Helm Installation Parameters


The following table lists the parameters that you set during installation of the Helm chart for Control-M/Agent in Kubernetes.

Note

  • For an online list of the parameters that you can set during installation of the Helm chart, run the following command:
    helm show values controlm/controlm-agent
  • For more information about Kubernetes resources that certain parameters are based on, use the kubectl explain command. For example:
    kubectl explain statefulset.spec.template.spec.affinity
  • Object-type and array-type values must be defined in JSON format (using the --set-json switch). If you obtain them in YAML format, convert them to JSON. You can use the JQ command on Linux for this conversion.

Parameter

Description

Required or Optional

Type

api.endpoint

Defines the URL for Control-M Automation API with the following format:

https://<controlm>/automation-api

Required

String

api.token

Defines the API token value to authenticate and connect to the Automation API server.

For information about obtaining this token, see Creating an API Token.

Ensure that the role associated with this API token is associated with your Agents with an access level of UPDATE or FULL or has Configuration Admin Management set to an access level of UPDATE or FULL, and is also associated with your Agent tag (if you use one).

Optional

String

api.username

Defines a Control-M username to use (together with a password) to connect to the Automation API server, instead of using an API token.

If you are working in Compatibility mode after an upgrade from Control-M/EM 9.0.20.200, authentication using a username and password is required. Otherwise, BMC recommends using an API token.

Optional

String

api.password

Defines a password for the defined Control-M username to use to connect to the Automation API server, instead of using an API token.

Optional

String

agent.tag

Defines a logical name that is used to label specific Agents into a group with specific authorizations.

For more information about agent tags, see Agent General Parameters.

Optional

String

agent.replicas

Determines the number of Agent pods to run.

Default: 2

Kubernetes resourcestatefulset.spec.replicas

Optional

Integer

agent.ssl

Determines whether the Agent uses SSL for communication with the Control-M/Server.

Use this setting only if the Control-M/Server is not set to SSL mode by default and you want to set SSL for a specific Agent. 

Values: true | false

Default: false

Optional

String

server.name

Defines the logical name of the Control-M/Server that the Agent connects to.

To obtain this value, your Control-M Administrator can run the ctm config servers::get API command and copy the returned "name" value.

Required

String

server.host

Defines the hostname of the computer where the Control-M/Server runs.

To obtain this value, your Control-M Administrator can run the ctm config servers::get API command and copy the returned "host" value.

Required

String

server.port

Defines the listening port of the Control-M/Server.

Obtain this value from your Control-M Administrator.

Required

String

server.ip

Defines the public IPv4 or IPv6 address of the Control-M/Server.

This is required only if the hostname cannot be resolved by DNS lookup from the cluster, as is often the case in the cloud.

Optional

String

server.hostgroup

Defines the name of the host group that contains the deployed Agent.

Default: k8s_group

Optional

String

server.secondaryHost

Defines the name of the secondary Control-M/Server host used in High Availability configurations.

Optional

String

server.secondaryIp

Defines the public IPv4 or IPv6 address of the secondary Control-M/Server host used in High Availability configurations.

This is required only if the secondary hostname cannot be resolved by DNS lookup from the cluster.

Optional

String

image.repo

Defines the path to the container image repository, in the following format:

<registry hostname>/<account name>/<repository name>

If you do not define a registry hostname, Kubernetes assumes the Docker public registry (in the Docker Hub).

Default: controlm/agent

Change the default value only if you created your own non-default container image, as described in Docker-Container-Image.

Kubernetes resourcestatefulset.spec.template.spec.containers.image

Optional



String

image.tag

Defines the tag associated with the image.

Tags enable you to identify different versions of the same series of images.

By default, the Helm chart uses a BMC-provided image with the 9.21.200-k8s-openjdk tag.

If you created your own non-default container image, use this parameter to specify its tag. For more information, see Docker-Container-Image.

Kubernetes resourcestatefulset.spec.template.spec.containers.image

Optional

String

image.pullPolicy

Determines whether to update the image (by pulling a new version of the image) when the kubelet launches a container.

Values:

  • Always
  • Never
  • IfNotPresent

DefaultIfNotPresent

Kubernetes resourcestatefulset.spec.template.spec.containers.imagePullPolicy

Optional

String

image.pullSecrets

Defines a secret (password) to access a private registry.

Example: --set image.pullSecrets"[0]".name=<secret_name>

By default, no secret is used.

Define a secret if you created your own non-default container image, as described in Docker-Container-Image. If so, you might need a secret in your cluster. To create the secret, see the Kubernetes documentation.

Kubernetes resourcestatefulset.spec.template.spec.imagePullSecrets

Optional

Array

pod.affinity

Defines the pod scheduling constraints.

Example (in yaml format):

affinity:
  nodeAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
      nodeSelectorTerms:
     - matchExpressions:
       - key: disktype
          operator: In
          values:
         - ssd

Kubernetes resourcestatefulset.spec.template.spec.affinity

Optional

Array

pod.nodeSelector 

Defines node labels for the NodeSelector, so that the pod is scheduled on the nodes.

Default labels: 

  • kubernetes.io/os: linux
  • kubernetes.io/arch: amd64

Kubernetes resourcestatefulset.spec.template.spec.nodeSelector

Optional

Array

pod.resources

Defines Kubernetes memory and CPU resource requests and resource limits for the pod.

The default memory size is 2Gi, as shown in the following example (in yaml format):

  resources:
    requests:
      memory: "2Gi"

Kubernetes resourcestatefulset.spec.template.spec.containers.resources

Optional

Array

pod.serviceAccount.create

Determines whether to create a Service Account. 

If this parameter is set to true, the Service Account has the default name  ".Release.Name.-sa". You can use pod.serviceAccount.name to change the default name.

Values: true | false

Default: true

If you decide to use your own Service Account (for example, if the user responsible for installing this Helm chart is not authorized to create a Service Account), set this parameter to false.

Note

If you set this parameter to false, ensure that you have granted the required privileges to your Service Account, as described in Service-Account-Privileges. 

Optional

String

pod.serviceAccount.name

Defines the name of the Service Account to use to run the pod. 

Optional if pod.serviceAccount.create is set to true. Required if pod.serviceAccount.create is set to false.

Default: ".Release.Name.-sa"
(where .Release.Name is the name that you assigned to this installation instance)

Kubernetes resourcestatefulset.spec.template.spec.serviceAccountName

Optional

String

pod.securityContext

Determines which security context constraints (SCCs) control pod permissions on a RedHat OpenShift Kubernetes-based platform.

By default (when this parameter is not explicitly set), the Agent is deployed with permission to use the nonroot-v2 SCC. 

If your IT environment or corporate security policies do not allow you to deploy a privileged pod, set this parameter to a value of auto. This disables the use of the nonroot-v2 SCC and the Agent is instead deployed with permission to use the cluster default SCC (typically, the restricted-v2 SCC).

Kubernetes resourcestatefulset.spec.template.spec.securityContext

Optional

String

pvc.accessMode

Determines the required access mode of the volume used by the Persistent Volume Claim (PVC).

Values

  • ReadWriteOnce: The volume is mounted as read-write by a single node.
  • ReadWriteMany: The volume is mounted as read-write by many nodes. 

Default: ReadWriteMany

The default ReadWriteMany is necessary when you deploy 2 or more Agents (as set by agent.replicas) on separate nodes.

Kubernetes resourcepersistentvolumeclaim.spec.accessModes

Optional

String

pvc.storageClass

Defines the name of the Storage Class required by the Persistent Volume Claim (PVC).

NOTE:

  • Ensure that the Storage Class that you choose is compatible with the access mode that you set through pvc.accessMode. For a list of Storage Classes that support the different access modes, see Access Modes in the Kubernetes documentation.
  • If you use an NFS Storage Class, ensure that the UID and GID, which are Storage Class parameters for dynamic provisioning, are set to the following values:
    • UID=1000
    • GID=0

Kubernetes resourcepersistentvolumeclaim.spec.storageClassName

Required

String

pvc.volumeSize

Determines the minimum amount of persistent volume required.

Default: 10Gi, appropriate for 2 Agents (the default value of agent.replicas)

Kubernetes resourcepersistentvolumeclaim.spec.resources.requests.storage

Optional

String


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*