You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|`license`| Set to `accept` to accept the terms of the IBM license |`"not accepted"`|
108
108
|`image.repository`| Image full name including repository |`ibmcom/mq`|
109
-
|`image.tag`| Image tag |`9.4.0.0-r1`|
109
+
|`image.tag`| Image tag |`9.4.0.0-r3`|
110
110
|`image.pullPolicy`| Setting that controls when the kubelet attempts to pull the specified image. |`IfNotPresent`|
111
111
|`image.pullSecret`| An optional list of references to secrets in the same namespace to use for pulling any of the images used by this QueueManager. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honoured. For more information, see [here](https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod)|`nil`|
112
+
|`credentials.enable`| Enable MQ to utilize credentials from a Secret for the default "app" and "admin" users. MQ no longer sets a default password for these users, so it is highly recommended to set your own by creating a Secret. |`false`|
113
+
|`credentials.secret`| Provide the name of a Secret that contains keys "mqAdminPassword" and "mqAppPassword" with passwords as their respective values. This Secret will be mounted into MQ. |`mq-credentials`|
112
114
|`metadata.labels`| The labels field serves as a pass-through for Pod labels. Users can add any label to this field and have it apply to the Pod. |`{}`|
113
115
|`metadata.annotations`| Additional annotations to be added to the Pod annotations. This is required for licensing. Please consult [here](#Supplying-licensing-annotations)|`{}`|
114
116
|`persistence.dataPVC.enable`| By default all data and recovery logs are persisted to a Pod's qmPVC. dataPVC is an optional PersistentVolume which can be enabled using this field. This PersistentVolume is used for MQ persisted data, including configuration, queues and messages. If Multi-instance is enabled this value is set to true. |`false`|
@@ -208,6 +210,13 @@ By default, the MQ container output is in a basic human-readable format. You ca
208
210
209
211
The MQ image includes the MQ web server. The web server runs the web console, and the MQ REST APIs. By default, the MQ server deployed by this chart is accessible via a `ClusterIP`[Service](https://kubernetes.io/docs/concepts/services-networking/service/), which is only accessible from within the Kubernetes cluster. Optionally an OpenShift Route, Load balancer or Kubernetes NodePort can be configured to connect to the web console from outside of the Kubernetes cluster.
210
212
213
+
## Setting default passwords
214
+
215
+
MQ requires a Secret to set passwords for the "admin" and "app" default users. If one would like to set these passwords, create a secret using the below example command.
## Considerations when upgrading the Kubernetes cluster
212
221
213
222
During a Kubernetes cluster upgrade the worker nodes are made unschedulable, to avoid new pods from being deployed, and drained to move the current workload to other worker nodes. Once all pods are removed, the worker node can be safely upgraded. Often additional worker nodes are created during the upgrade process to provide capacity for these drained pods. To preserve an applications availability pod disruption budget (PDB) allows you to declare the number of pods that should be available. This acts as a break in the upgrade process assuring a balance between the speed of the upgrade and application availability. The exact semantics of the upgrade process differs from one Kubernetes distribution to another but the high level process remains similar.
Copy file name to clipboardExpand all lines: charts/ibm-mq/values.yaml
+8-1
Original file line number
Diff line number
Diff line change
@@ -19,12 +19,19 @@ image:
19
19
# repository is the container repository to use
20
20
repository: icr.io/ibm-messaging/mq
21
21
# tag is the tag to use for the container repository
22
-
tag: 9.4.0.0-r1
22
+
tag: 9.4.0.0-r3
23
23
# pullSecret is the secret to use when pulling the image from a private registry
24
24
pullSecret:
25
25
# pullPolicy is either IfNotPresent or Always (https://kubernetes.io/docs/concepts/containers/images/)
26
26
pullPolicy: IfNotPresent
27
27
28
+
# set passwords for users: "admin" and "app"
29
+
credentials:
30
+
# enabled is whether to configure user credentials via secret or not. (in MQ /run/secrets directory)
31
+
enable: false
32
+
# If enabled, provide the name of the secret that contains your user passwords. See adjacent README.md for instructions on how to create this Secret.
33
+
secret: "mq-credentials"
34
+
28
35
# metadata allows setting of additional labels and annottations to be added to all resources. Set on helm install using --set metadata.labels.KEY=VALUE,metadata.labels.=VALUE,...
0 commit comments