Skip to main content
Version: 3.11

Configure a Custom Values File for Scalar Manager

This document provides instructions on how to configure a custom values file for the Scalar Manager Helm Chart. For details about the available parameters, see the README in the Scalar Manager chart repository.

Required configurations​

This section describes the service, image, and Scalar Manager configurations that you must include in the Scalar Manager values file.

Service configurations​

You must configure web.service.type to define the Kubernetes Service resource type. To use a load balancer that cloud service providers offer for exposing the service, set web.service.type to LoadBalancer.

web:
service:
type: LoadBalancer
# other web configurations

Security considerations for exposing Scalar Manager​

Setting web.service.type to LoadBalancer exposes Scalar Manager externally via HTTP by default, which creates security risks on untrusted networks due to unencrypted traffic. If external access is not required, using a private network or properly configuring network access to your Kubernetes cluster is recommended.

Scalar Manager supports authentication and authorization mechanisms. You can configure these mechanisms to ensure authorized actions for features like scheduling jobs to pause Scalar products. For details, see Authentication configuration for Scalar Manager.

Container image configurations​

You must configure api.image.repository and web.image.repository. These settings specify the Scalar Manager container images, ensuring you can pull them from the container repository.

api:
image:
repository: <SCALAR_MANAGER_API_IMAGE>
web:
image:
repository: <SCALAR_MANAGER_WEB_IMAGE>

Optional configurations​

This section describes optional configurations for customizing the Scalar Manager values file.

Scalar Manager configurations (optional based on your environment)​

You can override the api.applicationProperties setting to modify the default Scalar Manager configurations.

api:
applicationProperties: |
prometheus.kubernetes-service-label-name="app"
prometheus.kubernetes-service-label-value="kube-prometheus-stack-prometheus"
prometheus.kubernetes-service-port-name="http-web"
# other application properties

Scalar Manager includes default configurations to discover Scalar product deployments and the Prometheus service within the cluster. In most scenarios, especially when following the guides to deploy kube-prometheus-stack and loki-stack, these default configurations are sufficient and do not require modification.

Configurable properties in api.applicationProperties​

The configurations for Scalar Manager are in the format of Java application properties, which are key=value pairs. These application properties can be set by using the api.applicationProperties custom value in the Scalar Manager Helm Chart.

NameDescriptionDefault Value
prometheus.kubernetes-service-label-nameThe label name used to discover the Prometheus service in Kubernetesapp
prometheus.kubernetes-service-label-valueThe label value corresponding to prometheus.kubernetes-service-label-namekube-prometheus-stack-prometheus
prometheus.kubernetes-service-port-nameThe port name used to discover the Prometheus service port in Kuberneteshttp-web
springdoc.swagger-ui.enabledWhether to enable the Swagger UI or notfalse
springdoc.swagger-ui.pathThe path of the Swagger UI/swagger-ui.html
app.cors.allowed-originsThe allowed origins for CORS*
app.cors.allowed-methodsThe allowed methods for CORS*
app.cors.allowed-headersThe allowed headers for CORS*
authentication.providers.static-jwt.secretSecret key used for signing JWT tokens; minimum 32 charactersexample-jwt-secret-with-minimum-32-characters
authentication.providers.static-jwt.issuer-uriThe issuer URI of the JWT tokenshttps://scalar-manager.example.com
authentication.providers.static-jwt.access-token-expiration-timeThe expiration time of the access token1h
authentication.providers.static-jwt.refresh-token-expiration-timeThe expiration time of the refresh token3d
app.initial-admin-user.enabledWhether to enable the initial admin user or nottrue
app.initial-admin-user.emailThe email address of the initial admin useradmin@example.com
app.initial-admin-user.nameThe name of the initial admin userAdministrator
app.initial-admin-user.passwordThe password of the initial admin userPassword@123!
spring.jpa.hibernate.ddl-autoThe DDL mode for Hibernateupdate
spring.jpa.show-sqlWhether to show the SQL queryfalse
spring.jpa.properties.hibernate.format_sqlWhether to format the SQL queryfalse
spring.datasource.urlThe URL of the databasejdbc:postgresql://scalar-manager-postgres-postgresql:5432/scalar-manager
spring.datasource.usernameThe username of the databasescalar-manager
spring.datasource.passwordThe password of the databasescalar-manager
spring.datasource.driver-class-nameThe driver class name of the databaseorg.postgresql.Driver
note

There are more configurations that you can set in api.applicationProperties regarding the JPA, Hibernate, and Spring Data. If you're familiar with these configurations, you can set them to customize the database connection and the behavior of Scalar Manager.

Authentication configuration for Scalar Manager​

By default, to access Scalar Manager, you need to authenticate by using a username and password.

The following are the prerequisites for setting up authentication:

  • You need to have a PostgreSQL database, either your own or one that a cloud service provider hosts. For example, you can use the Bitnami package for PostgreSQL to deploy a PostgreSQL database in your Kubernetes cluster.
  • You must set the authentication.providers.static-jwt.secret configuration. This configuration is used for signing JWT tokens, and the minimum length of the secret is 32 characters.

The following is an example of the additional configurations you need to set in the api.applicationProperties to apply the above prerequisites. Be sure to change the configurations to match your environment.

# JWT configuration
# Secret key used for signing JWT tokens, minimum 32 characters
authentication.providers.static-jwt.secret=${AUTHENTICATION_PROVIDERS_STATIC_JWT_SECRET:example-jwt-secret-with-minimum-32-characters}
authentication.providers.static-jwt.issuer-uri=${AUTHENTICATION_PROVIDERS_STATIC_JWT_ISSUER_URI:https://scalar-manager.example.com}
authentication.providers.static-jwt.access-token-expiration-time=${AUTHENTICATION_PROVIDERS_STATIC_JWT_ACCESS_TOKEN_EXPIRATION_TIME:1h}
authentication.providers.static-jwt.refresh-token-expiration-time=${AUTHENTICATION_PROVIDERS_STATIC_JWT_REFRESH_TOKEN_EXPIRATION_TIME:3d}

# Initial admin configuration
app.initial-admin-user.enabled=${APP_INITIAL_ADMIN_USER_ENABLED:true}
app.initial-admin-user.email=${APP_INITIAL_ADMIN_USER_EMAIL:admin@example.com}
app.initial-admin-user.name=${APP_INITIAL_ADMIN_USER_NAME:Administrator}
app.initial-admin-user.password=${APP_INITIAL_ADMIN_USER_PASSWORD:Password@123!}

# JPA configuration
spring.jpa.hibernate.ddl-auto=${SPRING_JPA_HIBERNATE_DDL_AUTO:update}
spring.jpa.show-sql=${SPRING_JPA_SHOW_SQL:false}
spring.jpa.properties.hibernate.format_sql=${SPRING_JPA_PROPERTIES_HIBERNATE_FORMAT_SQL:false}

# Database configuration
spring.datasource.url=jdbc:postgresql://${DATABASE_HOST:scalar-manager-postgres-postgresql}:${DATABASE_PORT:5432}/${DATABASE_NAME:scalar-manager}
spring.datasource.username=${DATABASE_USERNAME:scalar-manager}
spring.datasource.password=${DATABASE_PASSWORD:scalar-manager}
spring.datasource.driver-class-name=org.postgresql.Driver
Service discovery​

Scalar Manager uses labels to discover the Prometheus service in Kubernetes, and then uses the port name to connect to them. You can modify the labels and the port name by setting the prometheus.kubernetes-service-label-name, prometheus.kubernetes-service-label-value, and prometheus.kubernetes-service-port-name configurations.

In general, you don't need to modify these configurations. However, if you customized the labels or port names of the Prometheus service when installing their Helm Charts, you should adjust these configurations to match your customizations.

Configurable environment variables in web.env​

NameDescriptionDefault Value
GRAFANA_SERVER_URLThe URL of the Grafana service in the Kubernetes clusterhttp://scalar-monitoring-grafana.monitoring.svc.cluster.local:3000

Currently, the GRAFANA_SERVER_URL variable can be set in web.env to customize the proxy from the Scalar Manager web UI to the Grafana UI. By default, the variable is set to the Grafana service scalar-monitoring-grafana installed in the monitoring namespace. If you have installed Grafana in different namespace or have changed the name of the Grafana service, you will need to update the GRAFANA_SERVER_URL variable accordingly.