Client controller
Details of how to configure the client controller service.
Certificate renewals
The client controller is responsible for initializing certificates for mutual TLS between the KX Insights Platform and external clients, e.g. RT clients.
Variable | Type | Example | Default |
---|---|---|---|
env.KXI_CERT_RENEW_BEFORE |
string |
15m |
|
env.KXI_CERT_DURATION |
string |
1h |
Certificates managed by cert-manager are automatically renewed before they expired.
Cert-manager will calculate when to renew a certificate based on its duration and a 'renew before' setting which specifies how long before expiry a certificate should be renewed.
The default duration for certificates is 90 days and the default 'renew before' setting is 15 days. So, by default a 90 day certificate will be renewed 15 days before it is due to expire.
The default values for duration and 'renew before' can be overridden using the KXI_CERT_DURATION
and KXI_CERT_RENEW_BEFORE
environment variables. These can be set in the base chart as follows
client-controller:
env:
KXI_CERT_RENEW_BEFORE: 15m
KXI_CERT_DURATION: 1h
In this example, certificates will have a duration of 1 hour and will be renewed 15 minutes before they expire.
These values get mapped directly to the spec.duration
and spec.renewBefore
fields for certificate resources so they must be specified in Go time.duration format.
See the notes under https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources for more information.
ReplicaCount and Resources
Client Controller can be tuned to allow the user to better align against available resources
client-controller:
...
replicaCount: 1
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 100m
memory: 128Mi
variable | type | default | description |
---|---|---|---|
replicaCount |
int |
3 |
No. of Client Controller pods to run |
resources.requests.cpu |
string |
100m |
Requested CPU for the Client Controller |
resources.requests.memory |
string |
128Mi |
Requested memory for the Client Controller |
resources.limits.cpu |
string |
250m |
Max CPU given to Client Controller |
resources.limits.memory |
string |
128Mi |
Max Memory given to Client Controller |