Helm Installation Parameters
The following table lists the parameters that you set during installation of the Helm chart for Control-M/Agent in Kubernetes.
Parameter | Description | Required or Optional | Type |
|---|---|---|---|
api.endpoint | Defines the URL for Control-M Automation API with the following format: https://<controlm>/automation-api | Required | String |
api.token | Defines the API token value to authenticate and connect to the Automation API server. For information about obtaining this token, see Creating an API Token. Ensure that the role associated with this API token is associated with your Agents with an access level of UPDATE or FULL or has Configuration Admin Management set to an access level of UPDATE or FULL, and is also associated with your Agent tag (if you use one). | Optional | String |
api.username | Defines a Control-M username to use (together with a password) to connect to the Automation API server, instead of using an API token. If you are working in Compatibility mode after an upgrade from Control-M/EM 9.0.20.200, authentication using a username and password is required. Otherwise, BMC recommends using an API token. | Optional | String |
api.password | Defines a password for the defined Control-M username to use to connect to the Automation API server, instead of using an API token. | Optional | String |
agent.tag | Defines a logical name that is used to label specific Agents into a group with specific authorizations. For more information about agent tags, see Agent General Parameters. | Optional | String |
agent.replicas | Determines the number of Agent pods to run. Default: 2 Kubernetes resource: statefulset.spec.replicas | Optional | Integer |
agent.ssl | Determines whether the Agent uses SSL for communication with the Control-M/Server. Use this setting only if the Control-M/Server is not set to SSL mode by default and you want to set SSL for a specific Agent. Values: true | false Default: false | Optional | String |
server.name | Defines the logical name of the Control-M/Server that the Agent connects to. To obtain this value, your Control-M Administrator can run the ctm config servers::get API command and copy the returned "name" value. | Required | String |
server.host | Defines the hostname of the computer where the Control-M/Server runs. To obtain this value, your Control-M Administrator can run the ctm config servers::get API command and copy the returned "host" value. | Required | String |
server.port | Defines the listening port of the Control-M/Server. Obtain this value from your Control-M Administrator. | Required | String |
server.ip | Defines the public IPv4 or IPv6 address of the Control-M/Server. This is required only if the hostname cannot be resolved by DNS lookup from the cluster, as is often the case in the cloud. | Optional | String |
server.hostgroup | Defines the name of the host group that contains the deployed Agent. Default: k8s_group | Optional | String |
server.secondaryHost | Defines the name of the secondary Control-M/Server host used in High Availability configurations. | Optional | String |
server.secondaryIp | Defines the public IPv4 or IPv6 address of the secondary Control-M/Server host used in High Availability configurations. This is required only if the secondary hostname cannot be resolved by DNS lookup from the cluster. | Optional | String |
image.repo | Defines the path to the container image repository, in the following format: <registry hostname>/<account name>/<repository name> If you do not define a registry hostname, Kubernetes assumes the Docker public registry (in the Docker Hub). Default: controlm/agent Change the default value only if you created your own non-default container image, as described in Docker-Container-Image. Kubernetes resource: statefulset.spec.template.spec.containers.image | Optional | String |
image.tag | Defines the tag associated with the image. Tags enable you to identify different versions of the same series of images. By default, the Helm chart uses a BMC-provided image with the 9.21.200-k8s-openjdk tag. If you created your own non-default container image, use this parameter to specify its tag. For more information, see Docker-Container-Image. Kubernetes resource: statefulset.spec.template.spec.containers.image | Optional | String |
image.pullPolicy | Determines whether to update the image (by pulling a new version of the image) when the kubelet launches a container. Values:
Default: IfNotPresent Kubernetes resource: statefulset.spec.template.spec.containers.imagePullPolicy | Optional | String |
image.pullSecrets | Defines a secret (password) to access a private registry. Example: --set image.pullSecrets"[0]".name=<secret_name> By default, no secret is used. Define a secret if you created your own non-default container image, as described in Docker-Container-Image. If so, you might need a secret in your cluster. To create the secret, see the Kubernetes documentation. Kubernetes resource: statefulset.spec.template.spec.imagePullSecrets | Optional | Array |
pod.affinity | Defines the pod scheduling constraints. Example (in yaml format): affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: disktype operator: In values: - ssd Kubernetes resource: statefulset.spec.template.spec.affinity | Optional | Array |
pod.nodeSelector | Defines node labels for the NodeSelector, so that the pod is scheduled on the nodes. Default labels:
Kubernetes resource: statefulset.spec.template.spec.nodeSelector | Optional | Array |
pod.resources | Defines Kubernetes memory and CPU resource requests and resource limits for the pod. The default memory size is 2Gi, as shown in the following example (in yaml format): resources: requests: memory: "2Gi" Kubernetes resource: statefulset.spec.template.spec.containers.resources | Optional | Array |
pod.serviceAccount.create | Determines whether to create a Service Account. If this parameter is set to true, the Service Account has the default name ".Release.Name.-sa". You can use pod.serviceAccount.name to change the default name. Values: true | false Default: true If you decide to use your own Service Account (for example, if the user responsible for installing this Helm chart is not authorized to create a Service Account), set this parameter to false. | Optional | String |
pod.serviceAccount.name | Defines the name of the Service Account to use to run the pod. Optional if pod.serviceAccount.create is set to true. Required if pod.serviceAccount.create is set to false. Default: ".Release.Name.-sa" Kubernetes resource: statefulset.spec.template.spec.serviceAccountName | Optional | String |
pod.securityContext | Determines which security context constraints (SCCs) control pod permissions on a RedHat OpenShift Kubernetes-based platform. By default (when this parameter is not explicitly set), the Agent is deployed with permission to use the nonroot-v2 SCC. If your IT environment or corporate security policies do not allow you to deploy a privileged pod, set this parameter to a value of auto. This disables the use of the nonroot-v2 SCC and the Agent is instead deployed with permission to use the cluster default SCC (typically, the restricted-v2 SCC). Kubernetes resource: statefulset.spec.template.spec.securityContext | Optional | String |
pvc.accessMode | Determines the required access mode of the volume used by the Persistent Volume Claim (PVC). Values:
Default: ReadWriteMany The default ReadWriteMany is necessary when you deploy 2 or more Agents (as set by agent.replicas) on separate nodes. Kubernetes resource: persistentvolumeclaim.spec.accessModes | Optional | String |
pvc.storageClass | Defines the name of the Storage Class required by the Persistent Volume Claim (PVC). NOTE:
Kubernetes resource: persistentvolumeclaim.spec.storageClassName | Required | String |
pvc.volumeSize | Determines the minimum amount of persistent volume required. Default: 10Gi, appropriate for 2 Agents (the default value of agent.replicas) Kubernetes resource: persistentvolumeclaim.spec.resources.requests.storage | Optional | String |