Helm Installation Parameters
The following table lists the parameters that you set during installation of the Helm chart for Control-M/Agent in Kubernetes.
Parameter | Description | Required or Optional | Type |
|---|---|---|---|
api.endpoint | Defines the URL for Control-M Automation API with the following format: https://<tenant-name>-aapi.<zone>.controlm.com/automation-api | Required | String |
api.token | Defines the API token value to authenticate and connect to the Automation API server. For information about obtaining this token, see Creating an API Token. Ensure that the role associated with this API token is associated with your Agents with an access level of UPDATE or FULL or has Configuration Admin Management set to an access level of UPDATE or FULL, and is also associated with your Agent tag. | Optional | String |
api.secret | Defines the name of a Kubernetes secret that contains the API token value, instead of using the api.token parameter. For more information about Kubernetes secrets, refer to Kubernetes documentation. To create such a Kubernetes secret, use the following command: kubectl create secret generic <name of secret> --from-literal='apiToken=<token value>' | Optional | String |
ai.additionalPluginsConfigMapName | Defines the name of a configMap that lists additional Control-M plug-ins to dynamically deploy in the Agent pod, along with the Kubernetes plug-in. Supported plug-ins are plug-ins that were developed in Control-M Application Integrator, including Helix Control-M Integrations. For more information, see Setting-Up-Dynamic-Deployment-of-Additional-Plug-ins. | Optional | String |
ai.additionalCertsConfigMapName | Defines the name of a configMap that lists the certifications required by the additional Control-M plug-ins that you deploy in the Agent pod. | Optional | String |
ai.proxyConfigMapName | Defines the name of a configMap that contains Application Integrator proxy settings for the additional Control-M plug-ins that you deploy in the Agent pod. | Optional | String |
agent.tag | Defines an Agent tag associated with an Agent authorization token. The Agent tag is a logical name that is used to label specific Agents into a group with specific authorizations. For more information about Agent tokens and Agent tags, see Agent Token Management. | Required | String |
agent.replicas | Determines the number of Agent pods to run. Default: 2 Kubernetes resource: statefulset.spec.replicas | Optional | Integer |
server.name | Defines the logical name of the Control-M/Server that the Agent connects to. To obtain this value, your Control-M Administrator can run the ctm config servers::get API command and copy the returned "name" value. | Required | String |
server.hostgroup | Defines the name of the host group that contains the deployed Agent. Default: k8s_group | Optional | String |
image.repo | Defines the path to the container image repository, in the following format: <registry hostname>/<account name>/<repository name> If you do not define a registry hostname, Kubernetes assumes the Docker public registry (in the Docker Hub). Default: controlm/helix-agent Change the default value only if you created your own non-default container image, as described in Docker-Container-Image. Kubernetes resource: statefulset.spec.template.spec.containers.image | Optional | String |
image.tag | Defines the tag associated with the image. Tags enable you to identify different versions of the same series of images. By default, the Helm chart uses a BMC-provided image with the 9.21.310-k8s-openjdk tag. If you created your own non-default container image, use this parameter to specify its tag. For more information, see Docker-Container-Image. Kubernetes resource: statefulset.spec.template.spec.containers.image | Optional | String |
image.pullPolicy | Determines whether to update the image (by pulling a new version of the image) when the kubelet launches a container. Values:
Default: IfNotPresent Kubernetes resource: statefulset.spec.template.spec.containers.imagePullPolicy | Optional | String |
image.pullSecrets | Defines a secret (password) to access a private registry. Example: --set image.pullSecrets"[0]".name=<secret_name> By default, no secret is used. Define a secret if you created your own non-default container image, as described in Docker-Container-Image. If so, you might need a secret in your cluster. To create the secret, see the Kubernetes documentation. Kubernetes resource: statefulset.spec.template.spec.imagePullSecrets | Optional | Array |
pod.annotations | Defines annotations for pod metadata. Example (in yaml format): pod: Kubernetes resource: statefulset.spec.template.spec.annotations | Optional | Array |
pod.affinity | Defines the pod scheduling constraints. Example (in yaml format): affinity: Kubernetes resource: statefulset.spec.template.spec.affinity | Optional | Array |
pod.nodeSelector | Defines node labels for the NodeSelector, so that the pod is scheduled on the nodes. Default labels:
Kubernetes resource: statefulset.spec.template.spec.nodeSelector | Optional | Array |
pod.resources | Defines Kubernetes memory and CPU resource requests and resource limits for the pod. The default memory size is 2Gi, as shown in the following example (in yaml format): resources: Kubernetes resource: statefulset.spec.template.spec.containers.resources | Optional | Array |
pod.serviceAccount.create | Determines whether to create a Service Account. If this parameter is set to true, the service account has the default name ".Release.Name.-sa". You can use pod.serviceAccount.name to change the default name. Values: true | false Default: true If you decide to use your own Service Account (for example, if the user responsible for installing this Helm chart is not authorized to create a Service Account), set this parameter to false. | Optional | String |
pod.serviceAccount.name | Defines the name of the Service Account to use to run the pod. Optional if pod.serviceAccount.create is set to true. Required if pod.serviceAccount.create is set to false. Default: ".Release.Name.-sa" Kubernetes resource: statefulset.spec.template.spec.serviceAccountName | Optional | String |
pod.securityContext | Determines which security context constraints (SCCs) control pod permissions on a RedHat OpenShift Kubernetes-based platform. By default (when this parameter is not explicitly set), the Agent is deployed with permission to use the nonroot-v2 SCC. If your IT environment or corporate security policies do not allow you to deploy a privileged pod, set this parameter to a value of auto. This disables the use of the nonroot-v2 SCC and the Agent is instead deployed with permission to use the cluster default SCC (typically, the restricted-v2 SCC). Kubernetes resource: statefulset.spec.template.spec.securityContext | Optional | String |
pod.livenessProbe.timeoutSeconds | Determines the number of seconds to wait for a response from the liveness probe before a timeout occurs. The liveness probe verifies that the Agent is running properly. Default: 2 Kubernetes resource: statefulset.spec.template.spec.containers.livenessProbe.timeoutSeconds | Optional | Integer |
pvc.accessMode | Determines the required access mode of the volume used by the Persistent Volume Claim (PVC). Values:
Default: ReadWriteMany The default ReadWriteMany is necessary when you deploy 2 or more Agents (as set by agent.replicas) on separate nodes. Kubernetes resource: persistentvolumeclaim.spec.accessModes | Optional | String |
pvc.storageClass | Defines the name of the Storage Class required by the Persistent Volume Claim (PVC). NOTE:
Kubernetes resource: persistentvolumeclaim.spec.storageClassName | Required | String |
pvc.volumeSize | Determines the minimum amount of persistent volume required. Default: 10Gi, appropriate for 2 Agents (the default value of agent.replicas) Kubernetes resource: persistentvolumeclaim.spec.resources.requests.storage | Optional | String |