Helm chart configuration options

replicaCount

Number of Portainer service replicas (always set to 1).

1

enterpriseEdition.enabled

If enterpriseEdition is enabled, then use the values here instead of those in .image

true

enterpriseEdition.image.repository

Portainer Docker Hub repository.

portainer/portainer-ee

enterpriseEdition.image.tag

Tag for the Portainer image.

latest

enterpriseEdition.image.pullPolicy

Portainer image-pulling policy.

Always

image.repository

Portainer Docker Hub repository.

portainer/portainer-ce

image.tag

Tag for the Portainer image.

latest

image.pullPolicy

Portainer image-pulling policy.

Always

imagePullSecrets

If the Portainer image needs to be in a private repository.

[]

nodeSelector

Used to apply a nodeSelector to the deployment.

{}

tolerations

Defines any Kubernetes taints that the Portainer pod is allowed to tolerate.

[]

serviceAccount.annotations

Annotations to add to the service account.

{}

serviceAccount.name

The name of the service account to use.

portainer-sa-clusteradmin

localMgmt

Provides the ability to enable or disable RBAC-related resources during the deployment of the Portainer application.

If you are using Portainer to manage the K8s cluster it is deployed to, this flag must be set to true.

true

service.type

Service type for the main Portainer Service. Valid values: ClusterIP, NodePort, LoadBalancer.

NodePort

service.httpPort

HTTP port for accessing the Portainer web interface.

9000

service.httpsPort

HTTPS port for accessing the Portainer web interface.

9443

service.httpNodePort

Static HTTP NodePort for accessing the Portainer web interface. Specify only if the type is NodePort.

30777

service.edgePort

TCP port for accessing Portainer Edge.

8000

service.edgeNodePort

Static NodePort for accessing Portainer Edge. Specify only if the type is NodePort.

30776

service.httpsNodePort

Static HTTPS NodePort for accessing the Portainer web interface. Specify only if the type is NodePort.

30779

service.annotations

Annotations to add to the service.

{}

tls.force

If true, Portainer will be configured to use TLS only

false

tls.existingSecret

If set, will mount the existing secret into the pod

""

trusted_origins.enabled

If true, Portainer will be configured to trust the domains specified in domains

false

trusted_origins.domains

specify (in a comma-separated list) the domain(s) used to access Portainer when it is behind a reverse proxy. For example: portainer.mydomain.com,portainer.example.com

""

mtls.enable

If set, Portainer will be configured to trust the domains specified in domains

false

mtls.existingSecret

If set, will mount the existing secret into the pod

""

dbEncryption.existingSecret

If set, will mount the existing secret into the pod to enable Portainer database encryption.

WARNING: Enabling database encryption is a non-reversible change.

""

AdminPassword.existingSecret

If set, will mount the existing secret into the pod and pass --admin-password-file to Portainer.

The secret must contain a key named 'password' holding the plain text password.

""

feature.flags

Used to enable or disable Portainer feature flags at container start

[]

ingress.enabled

Creates an ingress for Portainer.

false

ingress.ingressClassName

Sets the ingressClassName field on the Kubernetes Ingress object so the correct controller picks it up.

""

ingress.annotations

Annotations to add to the ingress. For example: kubernetes.io/ingress.class: nginx

{}

ingress.hosts.host

URL for Portainer Web. For example, portainer.example.io.

nil

ingress.hosts.paths

Path for the Portainer web interface.

[]

ingress.tls

TLS support on ingress. Must create a secret with TLS certificates in advance.

[]

extraEnv

Extra environment variables to set on the Portainer container.

[]

resources

Portainer resource requests and limits.

{}

persistence.enabled

Whether or not to enable data persistence.

true

persistence.existingClaim

Name of an existing PVC to use for data persistence.

default

persistence.size

Size of the PVC used for persistence.

10Gi

persistence.annotations

Annotations to apply to PVC used for persistence.

{}

persistence.storageClass

StorageClass to apply to PVC used for persistence.

default