Helm Configuration
General Settings
license
You'll receive a license key as part of your subscription to Okteto. If you haven't received it, please open a support ticket.
If you are interested in evaluating Okteto, sign up for our free 30 days trial, no credit card required.
license: XXXXX
You can also use a secret to store the license.
subdomain
Okteto's automatic SSL endpoints allows you to expose secure and unique public endpoints for your development environments. By default, all endpoints created by Okteto will use a combination of the name of the app, the namespace, and the subdomain
.
For example, if you have a development environment named app
in the cindy
namespace, it will be accessible at https://app-cindy.example.com if subdomain
is example.com.
subdomain: "example.com"
Okteto's frontend and API services will be also accessible via https://okteto.$SUBDOMAIN.
Once Okteto is installed, you can use kubectl
to retrieve the public address of the Okteto NGINX Ingress Controller:
kubectl get service -l=app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/component=controller --namespace=okteto
The output will look something like this:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
okteto-ingress-nginx-controller LoadBalancer 10.0.7.73 34.68.230.234 80:30795/TCP,443:32481/TCP,1234:30885/TCP 5m
You'll need to take the EXTERNAL-IP
address to create a DNS entry for *.$SUBDOMAIN
.
You can overwrite Okteto's public URL using the publicOverride field.
publicOverride
Use this property to override the Public URL where Okteto is available. This option replaces okteto.$SUBDOMAIN
with your FQDN of choice.
publicOverride: "example.com"
Once you set this in your Helm configuration file, make sure to point the Okteto Ingress Controller's IP address to this domain using your DNS provider. The IP address can be found by running the following command (like we did during the install phase):
kubectl get service -l=app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/component=controller --namespace=okteto
Important: When using publicOverride
, the certificate referred by wildcardCertificate.name must be valid for publicOverride
, registry.$SUBDOMAIN
and buildkit.$SUBDOMAIN
.
When publicOverride
is set, an additional component is deployed for Okteto Private Endpoints feature.
You can configure its settings using the privateEndpoints section.
When setting your auth provider, the authentication callback URL and origin URL will change to the following:
Callback URL:
https://${publicOverride}/auth/callback
https://private-endpoints.${subdomain}/auth/callback
Origin URL:
https://${publicOverride}
https://private-endpoints.${subdomain}
auth
Use the auth
property to specify which users can access Okteto and the method they can use for logging in.
Okteto provides OAuth2 integrations for the following auth providers:
Additionally, Okteto provides a single user authentication method based on a Token for initial evaluations.
Theme
Use this property to customize the logo and the colors of the sidebar to match your team's identity or your favorite colors.
logo
: The logo displayed at the far top left of the Okteto UI. The value can be a url or a Base64 encoded image.primary
: The primary color of the sidebar. This is used for the color of the sidebar. The value can be a HTML color name (e.g. blue, red) or a hexadecimal code.secondary
: The secondary color of the sidebar. This is used for the icons and the text displayed in the sidebar. The value can be a HTML color name (e.g. blue, red) or a hexadecimal code.
theme:
logo: http://example.com/icon.png
primary: \#EFF3F2
secondary: black
Okteto Components
api
The API service. Account and Kubernetes credentials management, namespace creation, and sharing, deployment via the catalog, etc...
annotations
: Annotations to add to the API pods.extraEnv
: Environment variables to be set on the API containers.labels
: Labels to add to the API pods.priorityClassName
: The priority class to be used by the API pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.replicaCount
: The number of API pods. It defaults to 2.resources
: The resources for the API pods.
api:
extraEnv:
- name: NO_PROXY
value: ".example.com"
replicaCount: 2
resources:
requests:
cpu: 100m
memory: 128Mi
autoscaler (deprecated)
The cluster autoscaler service. Disabled by default.
It instructs the Kubernetes cluster autoscaler to scale nodes if the real cpu/memory usage of a node is beyond the limits.
Use tolerations.devPool
to limit the autoscaler analysis to a subset of cluster nodes.
Requirements: cluster autoscaler and metrics server must be installed in your cluster.
annotations
: Annotations to add to the autoscaler pods.cpu.up
: Increase the cluster size when the CPU consumption is greater than or equal to this value. It defaults to 60 percent.cpu.down
: Decrease the cluster size when the CPU consumption is lesser than this value. It defaults to 40 percent.image
: image used by the autoscaler to deploy the autoscaler agent. It defaults tobusybox
.labels
: Labels to add to the autoscaler pods.memory.up
: Increase the cluster size when the Memory consumption is greater than or equal to this value. It defaults to 70 percent.memory.down
: Decrease the cluster size when the Memory consumption is lesser than this value. It defaults to 50 percent.nodes.increment
: The number of new nodes to request when all the current nodes are overloaded. e.g. if this value is 3, the autoscaler will request 3 new nodes when all the cluster nodes are overloaded. It defaults to 1.nodes.min
: Minimum number of nodes in the cluster. It defaults to 1.nodes.max
: Maximum number of nodes in the cluster. It defaults to 10. Zero means unlimited.nodes.poolLabel
: The node label that identifies the node pool of the node. For example, the value in GKE iscloud.google.com/gke-nodepool
. In EKS the value iseks.amazonaws.com/nodegroup
. If set, the autoscaler scales each node pool independently.pods.up
: Increase the cluster size when the Pods in a node vs the max pods per node is greater than or equal to this value. It defaults to 90 percent.pods.down
: Decrease the cluster size when the Pods in a node vs the max pods per node is lesser than this value. It defaults to 80 percent.priorityClassName
: The priority class to be used by the autoscaler pods.schedule
: How often, in seconds, the autoscaler analyzes if the cluster needs to be scaled. It defaults to 300.slackWebhook
: A slack webhook url to notify autoscaler events.volumes.up
: Increase the cluster size when the Volumes in a node vs the max volumes per node is greater than or equal to this value. It defaults to 90 percent.volumes.down
: Decrease the cluster size when the Volumes in a node vs the max volumes per node is lesser than this value. It defaults to 80 percent.
autoscaler:
enabled: false
image: busybox
schedule: 300
cpu:
up: 60
down: 40
memory:
up: 70
down: 50
pods:
up: 90
down: 80
volumes:
up: 90
down: 80
nodes:
increment: 1
min: 1
max: 10
podLabel: cloud.google.com/gke-nodepool
slackWebhook:
buildkit
The build service. It's used in combination with okteto build
to build containers directly in the cluster.
port
: Port used for the buildkit statefulset. Defaults to443
.annotations
: Annotations to add to the buildkit pods.extraEnv
: Environment variables to be set on the buildkit containers.hpa.enabled
: Enable horizontal pod autoscaling for the buildkit pods. Disabled by default.hpa.min
: Minimum number of buildkit pods to keep running.hpa.max
: Maximum number of buildkit pods to scale to.hpa.cpu
: The amount of CPU utilization that will cause the HPA to scale the buildkit pods.labels
: Labels to add to the buildkit pods.podManagementPolicy
: The podManagementPolicy of the buildkit pods. Defaults toParallel
.priorityClassName
: The priority class to be used by buildkit pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.replicaCount
: The number of buildkit pods. It defaults to 1.resources
: The resources for the buildkit pods.serviceAccount.create
: create a service account for buildkit. True by default.serviceAccount.name
: Buildkit service account name. Defaults tookteto-buildkit
.serviceAccount.annotations
: Annotations for the buildkit service account.serviceAccount.labels
: Labels for the buildkit service account.persistence.enabled
: Configures a persistence volume for buildkit. Enabled by default.persistence.class
: The storage class of the persistence volume attached to every buildkit pod.persistence.size
: The size of the persistence volume attached to every buildkit pod. Defaults to750Gi
.persistence.cacheRadio
: What percentage the persitence size should be use for the cache. Value should be between 0 and 1. Defaults to0.9
.tolerations
: List of tolerations to be added to the Buildkit pods. If not set, the Buildkit pods will inherit the tolerations list set inglobals.tolerations.okteto
.nodeSelectors
: Dictionary of node selectors to be added to the Buildkit pods. If not set, the Buildkit pods will inherit the node selectors dictionary set inglobals.nodeSelectors.okteto
.network.mode
: Controls the networking environment for containers during the build process. Defaults toauto
but can be set tohost
,none
, orbridge
. Bridge mode can be useful for preventing port collisions in concurrent builds by isolating network environments.
buildkit:
port: 443
extraEnv:
- name: NO_PROXY
value: ".example.com"
replicaCount: 1
persistence:
enabled: true
storageClass: ssd
size: 180Gi
cache: 150000
tolerations:
- key: "okteto-buildkit"
operator: "Equal"
value: "buildkit"
effect: "NoExecute"
nodeSelectors:
okteto-node-label: build
region: west
In order to handle timeouts during communication between the client and the buildkit daemon, the following environment variables can be modified on the server side:
OKTETO_KEEPALIVE_SERVER_TIME_MS
: After this duration of time, if the server doesn't see any activity it pings the client to see if the transport is still alive. If set below 1s, a minimum value of 1s will be used. The current default value is 2 hours.OKTETO_KEEPALIVE_SERVER_TIMEOUT_MS
: After having pinged for keepalive check, the server waits for a duration of Timeout and if no activity is seen, the connection is closed. The current default value is 20 seconds.OKTETO_KEEPALIVE_SERVER_MAX_CONN_IDLE_MS
: Duration for the amount of time after which an idle connection would be closed by sending a GOAWAY. Idleness duration is defined since the most recent time the number of outstanding RPCs became zero or the connection establishment. The current default value is infinity.OKTETO_KEEPALIVE_SERVER_MAX_CONN_AGE_MS
: Duration for the maximum amount of time a connection may exist before it will be closed by sending a GOAWAY. A random jitter of +/-10% will be added to the value to spread out connection storms. The current default value is infinity.OKTETO_KEEPALIVE_SERVER_MAX_CONN_AGE_GRACE_MS
: An additive period afterOKTETO_KEEPALIVE_SERVER_MAX_CONN_AGE_MS
after which the connection will be forcibly closed. The current default value is infinity.OKTETO_KEEPALIVE_SERVER_POLICY_MINTIME_MS
: Minimum amount of time a client should wait before sending a keepalive ping. The current default value is 5 minutes.OKTETO_KEEPALIVE_SERVER_POLICY_PERMIT_WITHOUT_STREAM
: If true, server allows keepalive pings even when there are no active streams(RPCs). If false, and client sends pings when there are no active streams, server will send GOAWAY and close the connection. False by default.
If you're trying to configure Buildkit persistency for your Okteto installation, check out our video tutorial:
daemonset
The daemonset automatically configures every node of your cluster to work better with Okteto.
annotations
: Annotations to add to the daemonset pods.extraEnv
: Environment variables to be set on the daemonset containers.labels
: Labels to add to the daemonset pods.image
: Container image used by the daemonset pods.configurePrivateRegistriesInNodes.enabled
: Specifies if the daemonset should configure the private registry credentials in the nodes for kubelet or not. It defaults tofalse
. It's disabled ifregcredsManager.pullSecrets.enabled=true
.priorityClassName
: The priority class to be used by the daemonset pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.
The daemonset performs the following tasks on each node:
- Overrides the Okteto Registry hostname resolution to use internal IPs.
- Overrides the default kernel values for file watchers on every node.
- Configures the kubelet with registry credentials for private registries (if
configurePrivateRegistriesInNodes.enabled=true
andregcredsManager.pullSecrets.enabled=false
). - Installs your CA if
wildcardCertificate.privateCA
is enabled. - Installs a CA if using self-signed certificates (
wildcardCertificate.create: true
).
You can restrict the nodes where the daemonset is deployed using dev
tolerations and nodeSelectors:
tolerations:
devPool: dev
defaultBackend
The defaultBackend receives errored requests from the ingress-controller and transform them returning them to the client.
affinity
: Affinities to add to the defaultBackend pods.annotations
: Annotations to add to the defaultBackend pods.enabled
: Control if defaultBackend is deployed. Defaults totrue
.extraEnvs
: Environment variables to be set on the defaultBackend containers.image
: Configuration block to customize the image used by the defaultBackend pods.repository
: Registry and repository for the defaultBackend pods.tag
: Tag used for the defaultBackend pods.
labels
: Labels to add to the defaultBackend pods.nameOverride
: String to override the full name of the defaultBackend service. If you rename an existing service, you need to follow the manual migration steps documented below.port
: Internal port used for the defaultBackend. Defaults to8080
.priorityClassName
: The priority class to be used by the defaultBackend pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.replicaCount
: The number of defaultBackend pods. It defaults to 2.resources
: The resources for the defaultBackend pods.
defaultBackend:
replicaCount: 3
resources:
requests:
cpu: 100m
memory: 128Mi
The defaultBackend provides the following features:
- Autowake namespaces: when a user access an endpoint from an slept namespace, the defaultBackend will issue a wake command.
- Custom error pages: when a user access an endpoint and an error is produced, the defaultBackend will return a custom error page with hints on how to solve it.
tolerations:
devPool: dev
Manual migration steps when renaming the defaultBackend service
If you rename the defaultBackend service using the nameOverride
property, follow these steps to successfully upgrade Okteto in your cluster:
- Identify the current service name for your defaultBackend
kubectl get svc -l app.kubernetes.io/component=default-backend -n okteto
- Patch the
defaultBackend
service adding the annotation:helm.sh/resource-policy: keep
kubectl patch service "<Your existing defaultBackend service name>" -n okteto -p '{"metadata":{"annotations":{"helm.sh/resource-policy": "keep"}}}'
- Upgrade the Okteto Helm chart. This will create a new
defaultBackend
service with the new name. - You can now safely delete the old
defaultBackend
service.
frontend
The frontend service serves the web application.
annotations
: Annotations to add to the frontend pods.extraEnv
: Environment variables to be set on the frontend containers.labels
: Labels to add to the frontend pods.priorityClassName
: The priority class to be used by the frontend pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.replicaCount
: The number of frontend pods. It defaults to 2.resources
: The resources for the frontend pods.
frontend:
extraEnv:
- name: NO_PROXY
value: ".example.com"
replicaCount: 2
resources:
requests:
cpu: 100m
memory: 128Mi
gc
The Okteto Garbage Collector service automatically scales idle applications to zero and deletes unused namespaces for optimal cost savings and resource management. It is enabled by default.
The Garbage Collector service can also be configured in the Admin Dashboard by navigating to Admin -> Garbage Collector.
annotations
: Annotations to add to the gc pods.labels
: Labels to add to the gc pods.slackWebhook
: If set, the garbage collector will send a notification when it scales a resource to zero or when it deletes a namespace.upSessionByLastSyncedFile
: If true, okteto up sessions will be scaled to zero if no files have been synchronized in the scale to zero period. Default behavior is to check for an active connection (regardless of inactivity)priorityClassName
: The priority class to be used by the gc pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.
gc:
enabled: true
upSessionByLastSyncedFile: false
slackWebhook:
insights
Configures the Okteto Insights component in your Okteto instance.
enabled
: Whether to enable Okteto Insights. Defaults tofalse
.bearerSecret.name
: Name of the secret where the token to access Okteto Insights metrics is stored. Defaults tookteto-insights
.bearerSecret.key
: Name of the key within the secret where the token to access Okteto Insights metrics is stored. Defaults tobearer
.
insights:
enabled: false
bearerSecret:
name: okteto-insights
key: bearer
If Okteto Insights is enabled, the Event Exporter component and the Insights Metrics cronjob are also installed.
The Event Exporter receives Okteto CLI events via Kubernetes Events and injects them as Okteto Insights metrics.
priorityClassName
: The priority class for pods created by the Event Exporter. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.podAnnotations
: Annotations to add to Event Exporter pods.podLabels
: Labels to add to the Event Exporter pods.resources
: The resources for the Event Exporter pods.
insights:
eventsExporter:
priorityClassName:
podLabels: {}
podAnnotations: {}
resources:
requests:
cpu: 50m
memory: 20Mi
limits:
memory: 100Mi
The Insight Metrics is a cronjob that pre-computes several metrics for the Okteto Insights /metrics
endpoint.
annotations
: Annotations to add to Insight Metrics pods.labels
: Labels to add to the Insight Metrics pods.priorityClassName
: The priority class for pods created by the Insight Metrics. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.resources
: The resources for the Insight Metrics pods.schedule
: Defines the frequency at which cronjob is executed, using the cron syntax. It defaults to run every 5 minutes (*/5 * * * *
).
insights:
metrics:
annotations: {}
labels: {}
priorityClassName:
resources:
requests:
cpu: 50m
memory: 20Mi
limits:
memory: 100Mi
schedule: "*/5 * * * *"
installer
The jobs that deploy your development environments from Git.
annotations
: Annotations to add to the installer job pods.extraEnv
: Environment variables to be set on the installer job containers.labels
: Labels to add to the installer job pods.image
: to configure your custom installer binaries, including a custom Okteto CLI version.runner
: to configure your custom installer image.activeDeadlineSeconds
: Maximum duration of the pipeline in seconds.gitSSHUser
: User to be used when cloning git repos using ssh.sshSecretName
: The name of the secret that contains the private key used when cloning git repos using ssh. If it doesn't exist, the key and the secret will be automatically generated by Okteto.resources
: The resources for pods created by the installer jobs.priorityClassName
: The priority class for pods created by the installer job pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.securityContext
: The security context for the installer job container. It's not set by default, and it follows the same syntax used in Kubernetes
installer:
image: okteto/installer:1.5.2
runner: okteto/pipeline-runner:1.0.0
extraEnv:
- name: NO_PROXY
value: ".example.com"
activeDeadlineSeconds: 1800
gitSSHUser: git
sshSecretName: "okteto-ssh"
securityContext:
allowPrivilegeEscalation: false
resources:
requests:
cpu: 10m
memory: 50Mi
privateEndpoints
When publicOverride is set, Okteto Self Hosted deploys an additional component for Okteto Private Endpoints feature, which is responsible for authenticating and authorizing requests sent to Okteto Endpoints set to private mode.
port
: Internal port used for the Private Endpoint component. Defaults to8080
.resources
: The resources for the Private Endpoint component pods.replicaCount
: The number of Private Endpoint component pods. It defaults to 1.annotations
: Annotations to add to the Private Endpoint component pods.priorityClassName
: The priority class to be used by the Private Endpoints pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.
By default, the Private Endpoint component will inherit the configuration set at the [auth
] section, but you can override some values with the following properties:
clientID
: Overridesauth.*.clientID
.clientSecret
: Overridesauth.*.clientSecret
.
regcredsManager
The configuration for the controller manager of the Registry Credentials Operator.
This controller manager is deployed as a deployment and is responsible for managing private registry credentials in the cluster. If pullSecrets.enabled=true
all private registry credentials are copied to the okteto-regcred
secret in user dev namespaces and previews.
If pullSecrets.enabled=false
these credentials are copied to all nodes through the Okteto Daemon if daemonset.configurePrivateRegistriesInNodes.enabled=true
.
priorityClassName
: The priority class to be used by the controller manager pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.pullSecrets.enabled
: If enabled, private registry credentials defined in the cluster will be written to user namespaces as pull secrets and no longer be written to the nodes. Defaults to true.internalCertificate.annotations
: Annotations to add to the tls secret used in the controller manager webhook server.podAnnotations
: Annotations to add to the controller manager pods.podLabels
: Labels to add to the controller manager pods.webhookTimeout
: The timeout in seconds for request made to the validating webhook serverreplicas
: The number of controller manager pods. The controller is deployed as a deployment with leader election. It is recommended to have at least 2 replicas here.resources
: The resources for the controller manager pods.
regcredsManager:
priorityClassName:
pullSecrets:
enabled: false
internalCertificate:
annotations: {}
podLabels: {}
podAnnotations: {}
webhookTimeout: 30
replicas: 2
resources:
requests:
cpu: 50m
memory: 100Mi
limits:
memory: 800Mi
resourceManager
Use this section to configure the Resource Manager
annotations
: Annotations to add to the Resource Manager pods.deletePeriodDays
: Specifies the retention period for the recommendations. If a service is no longer deployed in your cluster, its recommendation will be deleted after the specified deletePeriod. It defaults to 15 days.enabled
: When set totrue
, the Resource Manager is installed. When Resource Manager is installed, Okteto creates a CronJob responsible for computing the cpu and memory recommendations for your pods. It defaults totrue
.labels
: Labels to add to the Resource Manager pods.priorityClassName
: The priority class to be used by the Resource Manager pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.recommendations.correction
: A floating-point multiplier used to adjust for over or under-provisioning of resources. The default is1.1
, indicating a 10% over-provisioning. This value must be greater than 0. For example, setting it to 0.9 will result in a 10% under-provisioning compared to the average utilization.recommendations.min.cpu
: Specifies the minimum CPU requests configured when the Resource Manager applies recommendations. The minimum value will be used if a recommendation hasn't been calculated yet or is below this value. It defaults to5m
.recommendations.min.memory
: Specifies the minimum memory requests configured when the Resource Manager applies recommendations. The minimum value will be used if a recommendation hasn't been calculated yet or is below this value. It defaults to10Mi
.recommendations.weight
: A floating-point number between 0 and 1 used to stabilize CPU and memory recommendation calculations. A higher value (closer to 1) gives more weight to historical resource usage trends, making the Resource Manager less responsive to recent changes or spikes. A lower value (closer to 0) makes it more reactive to recent usage patterns, including spikes. The default value is0.9
, which makes the Resource Manager conservative, favoring existing trends and attempting to ignore minor fluctuations.resources
: The resources for the Resource Manager pods.schedule
: Defines the frequency at which resource recommendations are calculated, using the cron syntax. It defaults to run every 5 minutes (*/5 * * * *
).
resourceManager:
enabled: true
schedule: "*/5 * * * *"
deletePeriodDays: 15
recommendations:
weight: 0.9
correction: 1.1
min:
cpu: 5m
memory: 10Mi
priorityClassName:
labels: {}
annotations: {}
resources: {}
registry
Use this section to configure the Okteto Registry. We have dedicated guides to configure the Okteto Registry to store your images in the storage driver of your choice.
These are all the settings available to configure your Okteto Registry:
annotations
: Annotations to add to the registry pods.extraEnv
: Environment variables to be set on the registry containers.ingress.annotations
: Annotations to add to the registry ingress. These annotations take precedence over the ones defined in the ingress section.labels
: Labels to add to the registry pods.pullPolicy
: The security policy for image pulls. If set tocluster
, any Okteto user can pull any image from the registry. When set tonamespace
, only users with access to the namespace can pull images from the namespace. It defaults tonamespace
.priorityClassName
: The priority class to be used by the registry pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.replicaCount
: The number of registry pods. It defaults to 1.resources
: The resources for the registry pods.serviceAccountName
: Alternative service account to be used by the registry. The service account must exist in the same namespace for the Okteto Helm release. Defaults to none.serviceAccount.annotations
: Annotations to add to the registry service account.secret.name
: when using external storage, the name of the secret with the values of your cloud provider credentials.secret.accessKey
: the key of the access key in the secret referenced bysecret.name
(defaults toaccessKey
).secret.secretKey
: the key of the secret key in the secret referenced bysecret.name
(defaults tosecretKey
).
telemetry
The telemetry job "phones home" once a day with the following information:
- Number of managed users
- Number of managed namespaces
- Kubernetes Version and Platform
- A unique install ID
- Your license ID.
- The name of the authentication provider
- The name of the cloud provider
Okteto uses the information to help us better understand how our customers use Okteto, as well as to help us prioritize fixes and features. We don't share your information with anyone else.
enabled
: Enables or disables the telemetry job. Defaults totrue
.priorityClassName
: The priority class to be used by the telemetry pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.
telemetry:
enabled: true
If this configuration is disabled, Okteto CLI analytics are automatically disabled.
webhook
The webhook service. Ingress creation, generation of hostnames, enforcement of policies, etc...
annotations
: Annotations to add to the webhook pods.extraEnv
: Environment variables to be set on the webhook containers.hostNetwork
: Enables or disables host networking for the webhook deployment. The default is false.labels
: Labels to add to the webhook pods.port
: Port sets the port used for the webhook deployment. The default is 443.priorityClassName
: The priority class to be used by the webhook pods. The PriorityClass must already exist in your cluster before using this setting. This value has precedence overglobals.priorityClassName
if both are set. If this value is not set, the pods will inherit the priority class defined by the value set inglobals.priorityClassName
.replicaCount
: The number of webhook pods. It defaults to 2.resources
: The resources for the webhook pods.internalCertificate.annotations
: Annotations to add to the internal certificate generated for the webhook.
Advanced Configuration
affinity
Apply default affinities to pods deployed in namespaces created by Okteto.
devPool
: Affinities for pods created on namespaces managed by Okteto.oktetoPool
: Affinities for pods created during the Okteto installation.
affinity:
devPool:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: cloud.google.com/spot
operator: In
values:
- "true"
weight: 10
oktetoPool:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: dev.okteto.com/overloaded
operator: DoesNotExist
weight: 50
In this case, pods deployed in namespaces created by Okteto will have a preferred affinity to land on preemptive nodes.