbnodeagent.serviceMonitor.enabledboolfalseCreate ServiceMonitor for lbnodeagent
Prometheus.lbnodeagent.serviceMonitor.extraLabelsobject{}Additional labels on ServiceMonitor
Prometheus.lbnodeagent.prometheusRules.enabledboolfalseCreate PrometheusRules for lbnodeagent
Prometheus.lbnodeagent.prometheusRules.rules[]object[]Alert rules

Extra Objects#

ValueTypeDefaultDescription
extraObjects[]string[]List of arbitrary Kubernetes manifests to create (templated)
Backward Metrics Reference kubectl Plugin Reference Forward