Skip to main content

Values Reference

This document describes all top-level global.* values accepted by the LogClaw umbrella chart (logclaw-tenant) and propagated to every sub-chart.

global.*

FieldTypeRequiredDefaultDescription
global.tenantIdstringYesUnique tenant identifier. Lowercase letters, numbers, hyphens only. Max 40 characters. Used as a label, resource name suffix, and namespace component.
global.tenantNamestringYesHuman-readable display name for the tenant. Shown in dashboards and alert messages.
global.storageClassstringYesName of the Kubernetes StorageClass used for all persistent volumes (Kafka, OpenSearch, Airflow). Must exist in the cluster before install.
global.storageClassHighThroughputstringNo"" (falls back to storageClass)StorageClass optimised for high IOPS. Used for Kafka broker disks and OpenSearch data nodes when set. Recommended: io2 on AWS, pd-ssd on GCP.
global.tierstringNo"ha"Deployment tier controlling replica counts and resource profiles. One of: standard (single replicas, minimal resources), ha (3 replicas, production resources), ultra-ha (5+ replicas, maximum resources).
global.objectStorage.providerstringNo"s3"Object storage backend. One of: s3, gcs, azure. Determines the credential format and SDK used by Flink checkpointing and ML engine model storage.
global.objectStorage.bucketstringYesName of the pre-created object storage bucket. Must be accessible from the cluster with appropriate IAM/service-account permissions.
global.objectStorage.regionstringNo"us-east-1"Cloud region of the bucket. Required for AWS S3 and GCS. Ignored for Azure and self-hosted S3.
global.objectStorage.endpointstringNo""Custom S3-compatible endpoint URL. Set for MinIO (http://minio.minio.svc:9000) or other self-hosted S3. Leave empty for AWS S3.
global.secretStore.providerstringNo"aws"Secret management backend for External Secrets Operator. One of: aws, gcp, vault, azure. Determines the ESO ClusterSecretStore type created for the tenant.
global.secretStore.regionstringNo"us-east-1"AWS region for Secrets Manager. Used only when provider=aws.
global.secretStore.projectIdstringNo""GCP project ID. Used only when provider=gcp.
global.secretStore.vaultAddressstringNo""HashiCorp Vault server address (e.g. https://vault.example.com:8200). Used only when provider=vault.
global.imagePullSecretslistNo[]List of Kubernetes image pull secret names ([{name: "my-secret"}]). Applied to all workload pods across all sub-charts.
global.monitoring.enabledboolNotrueWhen true, enables ServiceMonitor and PrometheusRule resources for all sub-charts. Requires Prometheus Operator CRDs to be present.
global.clusterDomainstringNo"cluster.local"Kubernetes cluster DNS domain. Used to construct internal service FQDNs. Change only if your cluster uses a custom domain.

Component Enable Flags

These top-level boolean maps control which sub-charts are rendered by the umbrella chart.
FieldTypeRequiredDefaultDescription
platform.enabledboolNotrueDeploy logclaw-platform (API gateway, RBAC, NetworkPolicy). Disabling also disables the ingress entry point.
otelCollector.enabledboolNotrueDeploy logclaw-otel-collector (OpenTelemetry Collector). OTLP-native log ingestion gateway accepting gRPC (:4317) and HTTP (:4318). Disable if you use a separate log shipping solution.
kafka.enabledboolNotrueDeploy logclaw-kafka (Strimzi Kafka cluster). Required by flink and ticketingAgent.
flink.enabledboolNotrueDeploy logclaw-flink (stream processing jobs). Requires kafka.enabled=true.
opensearch.enabledboolNotrueDeploy logclaw-opensearch (search cluster + dashboards). Required by ticketingAgent.
mlEngine.enabledboolNotrueDeploy logclaw-ml-engine (KServe InferenceService). Requires GPU nodes or CPU-only inference image override.
airflow.enabledboolNotrueDeploy logclaw-airflow (pipeline orchestration).
ticketingAgent.enabledboolNotrueDeploy logclaw-ticketing-agent (AI SRE agent). Requires kafka.enabled=true and opensearch.enabled=true.
bridge.enabledboolNofalseDeploy logclaw-bridge (OTLP ETL + trace correlation engine). Flattens OTLP JSON from Kafka raw-logs into canonical log documents, performs anomaly detection, trace correlation, and OpenSearch indexing. Dev/demo alternative to Flink. Can run alongside Flink.
dashboard.enabledboolNofalseDeploy logclaw-dashboard (Next.js pipeline UI). Provides log ingestion drag-and-drop, incident management, anomaly visualization, and real-time pipeline monitoring.
agent.enabledboolNofalseDeploy logclaw-agent (Go infrastructure health collector). Collects Kafka lag, Flink job status, OpenSearch health, and ESO sync status. Feeds the Dashboard pipeline view.

Per-Chart Override Syntax

Each sub-chart can be overridden using its chart name as the top-level key: 
logclaw-kafka:
  kafka:
    replicas: 5
    storage:
      volumes:
        - id: 0
          type: persistent-claim
          size: "2Ti"
          deleteClaim: false

logclaw-opensearch:
  opensearch:
    data:
      replicas: 5
      diskSize: "2Ti"
    masters:
      replicas: 3

logclaw-otel-collector:
  replicaCount: 10
  autoscaling:
    enabled: true
    minReplicas: 10
    maxReplicas: 50
    targetCPUUtilizationPercentage: 60

logclaw-ticketing-agent:
  config:
    pagerduty:
      enabled: true
    jira:
      enabled: true
      baseUrl: "https://yourorg.atlassian.net"
      projectKey: "SRE"
    servicenow:
      enabled: true
      instance: "yourorg"
    anomaly:
      minimumScore: 0.85
      lookbackWindow: "15m"

logclaw-ml-engine:
  model:
    name: "logclaw-anomaly-v2"
    storageUri: "s3://your-bucket/models/anomaly-v2"
  resources:
    requests:
      cpu: "2"
      memory: "4Gi"
    limits:
      nvidia.com/gpu: "1"

logclaw-airflow:
  airflow:
    dags:
      gitSync:
        enabled: true
        repo: "[email protected]:yourorg/logclaw-dags.git"
        branch: "main"
        sshKeySecret: "airflow-git-ssh-key"

logclaw-bridge:
  bridge:
    kafkaBrokers: "logclaw-kafka-kafka-bootstrap:9093"
    opensearchEndpoint: "https://logclaw-opensearch:9200"
    anomalyThreshold: 2.5
    windowSize: 50

logclaw-dashboard:
  image:
    repository: "ghcr.io/logclaw/dashboard"
    tag: "latest"
  service:
    type: ClusterIP           # ClusterIP (default) or LoadBalancer for external access
    port: 3000

Tier Profiles

Settingstandardhaultra-ha
Kafka brokers135
Kafka storage per broker100Gi1Ti2Ti
OpenSearch masters133
OpenSearch data nodes135
OpenSearch disk per data node100Gi1Ti2Ti
OTel Collector replicas135
Flink task managers124
Ticketing agent replicas123
ML Engine replicas123
PodDisruptionBudgetNoYesYes
TopologySpreadConstraintsNoYes (zone)Yes (zone+node)

Environment Variable Substitution (Helmfile)

When using helmfile, the following environment variables are consumed by helmfile.d/ releases:
VariableUsed ByDefaultDescription
TENANT_IDall helmfile.d filesdev-localTenant identifier, injected into release names and namespaces
STORAGE_CLASS10-platform, 20-kafka, 40-opensearchstandardOverrides global.storageClass
KAFKA_BROKERS30-otel-collector, 50-flink, 80-ticketing-agentlogclaw-kafka-kafka-bootstrap:9093Kafka bootstrap server address
OBJECT_STORAGE_BUCKET50-flink, 60-ml-enginelogclaw-dev-localObject storage bucket name
OBJECT_STORAGE_PROVIDER50-flinks3Object storage provider
OPENSEARCH_ENDPOINT80-ticketing-agenthttps://logclaw-opensearch:9200OpenSearch base URL
HELM_REGISTRYmake pushOCI registry target, e.g. ghcr.io/yourorg/charts