Skip to main content
Version: 0.19.3

Helm values

These are the default values used to configure Feature Store Helm charts:

## Global Chart parameters
##
global:
## @param global.environment Environment name
## @param global.cloudProvider Select the cloud provider in which the chart will be deployed [aws, azure, local]
## @param global.onlineEnabled Deploy Feature-Store Online services
## @param global.uiEnabled Deploy Feature-Store Website service
## @param global.ingressEnabled Enable ingress record generation for Feature-Store
## @param global.telemetryEnabled Enable telemetry generation for Feature-Store
## @param global.namespaceOverride Override default namespace - .Release.Namespace
##
environment: local
cloudProvider: "local"
onlineEnabled: false
uiEnabled: false
ingressEnabled: false
telemetryEnabled: false
namespaceOverride:

## @param global.cloud.discovery.enabled Register Feature Store in Cloud Discovery
## @param global.cloud.discovery.grpcApiPublicUri Public URI of the GRPC API service
## @param global.cloud.discovery.restApiPubicUri Public URI of the REST API service
## @param global.cloud.discoveryServiceUrl H2O.ai Discovery Service URL
## @param global.cloud.appStoreServiceName H2O.ai App Store Service name
## @param global.cloud.apiUrl Feature store external url (used for generating notebook examples) (should be set only when discoveryServiceUrl is not set)
## @param global.cloud.apiSecured Flag if Feature store external url is using SSL (most of the time it should be true) (used for generating notebook examples)
##
cloud:
discovery:
enabled: false
grpcApiPublicUri:
restApiPubicUri:
discoveryServiceUrl:
appStoreServiceName: appstore
apiUrl:
apiSecured: true

## @param global.imagePullSecrets Docker registry secret names as an array
##
imagePullSecrets: []

## @param global.extraTrustedCertificates.configMapName Config Map name to store additional trusted CA certificates
## @param global.extraTrustedCertificates.caBundleKey Config Map key name to store CA bundle, default - ca_bundle.pem
##
extraTrustedCertificates:
configMapName:
caBundleKey:

## @param global.kafka.username Kafka username
## @param global.kafka.password Kafka password
kafka:
username:
password:

## @param global.online.databaseBackend Database Provider for online feature store [redis, postgres]
## @param global.online.redis.authMethod Authentication method for redis. Available methods are [iam, password]. For IAM, redis version 7 or above is required
## @param global.online.redis.nodes. List of redis nodes in format "host:port". Cluster connection is created in case more than one node is provided
## @param global.online.redis.database Redis database
## @param global.online.redis.secret Redis secret used by all nodes
## @param global.online.redis.isCluster Force cluster connection in case only one node is provided in @param global.redis.nodes
## @param global.online.redis.isSecure Enable SSL/TLS connection to the cluster
## @param global.online.redis.iam.userId IAM-enabled user id in AWS elasticache
## @param global.online.redis.iam.replicationGroupId AWS elasticache replication group id
## @param global.online.redis.iam.region region when AWS elasticache is deployed
## @param global.online.postgres.connectionString Postgres connection string
## @param global.online.postgres.username username
## @param global.online.postgres.password password
## @param global.online.postgres.authMethod Authentication method for Postgres. Available methods are [iam, password]
## @param global.online.postgres.housekeepingInterval The duration specifying how often the job removing invalid records from online runs. Expressed in ISO 8601-1 duration format
online:
databaseBackend:
redis:
authMethod: "password"
nodes: []
database: 0
secret:
isCluster:
isSecure:
iam:
userId:
replicationGroupId:
region:
postgres:
connectionString:
username:
password:
authMethod: "password"
housekeepingInterval: PT1H

## @param global.storage.username Backend Storage username
## @param global.storage.password Backend Storage password
## @param global.storage.authMethod Authentication method for storage. Available methods are [iam, password]
##
storage:
username:
password:
authMethod: "password"

## @param global.config.storageBackend Storage Provider [datalakegen2, s3]
## @param global.config.s3.endpoint S3 Endpoint URL (required if storage backend is S3)
## @param global.config.s3.region S3 Region (required if storage backend is S3)
## @param global.config.s3.sessionRoleArn Role ARN to assume temporary access to S3 (required if storage backend is S3 and Minio is not used as storage proxy)
## @param global.config.s3.kmsEnabled Flag should be set to true if storage bucket in S3 is encrypted by KMS
## @param global.config.rootBucket Name of the bucket/container of root container. If defined, data/retrieve/artifacts/temporary will be handled as folders in that bucket, otherwise will be handled as individual buckets
## @param global.config.dataBucket Name of the bucket/container or folder if global.config.rootBucket is defined for main storage
## @param global.config.artifactsBucket Name of the bucket/container or folder if global.config.rootBucket is defined for artifacts storage
## @param global.config.retrieveBucket Name of the bucket/container or folder if global.config.rootBucket is defined for retrieve storage
## @param global.config.tempBucket Name of the bucket/container or folder if global.config.rootBucket is defined for temporary storage
## @param global.config.onlineStoreDataBucket Name of the data bucket/folder for online to offline storage
## @param global.config.notifications.channels Name of the Notification Channels where notifications will be send. Allowed values [kafka,logs]. If empty notifications are disabled
## @param global.config.messaging.kafka.healthCheckRequestTimeout Max request time to execute request to kafka broker in health check. Expressed in ISO 8601-1 duration format
## @param global.config.messaging.kafka.topicModificationEnabled If enable topics will be created/updated automatically
## @param global.config.messaging.kafka.authMethod Authentication method for Kafka. Available methods are [iam, password]
## @param global.config.messaging.kafka.tlsEnabled User secure connection to access kafka
## @param global.config.messaging.kafka.bootstrapServers Kafka Bootstrap Servers
## @param global.config.messaging.kafka.topics.notifications Kafka Notifications Topic Name
## @param global.config.messaging.kafka.topics.jobUpdates Kafka Job Updates Topic Name
## @param global.config.messaging.kafka.topics.onlineInput Kafka Online Input Topic Name
## @param global.config.messaging.kafka.topics.onlineOfflineIngest Kafka Online Offline Ingest Topic Name
## @param global.config.messaging.kafka.topics.onlineStorageCleanup Kafka Online Storage Cleanup Topic Name
## @param global.config.messaging.kafka.topics.modificationEvents Kafka Modification Events Topic Name
## @param global.config.messaging.kafka.topics.telemetry Kafka Telemetry Events Topic Name
## @param global.config.messaging.kafka.topics.telemetryAggregated Kafka Telemetry Aggregated Events Topic Name
## @param global.config.messaging.kafka.topics.uiNotifications Kafka UI Notifications Topic Name
## @param global.config.messaging.kafka.topicsConfig.notifications.numPartitions Number of partitions for notifications topic
## @param global.config.messaging.kafka.topicsConfig.notifications.replicationFactor Replication factor for notifications topic
## @param global.config.messaging.kafka.topicsConfig.notifications.retentionMs Retention policy for notifications topic. Expressed in ms
## @param global.config.messaging.kafka.topicsConfig.notifications.retentionMinutes Retention policy for notifications topic. Expressed in minutes
## @param global.config.messaging.kafka.topicsConfig.notifications.retentionHours Retention policy for notifications topic. Expressed in hours
## @param global.config.messaging.kafka.topicsConfig.jobUpdates.numPartitions Number of partitions for jobUpdates topic
## @param global.config.messaging.kafka.topicsConfig.jobUpdates.replicationFactor Replication factor for jobUpdates topic
## @param global.config.messaging.kafka.topicsConfig.jobUpdates.retentionMs Retention policy for jobUpdates topic. Expressed in ms
## @param global.config.messaging.kafka.topicsConfig.jobUpdates.retentionMinutes Retention policy for jobUpdates topic. Expressed in minutes
## @param global.config.messaging.kafka.topicsConfig.jobUpdates.retentionHours Retention policy for jobUpdates topic. Expressed in hours
## @param global.config.messaging.kafka.topicsConfig.jobUpdates.consumer.concurrency kafka consumer concurrency (default 1)
## @param global.config.messaging.kafka.topicsConfig.onlineInput.numPartitions Number of partitions for onlineInput topic
## @param global.config.messaging.kafka.topicsConfig.onlineInput.replicationFactor Replication factor for onlineInput topic
## @param global.config.messaging.kafka.topicsConfig.onlineInput.retentionPolicy Retention period for onlineInput topic. Expressed in ISO 8601-1 duration format
## @param global.config.messaging.kafka.topicsConfig.onlineInput.consumer.concurrency kafka consumer concurrency (default 1)
## @param global.config.messaging.kafka.topicsConfig.onlineOfflineIngest.numPartitions Number of partitions for onlineOfflineIngest topic
## @param global.config.messaging.kafka.topicsConfig.onlineOfflineIngest.replicationFactor Replication factor for onlineOfflineIngest topic
## @param global.config.messaging.kafka.topicsConfig.onlineOfflineIngest.retentionPolicy Retention policy for onlineOfflineIngest topic. Expressed in ISO 8601-1 duration format
## @param global.config.messaging.kafka.topicsConfig.onlineOfflineIngest.consumer.concurrency kafka consumer concurrency (default 1)
## @param global.config.messaging.kafka.topicsConfig.onlineStorageCleanup.numPartitions Number of partitions for onlineStorageCleanup topic
## @param global.config.messaging.kafka.topicsConfig.onlineStorageCleanup.replicationFactor Replication factor for onlineStorageCleanup topic
## @param global.config.messaging.kafka.topicsConfig.onlineStorageCleanup.retentionPolicy Retention policy for onlineStorageCleanup topic. Expressed in ISO 8601-1 duration format
## @param global.config.messaging.kafka.topicsConfig.modificationEvents.numPartitions Number of partitions for modificationEvents topic
## @param global.config.messaging.kafka.topicsConfig.modificationEvents.replicationFactor Replication factor for modificationEvents topic
## @param global.config.messaging.kafka.topicsConfig.modificationEvents.retentionPolicy Retention policy for modificationEvents topic. Expressed in ISO 8601-1 duration format
## @param global.config.messaging.kafka.topicsConfig.modificationEvents.consumer.concurrency kafka consumer concurrency (default 1)
## @param global.config.messaging.kafka.topicsConfig.telemetry.numPartitions Number of partitions for telemetry topic
## @param global.config.messaging.kafka.topicsConfig.telemetry.replicationFactor Replication factor for telemetry topic
## @param global.config.messaging.kafka.topicsConfig.telemetry.retentionPolicy Retention policy for telemetry topic. Expressed in ISO 8601-1 duration format
## @param global.config.messaging.kafka.topicsConfig.telemetryAggregated.numPartitions Number of partitions for telemetry aggregated topic
## @param global.config.messaging.kafka.topicsConfig.telemetryAggregated.replicationFactor Replication factor for telemetry aggregated topic
## @param global.config.messaging.kafka.topicsConfig.telemetryAggregated.retentionPolicy Retention policy for telemetry aggregated topic. Expressed in ISO 8601-1 duration format
## @param global.config.messaging.kafka.topicsConfig.uiNotifications.numPartitions Number of partitions for ui notifications topic
config:
storageBackend:
s3:
endpoint:
region:
sessionRoleArn:
kmsEnabled: false
rootBucket:
dataBucket:
artifactsBucket:
retrieveBucket:
tempBucket:
onlineStoreDataBucket:
notificationChannels: []
messaging:
kafka:
healthCheckRequestTimeout: "PT3S"
topicModificationEnabled: false
authMethod: "password"
tlsEnabled: true
bootstrapServers:
topics:
notifications:
jobUpdates:
onlineInput:
onlineOfflineIngest:
onlineStorageCleanup:
modificationEvents:
telemetry:
telemetryAggregated:
uiNotifications:
topicsConfig:
notifications:
numPartitions:
replicationFactor:
retentionPolicy:
jobUpdates:
numPartitions:
replicationFactor:
retentionPolicy:
consumer:
concurrency: 1
onlineInput:
numPartitions:
replicationFactor:
retentionPolicy:
consumer:
concurrency: 1
onlineOfflineIngest:
numPartitions:
replicationFactor:
retentionPolicy:
consumer:
concurrency: 1
onlineStorageCleanup:
numPartitions:
replicationFactor:
retentionPolicy:
consumer:
concurrency: 1
modificationEvents:
numPartitions:
replicationFactor:
retentionPolicy:
consumer:
concurrency: 1
telemetry:
numPartitions:
replicationFactor:
retentionPolicy:
telemetryAggregated:
numPartitions:
replicationFactor:
retentionPolicy:
uiNotifications:
numPartitions: 1

## Core service deployment parameters
##
core:
## @param core.rbac.create Specifies whether RBAC resources should be created
##
rbac:
create: true

## Core pods' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enable security context for the pods
## @param podSecurityContext.runAsUser Set Core pod's Security Context runAsUser
## @param podSecurityContext.fsGroup Set Core pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
runAsUser: 1001
fsGroup: 1001

## Core containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param containerSecurityContext.enabled Enable Core containers' Security Context
## @param containerSecurityContext.runAsUser Set Core containers' Security Context runAsUser
## @param containerSecurityContext.runAsNonRoot Set Core containers' Security Context runAsNonRoot
## @param containerSecurityContext.allowPrivilegeEscalation Force the child process to be run as nonprivilege
## e.g.
## enabled: true
## runAsUser: 1001
## runAsNonRoot: true
## allowPrivilegeEscalation: false
##
containerSecurityContext:
enabled: false

## @param core.replicaCount Number of Core Service replicas
##
replicaCount: 2

## @param core.commonLabels Labels to add to all deployed objects
##
commonLabels: {}

## Core Service Autoscaling configuration
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
## @param autoscaling.enabled Enable Horizontal POD autoscaling for Core Service
## @param autoscaling.minReplicas Minimum number of Core Service replicas
## @param autoscaling.maxReplicas Maximum number of Core Service replicas
## @param autoscaling.targetCPU Target CPU utilization percentage
## @param autoscaling.targetMemory Target Memory utilization percentage
##
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 10
targetCPU: 50
targetMemory: 50

## @param core.database.authMethod Authentication method for Postgres. Available methods are [iam, password]
## @param core.database.dsn JDBC Postgres connection string (https://jdbc.postgresql.org/documentation/use/#connecting-to-the-database). Connection string must include authentication details.
## @param core.database.existingDSNSecret Instead @param core.database.dsn provide existing secret containing postgres connection string
## @param core.database.existingDSNSecretKey Key in @param core.database.existingDSNSecret secret
database:
authMethod: "password"
dsn:
existingDSNSecret:
existingDSNSecretKey:

## @param core.core.salt Random value which will be used to encode PATs
## @param core.core.jobsCredentialsKey Random value which will be used to encode user credentials
## @param core.core.idpClientSecret IdP Client Secret
##
core:
salt:
jobsCredentialsKey:
idpClientSecret:

## @param core.att.onlinestore.enabled Enable support for storing feature-sets in redis (online store)
## @param core.att.onlinestore.username Online storage username
## @param core.att.onlinestore.password Online storage password
## @param core.att.onlinestore.baseUrl Base url for online features
##
att:
onlinestore:
enabled: false
username:
password:
baseUrl:

## @param core.docker.image Core Service Docker image path
## @param core.docker.tag Core Service image tag
##
docker:
image: "h2oai/feature-store-core"
tag:

## @param core.startupProbe.timeoutSeconds Timeout for startup probe
## @param core.startupProbe.failureThreshold After a probe fails failureThreshold times in a row, Kubernetes considers that the overall check has failed
##
startupProbe:
timeoutSeconds:
failureThreshold:

## @param core.config.idpMetadataUri URI to openid-configuration file
## @param core.config.idpClientId IdP Client ID
## @param core.config.idpPublicMetadataUri URI to openid-configuration file for public client/app
## @param core.config.idpPublicClientId Public IdP Client ID
## @param core.config.idpPublicScopes IdP scopes list for public client/app
## @param core.config.idpRedirectUri IdP redirect uri
## @param core.config.idpScopes IdP scopes list
## @param core.config.idpIdClaimKey JWT Claim name which will be used as user id
## @param core.config.idpRolesClaimKey Name of claim storing roles
## @param core.config.idpAdminRoleName Name of role to identify user as admin
## @param core.config.idpReviewerRoleNames Names of roles to identify user as reviewer
## @param core.config.jobsCollectionTTLDays TTL for finished jobs
## @param core.config.disableStatistics Disable statistics computation
## @param core.config.validationNamingRegex Regular expression used for validating names for projects and featuresets
## @param core.config.managementReadiness Names of readiness probes to know when a container is ready to start accepting traffic. Available values: [readinessState,kafka,redis]
## @param core.config.livenessReadiness Names of liveness probes to know when to restart a container. Available values: [livenessState,kafka,redis]
## @param core.config.spark.failureRetries Number of retries in case of job failure
## @param core.config.spark.submissionFailureRetries Number of retries in case submission failure
## @param core.config.spark.restartPolicy Restart policy mode [onfailure, never]
## @param core.config.spark.submissionFailureIntervalSeconds Linear backoff interval (in seconds) between submission retries
## @param core.config.spark.failureIntervalSeconds Linear backoff interval (in seconds) between retries in case of job failure
## @param core.config.spark.ttlSeconds Delete finished jobs (k8's resources) older than TTL value (in seconds)
## @param core.config.memoryCache.featureSets.evictionTimeoutMinutes Timeout in minutes after feature sets stored in the memory cache are evicted
## @param core.config.autoProjectOwners List e-mail addresses which are added as editors for each project created. The users provided in this list must first login for this functionality to happen
## @param core.config.autoProjectEditors List e-mail addresses which are added as editors for each project created. The users provided in this list must first login for this functionality to happen
## @param core.config.isProjectLockedByDefault Configure if project should be locked by default during creation
## @param.core.config.defaultFeatureSetFlow Default value for feature set flow (applied during registration). Available values: [ONLINE_ONLY, OFFLINE_ONLY, OFFLINE_ONLINE_MANUAL, OFFLINE_ONLINE_AUTOMATIC]
## @param core.config.defaultProjectsPageSize Default page size for listing projects
## @param core.config.defaultFeatureSetsPageSize Default page size for listing feature sets
## @param core.config.defaultFeaturesPageSize Default page size for listing features
## @param core.config.defaultScheduledTasksPageSize Default page size for listing scheduled tasks
## @param core.config.defaultPersonalAccessTokensPageSize Default page size for listing personal access tokens
## @param core.config.defaultFeatureSetsDraftPageSize Default page size for listing feature sets drafts
## @param core.config.defaultArtifactsPageSize Default page size for listing artifacts
## @param core.config.defaultReviewProcessPageSize Default page size for listing reviews
## @param core.config.defaultJobsPageSize Default page size for listing jobs
## @param core.config.prohibitedCliMethods Comma separated list of grpc method that are prohibited to use from CLI, for example [ai.h2o.featurestore.api.v1.CoreService/DeleteFeatureSet]
## @param core.config.patMaxTokensPerUser Maximum number of personal access tokens user can create, -1 means unlimited
## @param core.config.patMaximumAllowedTokenDuration Maximum allowed amount of time before a personal access token expires
## @param core.config.featureSetDraftExpirationPeriod when specified then after this period a feature set draft will be eligible for a housekeeping cleanup
## @param core.config.housekeeping.authenticationCode The time-to-live duration for records in the authentication code table.
## @param core.config.housekeeping.job The time-to-live duration for records in the job table.
## @param core.config.housekeeping.sessionAccessPaths The time-to-live duration for records in the session_access_paths table.
## @param core.config.housekeeping.pkce The time-to-live duration for records in the pkce table.
## @param core.config.housekeeping.cachedResponse The time-to-live duration for records in the cached_response table.
## @param core.config.housekeeping.recentlyUsedResourcesLimit The number of records (per user) that should be kept in recently_used_resource table.
## @param core.config.housekeeping.uploadedFile The time-to-live duration for uploaded and not used anywhere uploaded files.
## @param core.config.storage.storageIdConversionEnabled Enable conversion of resource ids (project, feature set) to storage id (it should be enabled if feature store was used prior 0.15.0 version)
## @param core.config.dashboard.defaultPopularFeatureSetsSize Default number of popular feature sets returned
## @param core.config.dashboard.defaultRecentlyUsedResourcesSize The size of list returned when asking for recently used resources
## @param core.config.dashboard.defaultPinnedFeatureSetsSize Default number of pinned feature sets returned
## @param core.config.reviewProcess.enabledScope Variable used to enable review process for all feature sets or only for sensitive ones. Allowed values [ALL,SENSITIVE]. If empty review process is disabled
## @param core.config.webUrl Feature store web url (should be set only when Feature Store Web was deployed)
## @param core.config.scheduler.housekeepingCron Feature store housekeeping cron. How often the tasks should run. For example: "10 * * * * *"
## @param core.config.scheduler.housekeepingTask Feature store housekeeping lock name
## @param core.config.scheduler.housekeepingLockAtMostFor Parameter which specifies how long the lock should be kept in case the executing node dies
## @param core.config.scheduler.housekeepingLockAtLeastFor Parameter which specifies minimum amount of time for which the lock should be kept
## @param core.config.scheduler.housekeepingLockAtLeastFor Parameter which specifies minimum amount of time for which the lock should be kept
## @param core.config.scheduler.housekeepingLockNameForFeatureSearchText Feature store housekeeping lock name for cleaning feature search table
## @param core.config.scheduler.housekeepingCronForFeatureSearchText Feature store housekeeping cron. How often the tasks related to cleaning feature search table should run. For example: "0 0 */24 * * *"
## @param core.config.scheduler.housekeepingLockNameForFeatureSetDrafts Feature store housekeeping lock name for cleaning feature set drafts table
## @param core.config.scheduler.housekeepingCronForFeatureSetDrafts Feature store housekeeping cron. How often the tasks related to cleaning feature set drafts table should run. For example: "0 0 * * * *"
## @param core.config.uiNotifications.enabled Enable ui notifications
## @param core.config.authz.userserver.enabled Enable integration to H2o authz userserver
## @param core.config.authz.userserver.address Address to userserver GRPC Api
## @param core.config.authz.userserver.negotiationType NegotiationType (tsl, plaintext, plaintext_upgrade)
authz:
userserver:
enabled: false
address:
negotiationType: tls
config:
idpMetadataUri:
idpClientId:
idpPublicMetadataUri:
idpPublicClientId:
idpPublicScopes:
idpRedirectUri:
idpScopes:
idpIdClaimKey: sub
idpRolesClaimKey: roles
idpAdminRoleName: admin
idpReviewerRoleNames:
- reviewer
jobsCollectionTTLDays:
disableStatistics: false
validationNamingRegex: ".*"
managementReadiness: readinessState, kafka
livenessReadiness: livenessState, kafka
spark:
failureRetries: 2
submissionFailureRetries: 3
restartPolicy: onfailure
submissionFailureIntervalSeconds:
failureIntervalSeconds:
ttlSeconds:
memoryCache:
featureSets:
evictionTimeoutMinutes: 10
autoProjectOwners: []
autoProjectEditors: []
isProjectLockedByDefault: false
defaultFeatureSetFlow: "OFFLINE_ONLINE_AUTOMATIC"
defaultProjectsPageSize: 100
defaultFeatureSetsPageSize: 100
defaultFeaturesPageSize: 100
defaultScheduledTasksPageSize: 100
defaultPersonalAccessTokensPageSize: 50
defaultFeatureSetsDraftPageSize: 50
defaultArtifactsPageSize: 50
defaultReviewProcessPageSize: 50
defaultJobsPageSize: 50
prohibitedCliMethods: []
patMaxTokensPerUser: -1
patMaximumAllowedTokenDuration: P30D
featureSetDraftExpirationPeriod: P30D
housekeeping:
authenticationCode: PT10M
job: P30D
sessionAccessPaths: PT1H
pkce: PT1H
cachedResponse: PT1H
recentlyUsedResourcesLimit: 20
uploadedFile: P3D
storage:
storageIdConversionEnabled: false
dashboard:
defaultPopularFeatureSetsSize: 10
defaultRecentlyUsedResourcesSize: 20
defaultPinnedFeatureSetsSize: 10
reviewProcess:
enabledScope:
webUrl:
scheduler:
housekeepingCron:
housekeepingTask:
housekeepingLockAtMostFor:
housekeepingLockAtLeastFor:
housekeepingLockNameForFeatureSearchText:
housekeepingCronForFeatureSearchText:
housekeepingLockNameForFeatureSetDrafts:
housekeepingCronForFeatureSetDrafts:
authz:
userserver:
enabled: false
address:
negotiationType: tls

## @param core.extraContainerVolumes Volumes that can be used in deployment pods
##
extraContainerVolumes: []
# - name: log4j-config
# mountPath: /opt/h2oai/config/
# subPath: log4j2.properties # (optional)
# configMap: log4j-config
# readOnly: true

## @param core.env Extra environment variables that will be pass onto deployment pods
##
env: {}

## @param core.service.api.annotations Additional annotations for the API Service resource.
## @param core.service.web.annotations Additional annotations for the Web Service resource.
##
service:
api:
annotations: {}
web:
annotations: {}

## @param core.nodeSelector Node labels for update Core pods assignment
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector
##
nodeSelector: {}

## @param core.tolerations Tolerations for update Core pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []

## @param core.affinity Affinity specification for Core pods
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

## Core containers' resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## @param core.resources.limits The resources limits for the Controller container
## @param core.resources.requests The requested resources for the Controller container
##
resources:
limits: {}
requests: {}

## Spark Operator service deployment parameters
##
sparkoperator:
## @param sparkoperator.rbac.create Specifies whether RBAC resources should be created
##
rbac:
create: true

## Spark Operator pods' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enable security context for the pods
## @param podSecurityContext.runAsUser Set Spark Operator pod's Security Context runAsUser
## @param podSecurityContext.fsGroup Set Spark Operator pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
runAsUser: 1001
fsGroup: 1001

## Spark Operator containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param containerSecurityContext.enabled Enable Spark Operator containers' Security Context
## @param containerSecurityContext.runAsUser Set Spark Operator containers' Security Context runAsUser
## @param containerSecurityContext.runAsNonRoot Set Spark Operator containers' Security Context runAsNonRoot
## @param containerSecurityContext.allowPrivilegeEscalation Force the child process to be run as nonprivilege
## e.g.
## enabled: true
## runAsUser: 1001
## runAsNonRoot: true
## allowPrivilegeEscalation: false
##
containerSecurityContext:
enabled: false

## @param sparkoperator.updateCrds Automatically update CRD objects for Spark Jobs
##
updateCrds: true

## @param sparkoperator.commonLabels Labels to add to all deployed objects
##
commonLabels: {}

## @param sparkoperator.docker.image Spark Operator Service Docker image path
## @param sparkoperator.docker.tag Spark Operator Service image tag
##
docker:
image: "h2oai/feature-store-spark-operator"
tag:

## @param sparkoperator.driverlessAiLicenseKey Driverless ai license key used for mojo transformation in derived feature sets
driverlessAiLicenseKey:

## @param sparkoperator.config.spark.docker.image Spark Job Docker image path
## @param sparkoperator.config.spark.docker.tag Spark Job Docker image label/tag
## @param sparkoperator.config.spark.pullImagePolicy Pull docker image policy [Always, IfNotPresent, Never]
## @param sparkoperator.config.spark.logLevel Log Level for the Spark Jobs. [ERROR, WARN, INFO, DEBUG, TRACE, FATAL]
## @param sparkoperator.config.spark.minExecutors Minimum number of Spark executors to be used
## @param sparkoperator.config.spark.maxExecutors Maximum number of Spark executors to be used
## @param sparkoperator.config.spark.extraOptions Spark properties, ref: https://spark.apache.org/docs/latest/running-on-kubernetes.html#spark-properties
##
config:
spark:
docker:
image: "h2oai/feature-store-spark"
Tag:
pullImagePolicy:
logLevel: INFO
minExecutors: 1
maxExecutors: 5
## example:
## extraOptions:
## - spark.kubernetes.driver.request.cores=2
## - spark.kubernetes.driver.limit.cores=2
## - spark.kubernetes.executor.request.cores=2
## - spark.kubernetes.executor.limit.cores=2
extraOptions:

## @param sparkoperator.extraConfigmapMounts configmaps to mount in core pods
##
extraConfigmapMounts: []
# - name: log4j-config
# mountPath: /opt/h2oai/config/
# subPath: log4j2.properties # (optional)
# configMap: log4j-config
# readOnly: true

## @param sparkoperator.env Extra environment variables that will be pass onto deployment pods
##
env: {}

## @param sparkoperator.sparkTemplates.driver Template yaml to define the driver pod
## @param sparkoperator.sparkTemplates.executor Template yaml to define the executor pod
##
sparkTemplates:
driver:
executor:

## @param sparkoperator.nodeSelector Node labels for update Spark Operator pods assignment
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector
##
nodeSelector: {}

## @param sparkoperator.tolerations Tolerations for update Spark Operator pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []

## @param sparkoperator.affinity Affinity specification for Spark Operator pods
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

## Spark Operator container's resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## @param sparkoperator.resources.limits The resources limits for the Controller container
## @param sparkoperator.resources.requests The requested resources for the Controller container
##
resources:
limits: {}
requests: {}


## Online-Store service deployment parameters
##
onlinestore:
## Online-Store pods' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enable security context for the pods
## @param podSecurityContext.runAsUser Set Online-Store pod's Security Context runAsUser
## @param podSecurityContext.fsGroup Set Online-Store pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
runAsUser: 1001
fsGroup: 1001

## Online-Store containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param containerSecurityContext.enabled Enable Online-Store containers' Security Context
## @param containerSecurityContext.runAsUser Set Online-Store containers' Security Context runAsUser
## @param containerSecurityContext.runAsNonRoot Set Online-Store containers' Security Context runAsNonRoot
## @param containerSecurityContext.allowPrivilegeEscalation Force the child process to be run as nonprivilege
## e.g.
## enabled: true
## runAsUser: 1001
## runAsNonRoot: true
## allowPrivilegeEscalation: false
##
containerSecurityContext:
enabled: false

## @param onlinestore.replicaCount Number of Online-Store Service replicas
##
replicaCount: 2

## @param onlinestore.commonLabels Labels to add to all deployed objects
##
commonLabels: {}

## Online-Store Service Autoscaling configuration
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
## @param autoscaling.enabled Enable Horizontal POD autoscaling for Online-Store Service
## @param autoscaling.minReplicas Minimum number of Online-Store Service replicas
## @param autoscaling.maxReplicas Maximum number of Online-Store Service replicas
## @param autoscaling.targetCPU Target CPU utilization percentage
## @param autoscaling.targetMemory Target Memory utilization percentage
##
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 10
targetCPU: 50
targetMemory: 50

## @param onlinestore.config.onlineOfflineIngestionCutoffTimeInMinutes Cutoff time to trigger ingestion from online to offline. Expressed in minutes
config:
onlineOfflineIngestionCutoffTimeInMinutes: 15

## @param onlinestore.docker.image Online Store Service Docker image path
## @param onlinestore.docker.tag Online Store Service image tag
##
docker:
image: "h2oai/feature-store-online-store"
tag:

## @param onlinestore.extraConfigmapMounts configmaps to mount in core pods
##
extraConfigmapMounts: []
# - name: log4j-config
# mountPath: /opt/h2oai/config/
# subPath: log4j2.properties # (optional)
# configMap: log4j-config
# readOnly: true

## @param onlinestore.env Extra environment variables that will be pass onto deployment pods
##
env: {}

## @param onlinestore.nodeSelector Node labels for update Online Store pods assignment
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector
##
nodeSelector: {}

## @param onlinestore.tolerations Tolerations for update Online Store pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []

## @param onlinestore.affinity Affinity specification for Online Store pods
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

## Online Store containers' resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## @param onlinestore.resources.limits The resources limits for the Controller container
## @param onlinestore.resources.requests The requested resources for the Controller container
##
resources:
limits: {}
requests: {}


## Web service deployment parameters
##
web:
## Web pods' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enable security context for the pods
## @param podSecurityContext.runAsUser Set Web pod's Security Context runAsUser
## @param podSecurityContext.fsGroup Set Web pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
runAsUser: 1001
fsGroup: 1001

## Web containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param containerSecurityContext.enabled Enable Web containers' Security Context
## @param containerSecurityContext.runAsUser Set Web containers' Security Context runAsUser
## @param containerSecurityContext.runAsNonRoot Set Web containers' Security Context runAsNonRoot
## @param containerSecurityContext.allowPrivilegeEscalation Force the child process to be run as nonprivilege
## e.g.
## enabled: true
## runAsUser: 1001
## runAsNonRoot: true
## allowPrivilegeEscalation: false
##
containerSecurityContext:
enabled: false

## @param web.replicaCount Number of Web Service replicas
##
replicaCount: 2

## @param web.commonLabels Labels to add to all deployed objects
##
commonLabels: {}

## @param web.docker.image Web Service Docker image path
## @param web.docker.tag Web Service image tag
##
docker:
image: "h2oai/feature-store-web"
tag:

## @param web.extraConfigmapMounts configmaps to mount in web pods
##
extraConfigmapMounts: []

## @param web.env Extra environment variables that will be pass onto deployment pods
##
env: {}

## @param web.nodeSelector Node labels for update Web pods assignment
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector
##
nodeSelector: {}

## @param web.tolerations Tolerations for update Web pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []

## @param web.affinity Affinity specification for Web pods
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

## Web containers' resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## @param web.resources.limits The resources limits for the web container
## @param web.resources.requests The requested resources for the web container
##
resources:
limits: {}
requests: {}


## Telemetry service deployment parameters
##
telemetry:
## Telemetry pods' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enable security context for the pods
## @param podSecurityContext.runAsUser Set Telemetry pod's Security Context runAsUser
## @param podSecurityContext.fsGroup Set Telemetry pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
runAsUser: 1001
fsGroup: 1001

## Telemetry containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param containerSecurityContext.enabled Enable Telemetry containers' Security Context
## @param containerSecurityContext.runAsUser Set Telemetry containers' Security Context runAsUser
## @param containerSecurityContext.runAsNonRoot Set Telemetry containers' Security Context runAsNonRoot
## @param containerSecurityContext.allowPrivilegeEscalation Force the child process to be run as nonprivilege
## e.g.
## enabled: true
## runAsUser: 1001
## runAsNonRoot: true
## allowPrivilegeEscalation: false
##
containerSecurityContext:
enabled: false

## @param telemetry.replicaCount Number of Telemetry Service replicas
##
replicaCount: 1

## @param telemetry.commonLabels Labels to add to all deployed objects
##
commonLabels: {}

## @param telemetry.docker.image Telemetry Service Docker image path
## @param telemetry.docker.tag Telemetry Store Service image tag
##
docker:
image: "h2oai/feature-store-telemetry"
tag:

## @param telemetry.window.timeduration how often the aggregation should occur (in minutes)
##
window:
timeDuration:

## @param telemetry.kafkaApplicationId Kafka application id to uniquely identify streaming sessions
##
kafkaApplicationId:

## @param telemetry.service.host telemetry service address
##
service:
host:

## @param telemetry.nodeSelector Node labels for update Telemetry pods assignment
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector
##
nodeSelector: {}

## @param telemetry.tolerations Tolerations for update Telemetry pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []

## @param telemetry.affinity Affinity specification for Telemetry pods
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

## Telemetry containers' resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## @param telemetry.resources.limits The resources limits for the Controller container
## @param telemetry.resources.requests The requested resources for the Controller container
##
resources:
limits: {}
requests: {}

## @param telemetry.extraConfigmapMounts configmaps to mount in core pods
##
extraConfigmapMounts: []
# - name: log4j-config
# mountPath: /opt/h2oai/config/
# subPath: log4j2.properties # (optional)
# configMap: log4j-config
# readOnly: true

## @param telemetry.env Extra environment variables that will be pass onto deployment pods
##
env: {}


## Configure the ingress resource that allows you to access the Feature-Store installation
## ref: https://kubernetes.io/docs/user-guide/ingress/
##
ingress:
## @param ingress.apiVersion Ingress API version
##
apiVersion: networking.k8s.io/v1

## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
##
ingressClassName: ""

api:
## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
## Use this parameter to set the required annotations for cert-manager, see
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
##
## e.g:
## annotations:
## kubernetes.io/ingress.class: nginx
## nginx.ingress.kubernetes.io/backend-protocol: GRPC
## nginx.ingress.kubernetes.io/grpc-backend-for-port: fs-api-port
## nginx.ingress.kubernetes.io/server-snippet: grpc_read_timeout 3600s; grpc_send_timeout
## 3600s;
##
annotations:

## @param ingress.hostname Default host for the ingress record
##
hostname:

## @param ingress.path Path for the API endpoint
##
path: /

## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter
## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
## You can:
## - Use the `ingress.secrets` parameter to create this TLS secret
## - Relay on cert-manager to create it by setting the corresponding annotations
## - Relay on Helm to create self-signed certificates by setting `ingress.selfSigned=true`
##
tls: false

web:
## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
## Use this parameter to set the required annotations for cert-manager, see
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
##
## e.g:
## annotations:
## kubernetes.io/ingress.class: nginx
## cert-manager.io/cluster-issuer: cluster-issuer-name
##
annotations:

## @param ingress.hostname Default host for the ingress record
##
hostname:

## @param ingress.callbackPath Path for the IdP redirect url
##
callbackPath: /Callback

## @param ingress.apiPath Path for the REST API endpoint
##
apiPath: /api

## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter
## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
## You can:
## - Use the `ingress.secrets` parameter to create this TLS secret
## - Relay on cert-manager to create it by setting the corresponding annotations
## - Relay on Helm to create self-signed certificates by setting `ingress.selfSigned=true`
##
tls: false

Feedback