Skip to content

Bufstream Helm values

The Bufstream Helm chart is used to deploy Bufstream on Kubernetes. The Bufstream Helm values.yaml file defines the configuration for the Bufstream Kubernetes cluster. The configuration parameters and defaults documented below are the common and recommended settings for deploying a Bufstream cluster.

Values and defaults

adminTLS

object

adminTLS contains TLS configuration for Admin Server.

Defaults to {}.

bufstream.controlServerService.annotations

object

Kubernetes Service annotations.

Defaults to {}.

bufstream.controlServerService.enabled

bool

Whether to create a Kubernetes Headless Service for the Bufstream Control Server (inter-agent RPC server using the Connect protocol).

Defaults to false.

bufstream.deployment.affinity

object

Bufstream Deployment Affinity.

Defaults to {}.

bufstream.deployment.args

list

Bufstream Deployment args to be appended.

Defaults to [].

bufstream.deployment.autoscaling.behavior

object

Horizontal Pod Autoscaler behavior.

Defaults to {}.

bufstream.deployment.autoscaling.enabled

bool

Whether to enable the horizontal pod autoscaler.

Defaults to false.

bufstream.deployment.autoscaling.maxReplicas

int

Maximum number of autoscaler allowed replicas.

Defaults to 18.

bufstream.deployment.autoscaling.minReplicas

int

Minimum number of autoscaler allowed replicas.

Defaults to 6.

bufstream.deployment.autoscaling.targetCPU

string

Target CPU threshold for managing replica count.

Defaults to "50".

bufstream.deployment.autoscaling.targetMemory

string

Target memory threshold for managing replica count.

Defaults to "".

bufstream.deployment.command

list

Bufstream Deployment command.

Defaults to ["/usr/local/bin/bufstream"].

bufstream.deployment.extraContainerPorts

object

Bufstream Deployment Extra container ports for the bufstream container.

Defaults to {}.

bufstream.deployment.extraContainers

list

Bufstream Deployment additional containers to run besides the bufstream container.

Defaults to [].

bufstream.deployment.extraEnv

list

Bufstream Deployment Extra environment variables for the bufstream container.

Defaults to [].

bufstream.deployment.extraVolumeMounts

list

Bufstream Deployment Extra volume mounts for the bufstream container.

Defaults to [].

bufstream.deployment.extraVolumes

list

Bufstream Deployment Extra volumes.

Defaults to [].

bufstream.deployment.kind

string

Bufstream Deployment kind. Supports [Deployment, StatefulSet]

Defaults to "StatefulSet".

bufstream.deployment.livenessProbe.failureThreshold

int

Bufstream Deployment Liveness Probe Maximum failure threshold.

Defaults to 3.

bufstream.deployment.livenessProbe.timeoutSeconds

int

Bufstream Deployment Liveness Probe timeout.

Defaults to 5.

bufstream.deployment.nodeSelector

object

Bufstream Deployment Node selector.

Defaults to {}.

bufstream.deployment.podAnnotations

object

Bufstream Deployment Pod annotations.

Defaults to {}.

bufstream.deployment.podLabels

object

Bufstream Deployment Pod labels.

Defaults to {}.

bufstream.deployment.podManagementPolicy

string

Bufstream Deployment pod management policy to use when StatefulSet kind is used.

Defaults to "Parallel".

bufstream.deployment.readinessProbe.failureThreshold

int

Bufstream Deployment Readiness Probe Maximum failure threshold.

Defaults to 3.

bufstream.deployment.readinessProbe.timeoutSeconds

int

Bufstream Deployment Readiness Probe timeout.

Defaults to 5.

bufstream.deployment.replicaCount

int

Bufstream Deployment replica count.

Defaults to 3.

bufstream.deployment.resources.limits.cpu

string

Bufstream Deployment Resource request CPU.

Defaults to "".

bufstream.deployment.resources.limits.memory

string

Bufstream Deployment Resource limits memory.

Defaults to "8Gi".

bufstream.deployment.resources.requests.cpu

int

Bufstream Deployment Resource request CPU.

Defaults to 2.

bufstream.deployment.resources.requests.memory

string

Bufstream Deployment Resource request memory.

Defaults to "8Gi".

bufstream.deployment.selectorLabels

object

Bufstream Deployment Selector labels.

Defaults to {}.

bufstream.deployment.serviceName

string

Bufstream Deployment service name to link for per pod DNS registration when StatefulSet kind is used.

Defaults to "".

bufstream.deployment.shareProcessNamespace

bool

Bufstream Deployment setting for sharing the process namespace.

Defaults to false.

bufstream.deployment.startupProbe.failureThreshold

int

Bufstream Deployment Liveness Probe Configuration

Defaults to 3.

bufstream.deployment.terminationGracePeriodSeconds

int

Bufstream Deployment termination grace period.

Defaults to 420.

bufstream.deployment.tolerations

list

Bufstream Deployment Tolerations.

Defaults to [].

bufstream.image.pullPolicy

string

Bufstream Deployment container image pull policy.

Defaults to "IfNotPresent".

bufstream.image.repository

string

Bufstream Deployment container image repository.

Defaults to "us-docker.pkg.dev/buf-images-1/bufstream-public/images/bufstream".

bufstream.image.tag

string

Overrides the image tag whose default is the chart version.

Defaults to "latest".

bufstream.podDisruptionBudget.enabled

bool

Whether to enable pod disruption budget.

Defaults to false.

bufstream.podDisruptionBudget.maxUnavailable

string

Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). Has higher precedence over minAvailable

Defaults to "".

bufstream.podDisruptionBudget.minAvailable

string

Number of pods that are available after eviction as number or percentage (eg.: 50%).

Defaults to "" (defaults to 0 if not specified).

bufstream.service.annotations

object

Kubernetes Service annotations.

Defaults to {}.

bufstream.service.enabled

bool

Whether to create a Kubernetes Service for this bufstream deployment.

Defaults to true.

bufstream.service.type

string

Kubernetes Service type.

Defaults to "ClusterIP".

bufstream.serviceAccount.annotations

object

Kubernetes Service Account annotations.

Defaults to {}.

bufstream.serviceAccount.create

bool

Whether to create a Kubernetes Service Account for this bufstream deployment.

Defaults to true.

bufstream.serviceAccount.name

string

Kubernetes Service Account name.

Defaults to "bufstream-service-account".

cluster

string

The name of the cluster. Used by bufstream to identify itself.

Defaults to "bufstream".

configOverrides

object

Bufstream configuration overrides. Any value here will be set directly on the bufstream config.yaml, taking precedence over any other helm defined values.

Defaults to {}.

connectTLS

object

connectTLS contains TLS configuration for Control Server which is used for inter-agent communication using Connect protocol.

Defaults to {"client":{},"server":{}}.

connectTLS.client

object

Client contains client side TLS configuration to connect to the Control Server.

Defaults to {}.

connectTLS.server

object

Server contains server side TLS configuration.

Defaults to {}.

dataEnforcement

object

Configuration for data enforcement via schemas of records flowing in and out of the agent.

Defaults to {}.

discoverZoneFromNode

bool

When true it enables additional permissions so Bufstream can get the zone via the Kubernetes API server by reading the zone topology label of the node the bufstream pod is running on. Bufstream won't attempt to do the discovery if the zone option is false.

Defaults to false.

extraObjects

list

Extra Kubernetes objects to install as part of this chart.

Defaults to [].

imagePullSecrets

list

Reference to one or more secrets to be used when pulling images. For more information, see Pull an Image from a Private Registry.

Defaults to [].

kafka.address

object

The address the Kafka server should listen on. This defaults to 0.0.0.0 (any) and 9092 port.

Defaults to {"host":"0.0.0.0","port":9092}.

kafka.exactLogOffsets

bool

If exact log hwm and start offsets should be computed when fetching records.

Defaults to false.

kafka.exactLogSizes

bool

If exact log sizes should be fetched when listing sizes for all topics/partitions.

Defaults to true.

kafka.fetchEager

bool

If a fetch should return as soon as any records are available.

Defaults to true.

kafka.fetchSync

bool

If fetches from different readers should be synchronized to improve cache hit rates.

Defaults to true.

kafka.groupConsumerSessionTimeout

string

The default group consumer session timeout.

Defaults to "45s".

kafka.groupConsumerSessionTimeoutMax

string

The maximum group consumer session timeout.

Defaults to "60s".

kafka.groupConsumerSessionTimeoutMin

string

The minimum group consumer session timeout.

Defaults to "10s".

kafka.idleTimeout

int

How long a Kafka connection can be idle before being closed by the server. If set a value less than or equal to zero, the timeout will be disabled.

Defaults to 0.

kafka.numPartitions

int

The default number of partitions to use for a new topic.

Defaults to 1.

kafka.partitionBalanceStrategy

string

How to balance topic/partitions across bufstream nodes. One of: ["BALANCE_STRATEGY_UNSPECIFIED", "BALANCE_STRATEGY_PARTITION", "BALANCE_STRATEGY_HOST", "BALANCE_STRATEGY_CLIENT_ID"]

Defaults to "BALANCE_STRATEGY_PARTITION".

kafka.produceConcurrent

bool

If records from a producer to different topic/partitions may be sequenced concurrently instead of serially.

Defaults to true.

kafka.publicAddress

object

The public address clients should use to connect to the Kafka server. This defaults to the K8S service DNS and 9092 port.

Defaults to {host: "<service>.<namespace>.svc.cluster.local", port: 9092}.

kafka.requestBufferSize

int

The number of kafka request to unmarshal and buffer before processing.

Defaults to 5.

kafka.tlsCertificateSecrets

list

Kubernetes secrets containing a tls.crt and tls.key (as the secret keys, see https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets) to present to the client. The first certificate compatible with the client's requirements is selected automatically.

Defaults to [].

kafka.tlsClientAuth

string

Declare the policy the server will follow for mutual TLS (mTLS). Supported values are [NO_CERT, REQUEST_CERT, REQUIRE_CERT, VERIFY_CERT_IF_GIVEN, REQUIRE_AND_VERIFY_CERT]. Only supported when using tlsCertificateSecret.

Defaults to "NO_CERT".

kafka.tlsClientCasSecret

string

Kubernetes secret containing a tls.crt (as the secret key) PEM-encoded certificate authorities used by the server to validate the client certificates. This field can't be empty if tlsClientAuth is set for client performing verification. Only supported when using tlsCertificateSecret.

Defaults to "".

kafka.zoneBalanceStrategy

string

How to balance clients across zones, when client doesn't specify a zone. One of: ["BALANCE_STRATEGY_UNSPECIFIED", "BALANCE_STRATEGY_PARTITION", "BALANCE_STRATEGY_HOST", "BALANCE_STRATEGY_CLIENT_ID"]

Defaults to "BALANCE_STRATEGY_PARTITION".

metadata.etcd.addresses

list

Etcd addresses to connect to.

Defaults to [].

metadata.etcd.tls

object

TLS client configuration for bufstream to connect to etcd.

Defaults to {}.

metadata.use

string

Which metadata storage that bufstream is using. Currently, only etcd is supported.

Defaults to "etcd".

nameOverride

string

Overrides .Chart.Name throughout the chart.

Defaults to "".

namespaceCreate

bool

Whether to create the namespace where resources are located.

Defaults to false.

namespaceOverride

string

Will be used as the namespace for all resources instead of .Release.namespace if set

Defaults to "".

observability.exporter.address

string

Open Telemetry base endpoint to push metrics and traces. The value has a host and an optional port. It shouldn't include the URL path, such as "/v1/traces" or the scheme. This can be overriden by metrics.address or tracing.address.

Defaults to "".

observability.exporter.insecure

bool

Whether to disable TLS for the exporter's HTTP connection. This can be overriden by metrics.insecure or tracing.insecure.

Defaults to false.

observability.logLevel

string

Log level to use.

Defaults to "INFO".

observability.metrics.address

string

The endpoint the exporter connects to. The value has a host and an optional port. It shouldn't include the URL path, such as "/v1/metrics" or the scheme. Specify path and insecure instead.

Defaults to "".

observability.metrics.exporter

string

Open Telemetry exporter. Supports [NONE, STDOUT, HTTP, HTTPS, PROMETHEUS]. Deprecated: use exporterType instead.

Defaults to "".

observability.metrics.exporterType

string

Open Telemetry exporter. Supports [NONE, STDOUT, OTLP_GRPC, OTLP_HTTP, PROMETHEUS]

Defaults to "NONE".

observability.metrics.insecure

bool

Whether to disable TLS. This can only be specified for OTLP_HTTP exporter type.

Defaults to false.

observability.metrics.omitPartitionAttribute

bool

Defaults to false.

observability.metrics.otlpTemporalityPreference

string

Defaults to "".

observability.metrics.path

string

Defaults to "".

observability.otlpEndpoint

string

Open Telemetry base endpoint to push metrics and traces to. Deprecated: use exporter.address and exporter.insecure instead.

Defaults to "".

observability.sensitiveInformationRedaction

string

Redact sensitive information such as topic names, before adding to to metrics, traces and logs. Supports [NONE, OPAQUE, OMITTED]

Defaults to "NONE".

observability.tracing.address

string

The endpoint the exporter connects to. The value has a host and an optional port. It shouldn't include the URL path, such as "/v1/traces" or the scheme. Specify path and insecure instead.

Defaults to "".

observability.tracing.exporter

string

Open Telemetry exporter. Supports [NONE, STDOUT, HTTP, HTTPS]. Deprecated: use exporterType instead.

Defaults to "".

observability.tracing.exporterType

string

Open Telemetry exporter. Supports [NONE, STDOUT, OTLP_GRPC, OTLP_HTTP]

Defaults to "NONE".

observability.tracing.insecure

bool

Whether to disable TLS. This can only be specified for OTLP_HTTP exporter type.

Defaults to false.

observability.tracing.path

string

Defaults to "".

observability.tracing.traceRatio

float

Trace sample ratio.

Defaults to 0.1.

storage.gcs.bucket

string

GCS bucket name.

Defaults to "".

storage.gcs.prefix

string

GCS prefix to use for all stored files.

Defaults to "".

storage.gcs.secretName

string

Kubernetes secret containing a credentials.json (as the secret key) service account key to use instead of the metadata server.

Defaults to "".

storage.s3.accessKeyId

string

S3 Access Key ID to use instead of the metadata server.

Defaults to "".

storage.s3.bucket

string

S3 bucket name.

Defaults to "".

storage.s3.forcePathStyle

bool

S3 Force Path Style setting. See https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/examples-s3.html.

Defaults to false.

storage.s3.prefix

string

S3 prefix to use for all stored files.

Defaults to "".

storage.s3.region

string

S3 bucket region.

Defaults to "".

storage.s3.secretName

string

Kubernetes secret containing a secret_access_key (as the secret key) to use instead of the metadata server.

Defaults to "".

storage.use

string

Which object storage that bufstream is using. Currently, gcs and s3 are supported.

Defaults to "s3".

zone

string

The zone location of brokers, for example, the datacenter/availability zone where the agent is running. If not given, bustream will try to infer this from node metadata. This is currently for bufstream internal functionality, and doesn't control cloud providers such as GCP directly.

Defaults to "".

Annotated values.yaml

The Helm values.yaml file below contains all of the configuration parameters for a Bufstream cluster with recomemnded defaults. You can copy this annotated YAML into your Helm values file to use as a reference when configuring and deploying Bufstream.

# -- Overrides .Chart.Name throughout the chart.
nameOverride: ""
# -- Will be used as the namespace for all resources instead of .Release.namespace if set
namespaceOverride: ""
# -- Whether to create the namespace where resources are located.
namespaceCreate: false
# -- Reference to one or more secrets to be used when pulling images.
# For more information, see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).
imagePullSecrets: []
# -- The name of the cluster. Used by bufstream to identify itself.
cluster: bufstream
# -- The zone location of brokers, for example, the datacenter/availability zone where the agent is running.
# If not given, bustream will try to infer this from node metadata.
# This is currently for bufstream internal functionality, and does not control cloud providers such as GCP directly.
zone: ""
# -- When true it enables additional permissions so Bufstream can get the zone via the Kubernetes API server by reading the zone topology label of the node the bufstream pod is running on. Bufstream won't attempt to do the discovery if the zone option is false.
discoverZoneFromNode: false
# -- Configuration for data enforcement via schemas of records flowing in and out of the agent.
dataEnforcement: {}
kafka:
  # -- The address the Kafka server should listen on. This defaults to 0.0.0.0 (any) and 9092 port.
  address:
    host: 0.0.0.0
    port: 9092
  # -- The public address clients should use to connect to the Kafka server. This defaults to the K8S service DNS and 9092 port.
  # @default -- `{host: "<service>.<namespace>.svc.cluster.local", port: 9092}`
  publicAddress: {}
  # -- Kubernetes secrets containing a `tls.crt` and `tls.key` (as the secret keys, see https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets) to present to the client. The first certificate compatible with the client's requirements is selected automatically.
  tlsCertificateSecrets: []
  # -- Declare the policy the server will follow for mutual TLS (mTLS). Supported values are [NO_CERT, REQUEST_CERT, REQUIRE_CERT, VERIFY_CERT_IF_GIVEN, REQUIRE_AND_VERIFY_CERT]. Only supported when using tlsCertificateSecret.
  # @default -- `"NO_CERT"`
  tlsClientAuth: ""
  # -- Kubernetes secret containing a `tls.crt` (as the secret key) PEM-encoded certificate authorities used by the server to validate the client certificates. This field can't be empty if tlsClientAuth is set for client performing verification. Only supported when using tlsCertificateSecret.
  tlsClientCasSecret: ""
  # -- If a fetch should return as soon as any records are available.
  fetchEager: true
  # -- If fetches from different readers should be synchronized to improve cache hit rates.
  fetchSync: true
  # -- If records from a producer to different topic/partitions may be sequenced concurrently instead of serially.
  produceConcurrent: true
  # -- How to balance clients across zones, when client does not specify a zone. One of: ["BALANCE_STRATEGY_UNSPECIFIED", "BALANCE_STRATEGY_PARTITION", "BALANCE_STRATEGY_HOST", "BALANCE_STRATEGY_CLIENT_ID"]
  zoneBalanceStrategy: BALANCE_STRATEGY_PARTITION
  # -- How to balance topic/partitions across bufstream nodes. One of: ["BALANCE_STRATEGY_UNSPECIFIED", "BALANCE_STRATEGY_PARTITION", "BALANCE_STRATEGY_HOST", "BALANCE_STRATEGY_CLIENT_ID"]
  partitionBalanceStrategy: BALANCE_STRATEGY_PARTITION
  # -- The number of kafka request to unmarshal and buffer before processing.
  requestBufferSize: 5
  # -- How long a Kafka connection can be idle before being closed by the server. If set a value less than or equal to zero, the timeout will be disabled.
  idleTimeout: 0
  # -- The default number of partitions to use for a new topic.
  numPartitions: 1
  # -- If exact log sizes should be fetched when listing sizes for all topics/partitions.
  exactLogSizes: true
  # -- If exact log hwm and start offsets should be computed when fetching records.
  exactLogOffsets: false
  # -- The default group consumer session timeout.
  groupConsumerSessionTimeout: 45s
  # -- The minimum group consumer session timeout.
  groupConsumerSessionTimeoutMin: 10s
  # -- The maximum group consumer session timeout.
  groupConsumerSessionTimeoutMax: 60s

# -- connectTLS contains TLS configuration for Control Server which is used for inter-agent communication using Connect protocol.
connectTLS:
  # -- Server contains server side TLS configuration.
  server: {}
    # server:
    #   # Kubernetes secrets containing a `tls.crt` and `tls.key` (as the secret keys, see https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets) to present to the client. The first certificate compatible with the client's requirements is selected automatically.
    #   certificateSecrets: []
  # -- Client contains client side TLS configuration to connect to the Control Server.
  client: {}
    # client:
    #   # Controls whether a client verifies the server's certificate chain and host name.
    #   insecureSkipVerify: true
    #   # The existing secret name that contains ca.crt key of the PEM-encoded root certificate authorities used by the client to validate
    #   # the server certificates.
    #   rootCaSecret: ""

# -- adminTLS contains TLS configuration for Admin Server.
adminTLS: {}
  # adminTLS:
  #   # Kubernetes secrets containing a `tls.crt` and `tls.key` (as the secret keys, see https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets) to present to the client. The first certificate compatible with the client's requirements is selected automatically.
  #   certificateSecrets: []

metadata:
  # -- Which metadata storage that bufstream is using.
  # Currently, only `etcd` is supported.
  use: etcd
  etcd:
    # -- Etcd addresses to connect to.
    addresses: []
    # addresses:
    # - host: ""
    #   port: 2379

    # -- TLS client configuration for bufstream to connect to etcd.
    tls: {}
    # tls:
    #   # Controls whether a client verifies the server's certificate chain and host name.
    #   insecureSkipVerify: true
    #   # The existing secret name that contains ca.crt key of the PEM-encoded root certificate authorities used by the client to validate
    #   # the server certificates.
    #   rootCaSecret: ""
storage:
  # -- Which object storage that bufstream is using.
  # Currently, `gcs` and `s3` are supported.
  use: s3
  gcs:
    # -- GCS bucket name.
    bucket: ""
    # -- GCS prefix to use for all stored files.
    prefix: ""
    # -- Kubernetes secret containing a `credentials.json` (as the secret key) service account key to use instead of the metadata server.
    secretName: ""
  s3:
    # -- S3 bucket name.
    bucket: ""
    # -- S3 bucket region.
    region: ""
    # -- S3 prefix to use for all stored files.
    prefix: ""
    # -- S3 Force Path Style setting. See https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/examples-s3.html.
    forcePathStyle: false
    # -- S3 Access Key ID to use instead of the metadata server.
    accessKeyId: ""
    # -- Kubernetes secret containing a `secret_access_key` (as the secret key) to use instead of the metadata server.
    secretName: ""
observability:
  # -- Log level to use.
  logLevel: INFO
  # -- Open Telemetry base endpoint to push metrics and traces to.
  # Deprecated: use exporter.address and exporter.insecure instead.
  otlpEndpoint: ""
  exporter:
    # -- Open Telemetry base endpoint to push metrics and traces. The value has a host and an optional port.
    # It should not include the URL path, such as "/v1/traces" or the scheme.
    # This can be overriden by metrics.address or tracing.address.
    address: ""
    # -- Whether to disable TLS for the exporter's HTTP connection.
    # This can be overriden by metrics.insecure or tracing.insecure.
    insecure: false
  metrics:
    # -- Open Telemetry exporter. Supports [NONE, STDOUT, HTTP, HTTPS, PROMETHEUS].
    # Deprecated: use exporterType instead.
    exporter: ""
    # -- Open Telemetry exporter. Supports [NONE, STDOUT, OTLP_GRPC, OTLP_HTTP, PROMETHEUS]
    exporterType: "NONE"
    # -- The endpoint the exporter connects to. The value has a host and an optional port.
    # It should not include the URL path, such as "/v1/metrics" or the scheme.
    # Specify path and insecure instead.
    address: ""
    # The URL path appended to address. Defaults to "/v1/metrics".
    # This can only be specified for the OTLP_HTTP exporter type.
    path: ""
    # -- Whether to disable TLS.
    # This can only be specified for OTLP_HTTP exporter type.
    insecure: false
    # This omits metrics that depend on the kafka.topic.partition attribute, which may have high cardinality
    # depending on the configuration. One example is kafka.topic.partition.offset.high_water_mark.
    # This omits only the attribute for metrics that have this attribute without depending on it.
    # One example is kafka.produce.record.size.
    omitPartitionAttribute: false
    # Whether to emit bufstream.internal.* metrics.
    # @ignored
    enableInternalMetrics: false
    # Allows changing the default temporality preference for OTLP metrics.
    # This is recommended to be set to "delta" for reporting to Datadog agents.
    # See https://docs.datadoghq.com/opentelemetry/guide/otlp_delta_temporality/ for more details.
    otlpTemporalityPreference: ""
  tracing:
    # -- Open Telemetry exporter. Supports [NONE, STDOUT, HTTP, HTTPS].
    # Deprecated: use exporterType instead.
    exporter: ""
    # -- Open Telemetry exporter. Supports [NONE, STDOUT, OTLP_GRPC, OTLP_HTTP]
    exporterType: "NONE"
    # -- The endpoint the exporter connects to. The value has a host and an optional port.
    # It should not include the URL path, such as "/v1/traces" or the scheme.
    # Specify path and insecure instead.
    address: ""
    # The URL path appended to address. Defaults to "/v1/traces".
    # This can only be specified for the OTLP_HTTP or OTLP_GRPC exporter type.
    path: ""
    # -- Whether to disable TLS.
    # This can only be specified for OTLP_HTTP exporter type.
    insecure: false
    # -- Trace sample ratio.
    traceRatio: 0.1
  # -- Redact sensitive information such as topic names, before adding to to metrics, traces and logs.
  # Supports [NONE, OPAQUE, OMITTED]
  sensitiveInformationRedaction: "NONE"
bufstream:
  service:
    # -- Whether to create a Kubernetes Service for this bufstream deployment.
    enabled: true
    # -- Kubernetes Service type.
    type: ClusterIP
    # -- Kubernetes Service annotations.
    annotations: {}
  serviceAccount:
    # -- Whether to create a Kubernetes Service Account for this bufstream deployment.
    create: true
    # -- Kubernetes Service Account name.
    name: bufstream-service-account
    # -- Kubernetes Service Account annotations.
    annotations: {}
  deployment:
    # -- Bufstream Deployment kind.
    # Supports [Deployment, StatefulSet]
    kind: StatefulSet
    # -- Bufstream Deployment command.
    # @default -- `["/usr/local/bin/bufstream"]`
    command: []
    # -- Bufstream Deployment args to be appended.
    args: []
    # -- Bufstream Deployment replica count.
    replicaCount: 3
    # -- Bufstream Deployment Pod annotations.
    podAnnotations: {}
    # -- Bufstream Deployment Selector labels.
    selectorLabels: {}
    # -- Bufstream Deployment Pod labels.
    podLabels: {}
    # -- Bufstream Deployment pod management policy to use when StatefulSet kind is used.
    podManagementPolicy: Parallel
    # -- Bufstream Deployment service name to link for per pod DNS registration when StatefulSet kind is used.
    serviceName: ""

    resources:
      requests:
        # -- Bufstream Deployment Resource request CPU.
        cpu: 2
        # -- Bufstream Deployment Resource request memory.
        memory: 8Gi
      limits:
        # -- Bufstream Deployment Resource request CPU.
        cpu: ""
        # -- Bufstream Deployment Resource limits memory.
        memory: 8Gi
    # -- Bufstream Deployment Node selector.
    nodeSelector: {}
    # -- Bufstream Deployment Affinity.
    affinity: {}
    # -- Bufstream Deployment Tolerations.
    tolerations: []
    # -- Bufstream Deployment Extra environment variables for the bufstream container.
    extraEnv: []
    # -- Bufstream Deployment Extra volume mounts for the bufstream container.
    extraVolumeMounts: []
    # -- Bufstream Deployment Extra volumes.
    extraVolumes: []
    # -- Bufstream Deployment Extra container ports for the bufstream container.
    extraContainerPorts: {}
    # -- Bufstream Deployment additional containers to run besides the bufstream container.
    extraContainers: []
    livenessProbe:
      # -- Bufstream Deployment Liveness Probe Maximum failure threshold.
      failureThreshold: 3
      # -- Bufstream Deployment Liveness Probe timeout.
      timeoutSeconds: 5
    readinessProbe:
      # -- Bufstream Deployment Readiness Probe Maximum failure threshold.
      failureThreshold: 3
      # -- Bufstream Deployment Readiness Probe timeout.
      timeoutSeconds: 5
    startupProbe:
      # -- Bufstream Deployment Liveness Probe Configuration
      failureThreshold: 3
    # -- Bufstream Deployment termination grace period.
    terminationGracePeriodSeconds: 420 # 7 minutes
    # -- Bufstream Deployment setting for sharing the process namespace.
    shareProcessNamespace: false
    autoscaling:
      # -- Whether to enable the horizontal pod autoscaler.
      enabled: false
      # -- Minimum number of autoscaler allowed replicas.
      minReplicas: 6
      # -- Maximum number of autoscaler allowed replicas.
      maxReplicas: 18
      # -- Target CPU threshold for managing replica count.
      targetCPU: "50"
      # -- Target memory threshold for managing replica count.
      targetMemory: ""
      # -- [Horizontal Pod Autoscaler behavior.](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#configurable-scaling-behavior)
      behavior: {}
  controlServerService:
    # -- Whether to create a Kubernetes Headless Service for the Bufstream Control Server (inter-agent RPC server using the Connect protocol).
    enabled: false
    # -- Kubernetes Service annotations.
    annotations: {}
  podDisruptionBudget:
    # -- Whether to enable pod disruption budget.
    enabled: false
    # -- Number of pods that are available after eviction as number or percentage (eg.: 50%).
    # @default -- `""` (defaults to 0 if not specified)
    minAvailable: ""
    # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). Has higher precedence over `minAvailable`
    maxUnavailable: ""
  image:
    # -- Bufstream Deployment container image repository.
    repository: us-docker.pkg.dev/buf-images-1/bufstream-public/images/bufstream
    # -- Overrides the image tag whose default is the chart version.
    tag: "latest"
    # -- Bufstream Deployment container image pull policy.
    pullPolicy: IfNotPresent
# -- Extra Kubernetes objects to install as part of this chart.
extraObjects: []
# -- Bufstream configuration overrides. Any value here will be set directly on the bufstream config.yaml, taking precedence over any other helm defined values.
configOverrides: {}

To configure Bufstream with recommended, cloud-specific settings, consult the AWS and GCP documentation.