Skip to main content
Version: 3.1

Helm chart

This Helm reference page provides comprehensive details on the Portworx Helm chart, including the compatibility matrix and configurable parameters.

Portworx Helm chart compatibility matrix

The following table lists the Helm version compatibility with Portworx Enterprise and Operator. Ensuring compatibility between these components is crucial for the successful installation and operation of Portworx on Kubernetes clusters.

Helm chart versionPXE versionOperator Version
4.0.03.1.424.1.1

Portworx Helm chart parameters

The following table lists the configurable parameters of the Portworx Helm chart and their default values.

ParameterDescriptionDefault
imageVersionSpecifies the version of the Portworx image.3.1.4
pxOperatorImageVersionSpecifies the version of the Portworx operator image.24.1.1
openshiftInstallIndicates whether Portworx is being installed on OpenShift.false
pksInstallIndicates whether Portworx is being installed on Pivotal Container Service (PKS).false
EKSInstallIndicates whether Portworx is being installed on Amazon Elastic Kubernetes Service (EKS).false
AKSInstallIndicates whether Portworx is being installed on Azure Kubernetes Service (AKS).false
GKEInstallIndicates whether Portworx is being installed on Google Kubernetes Engine (GKE).false
etcdEndPoint(REQUIRED) Specifies the etcd endpoint(s) in the format "etcd:http://<your-etcd-endpoint>". Multiple URLs should be separated by a semicolon (e.g., etcd:http://<your-etcd-endpoint1>;etcd:http://<your-etcd-endpoint2>).""
clusterNameDefines the name of the Portworx cluster."mycluster"
usefileSystemDriveDetermines if Portworx should use an unmounted drive even if it contains a filesystem.false
usedrivesAndPartitionsDetermines if Portworx should use both the drives and partitions on the disk.false
drivesSpecifies a semicolon-separated list of drives to be used for storage (e.g., /dev/sda;/dev/sdb)."none"
providerDefines the cloud provider name (e.g., pure, azure, aws, gce, vsphere) when using cloud storage.""
journalDeviceSpecifies the journal device for Portworx metadata.""
cacheDevicesSpecifies a semicolon-separated list of cache devices for Portworx.""
maxStorageNodesPerZoneSets the maximum number of storage nodes per zone. If the limit is reached, any new node added to the zone is started as a compute-only node.0
maxStorageNodesSets the maximum number of storage nodes. If the limit is reached, any new node is started as a compute-only node. Using maxStorageNodesPerZone is recommended.0
systemMetadataDeviceSpecifies the device for storing Portworx metadata.""
secretTypeDefines the secret store to be used, such as AWS KMS, KVDB, Vault, K8s, or IBM Key Protect.k8s
dataInterfaceSpecifies the name of the data network interface (e.g., ethX)."none"
managementInterfaceSpecifies the name of the management network interface (e.g., ethX)."none"
serviceTypeDefines the Kubernetes service type for services deployed by the operator. Use direct values like 'LoadBalancer' or 'NodePort' to change all services, or specify individual service types (e.g., portworx-service:LoadBalancer;portworx-api:ClusterIP)."none"
runtimeOptionsSpecifies a semicolon-separated list of key-value pairs that override runtime options.""
featureGatesSpecifies a semicolon-separated list of key-value pairs for enabling or disabling Portworx features.""
security.enabledEnables or disables security features.false
security.auth.guestAccessControls guest role access in the cluster. Options: Enabled, Disabled, Managed."Enabled"
security.auth.selfSigned.tokenLifetimeSets the token lifetime for self-signed tokens generated by the operator.""
security.auth.selfSigned.issuerDefines the issuer name for configuring PX-Security.""
security.auth.selfSigned.sharedSecretSpecifies the Kubernetes secret name for storing the shared secret.""
resourcesConfigures resource usage (memory and CPU) for Portworx containers.{}
customMetadata.annotations.pod.storageAdds custom annotations for Portworx pods.""
customMetadata.annotations.service.portworxApiAdds custom annotations for the portworx-api service.""
customMetadata.annotations.service.portworxServiceAdds custom annotations for the portworx-service.""
customMetadata.annotations.service.portworxKVDBServiceAdds custom annotations for the portworx-kvdb-service.""
customMetadata.labels.service.portworxApiAdds custom labels for the portworx-api service (currently supported only for this service).""
envVarsDefines a semicolon-separated list of environment variables (e.g., MYENV1=val1;MYENV2=val2). Deprecated: Use envs for setting environment variables."none"
envsAdds environment variables to the Portworx container in Kubernetes-supported formats.[ ]
disableStorageClassDisables the installation of default Portworx StorageClasses.false
stork.enabledEnables or disables STORK (Storage Orchestration for Hyperconvergence).true
stork.storkVersionSpecifies the version of STORK to use.""
stork.argsPasses arguments to the STORK container.""
stork.volumesAdds volumes to the STORK container.[ ]
stork.envDefines Kubernetes-style environment variables for the STORK container.[ ]
customRegistryURLSpecifies a custom Docker registry URL.""
registrySecretDefines the secret for accessing a custom registry.""
monitoring.prometheus.enabledEnables or disables Prometheus monitoring.false
monitoring.prometheus.exportMetricsExposes Portworx metrics to an external or operator-deployed Prometheus.false
monitoring.prometheus.alertManagerEnables or disables the Prometheus Alertmanager.false
monitoring.prometheus.resourcesConfigures resource usage (memory and CPU) for the Prometheus container.{}
monitoring.prometheus.replicasSpecifies the number of Prometheus replicas to deploy.1
monitoring.prometheus.retentionSets the retention period for Prometheus metrics."24h"
monitoring.prometheus.retentionSizeLimits the disk space used by Prometheus for storing metrics. Example: "10GiB", "50MiB".""
monitoring.prometheus.storageConfigures storage for Prometheus data.{}
monitoring.prometheus.volumesAdds additional volumes for the Prometheus StatefulSet.[ ]
monitoring.prometheus.volumeMountsAdds additional volume mounts for the Prometheus StatefulSet.[ ]
monitoring.prometheus.securityContext.runAsNonRootEnables running the Prometheus container as a non-root user.false
monitoring.telemetryEnables or disables telemetry reporting.true
monitoring.grafanaEnables or disables Grafana integration.false
csi.enabledEnables the Container Storage Interface (CSI).true
csi.topology.enabledEnables the CSI topology feature.false
csi.installSnapshotControllerInstalls the CSI Snapshot Controller.false
autopilot.enabledEnables the Autopilot feature.true
autopilot.imageSpecifies the Autopilot image.""
autopilot.lockImageLocks Autopilot to the specified image.false
autopilot.argsDefines a semicolon-separated list of arguments for Autopilot.""
autopilot.envAdds Kubernetes-style environment variables for the Autopilot container.[ ]
internalKVDBEnables the internal Key-Value Database (KVDB).true
kvdbDeviceSpecifies a separate device for storing KVDB data (used when internalKVDB is true).""
kvdb.authSecretNameDefines the secret for securing KVDB. For more details, see Secure your etcd communication."none"
etcd.credentialsSpecifies etcd authentication credentials in the format user:password. Deprecated: Use kvdb.authSecretName."none":"none"
etcd.certPathBase path for etcd certificates (e.g., /etc/pwx/etcdcerts). Deprecated: Use kvdb.authSecretName."none"
etcd.caSpecifies the CA file for etcd certificate-based authentication. Deprecated: Use kvdb.authSecretName."none"
etcd.certSpecifies the client certificate for etcd certificate-based authentication. Deprecated: Use kvdb.authSecretName."none"
etcd.keySpecifies the private key for etcd certificate-based authentication. Deprecated: Use kvdb.authSecretName."none"
consul.tokenThe ACL token used for authenticating with Consul (e.g., xxxxxxxx-xxxx-xxxx-xxxx-bbbeb030d1f6). Deprecated: Use kvdb.authSecretName instead.-
volumesDefines the volumes for Portworx, specifying parameters like name, mount path, mount propagation (options include None, HostToContainer, Bidirectional), and read-only status. For secret volumes, provide the secret name and map specific keys to paths. Supported volume types include Host, Secret, and ConfigMap.[ ]
tolerationsSpecifies tolerations for scheduling Portworx pods, allowing them to run on nodes with matching taints.[ ]
nodeAffinitySpecifies node affinity rules that dictate where Portworx pods can be scheduled based on node labels.{}
nodesConfigurationAllows overriding of cluster-level configurations for individual nodes or groups, including settings for network, storage, environment variables, and runtime options.[ ]
clusterToken.createIndicates whether a cluster token should be generated.false
clusterToken.secretNameThe name of the Kubernetes secret that will be created for the cluster token, which requires clusterToken.create to be true."px-vol-encryption"
clusterToken.serviceAccountNameThe service account name utilized for the post-install hook to generate the cluster token."px-create-cluster-token"
deleteStrategy.typeSpecifies the delete strategy for the Portworx cluster, with valid options being Uninstall or UninstallAndWipe.""
updateStrategy.typeDefines the update strategy for the Portworx cluster, with supported options including RollingUpdate and OnDelete.""
updateStrategy.maxUnavailableSpecifies the maximum number of nodes that can be unavailable during a rolling update.1
updateStrategy.minReadySecondsSets the minimum duration (in seconds) that a pod must be ready before the next batch of pods is updated during a rolling update.1
updateStrategy.autoUpdateComponentsDetermines the update strategy for component images, with valid options including None, Once, and Always.None
note

You can specify each parameter using the --set key1=value1,key2=value2 argument with the helm install command. For example, helm install my-release portworx/portworx --set pxOperatorImageVersion=24.1.1 command sets the Portworx Operator version to 24.1.1.