diff --git a/deploy/kubernetes/dolphinscheduler/templates/configmap.yaml b/deploy/kubernetes/dolphinscheduler/templates/configmap.yaml
index 52c2730341..66ea53854b 100644
--- a/deploy/kubernetes/dolphinscheduler/templates/configmap.yaml
+++ b/deploy/kubernetes/dolphinscheduler/templates/configmap.yaml
@@ -22,6 +22,16 @@ metadata:
app.kubernetes.io/name: {{ include "dolphinscheduler.fullname" . }}-common
{{- include "dolphinscheduler.common.labels" . | nindent 4 }}
data:
+ {{- if and .Values.api.taskTypeFilter.enabled }}
+ task-type-config.yaml: |-
+ {{- if .Values.api.taskTypeFilter.task }}
+ task:
+ {{- range $key, $value := .Values.api.taskTypeFilter.task }}
+ {{ $key }}:
+ {{- toYaml $value | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
common_properties: |-
{{- if index .Values.conf "common" }}
{{- range $key, $value := index .Values.conf "common" }}
diff --git a/deploy/kubernetes/dolphinscheduler/templates/deployment-dolphinscheduler-api.yaml b/deploy/kubernetes/dolphinscheduler/templates/deployment-dolphinscheduler-api.yaml
index 9e3b0028b4..c2770cfd98 100644
--- a/deploy/kubernetes/dolphinscheduler/templates/deployment-dolphinscheduler-api.yaml
+++ b/deploy/kubernetes/dolphinscheduler/templates/deployment-dolphinscheduler-api.yaml
@@ -116,6 +116,11 @@ spec:
- name: config-volume
mountPath: /opt/dolphinscheduler/conf/common.properties
subPath: common_properties
+ {{- if .Values.api.taskTypeFilter.enabled }}
+ - name: config-volume
+ mountPath: /opt/dolphinscheduler/conf/task-type-config.yaml
+ subPath: task-type-config.yaml
+ {{- end }}
{{- include "dolphinscheduler.sharedStorage.volumeMount" . | nindent 12 }}
{{- include "dolphinscheduler.fsFileResource.volumeMount" . | nindent 12 }}
{{- include "dolphinscheduler.ldap.ssl.volumeMount" . | nindent 12 }}
diff --git a/deploy/kubernetes/dolphinscheduler/values.yaml b/deploy/kubernetes/dolphinscheduler/values.yaml
index d374ab878b..893ab94b4e 100644
--- a/deploy/kubernetes/dolphinscheduler/values.yaml
+++ b/deploy/kubernetes/dolphinscheduler/values.yaml
@@ -692,6 +692,24 @@ api:
annotations: {}
env:
JAVA_OPTS: "-Xms512m -Xmx512m -Xmn256m"
+ taskTypeFilter:
+ # -- Enable or disable the task type filter
+ # -- If set to true, the API-Server will return tasks of a specific type set in api.taskTypeFilter.task
+ # -- Note: This feature only filters tasks to return a specific type on the WebUI. However, you can still create any task that DolphinScheduler supports via the API.
+ enabled: false
+ # -- @param taskTypeFilter.taskType task type
+ # -- ref: https://github.com/apache/dolphinscheduler/blob/dev/dolphinscheduler-api/src/main/resources/task-type-config.yaml
+ task: {}
+ # example task sets
+ # universal:
+ # - 'SQL'
+ # cloud: []
+ # logic: []
+ # dataIntegration: []
+ # dataQuality: []
+ # machineLearning: []
+ # other: []
+
ingress:
enabled: false
diff --git a/docs/docs/en/guide/installation/kubernetes.md b/docs/docs/en/guide/installation/kubernetes.md
index a87a2df222..cde75ad529 100644
--- a/docs/docs/en/guide/installation/kubernetes.md
+++ b/docs/docs/en/guide/installation/kubernetes.md
@@ -528,257 +528,259 @@ helm install dolphinscheduler-gpu-worker . \
## Appendix-Configuration
-| Parameter | Description | Default |
-|----------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------|
-| `timezone` | World time and date for cities in all time zones | `Asia/Shanghai` |
-|
| | |
-| `image.repository` | Docker image repository for the DolphinScheduler | `apache/dolphinscheduler` |
-| `image.tag` | Docker image version for the DolphinScheduler | `latest` |
-| `image.pullPolicy` | Image pull policy. Options: Always, Never, IfNotPresent | `IfNotPresent` |
-| `image.pullSecret` | Image pull secret. An optional reference to secret in the same namespace to use for pulling any of the images | `nil` |
-|
| | |
-| `postgresql.enabled` | If not exists external PostgreSQL, by default, the DolphinScheduler will use a internal PostgreSQL | `true` |
-| `postgresql.postgresqlUsername` | The username for internal PostgreSQL | `root` |
-| `postgresql.postgresqlPassword` | The password for internal PostgreSQL | `root` |
-| `postgresql.postgresqlDatabase` | The database for internal PostgreSQL | `dolphinscheduler` |
-| `postgresql.persistence.enabled` | Set `postgresql.persistence.enabled` to `true` to mount a new volume for internal PostgreSQL | `false` |
-| `postgresql.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
-| `postgresql.persistence.storageClass` | PostgreSQL data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `minio.enabled` | Deploy minio and configure it as the default storage for DolphinScheduler, note this is for demo only, not for production. | `false` |
-| `externalDatabase.type` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database type will use it | `postgresql` |
-| `externalDatabase.driver` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database driver will use it | `org.postgresql.Driver` |
-| `externalDatabase.host` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database host will use it | `localhost` |
-| `externalDatabase.port` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database port will use it | `5432` |
-| `externalDatabase.username` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database username will use it | `root` |
-| `externalDatabase.password` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database password will use it | `root` |
-| `externalDatabase.database` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database database will use it | `dolphinscheduler` |
-| `externalDatabase.params` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database params will use it | `characterEncoding=utf8` |
-|
| | |
-| `zookeeper.enabled` | If not exists external ZooKeeper, by default, the DolphinScheduler will use a internal ZooKeeper | `true` |
-| `zookeeper.service.port` | The port of zookeeper | `2181` |
-| `zookeeper.fourlwCommandsWhitelist` | A list of comma separated Four Letter Words commands to use | `srvr,ruok,wchs,cons` |
-| `zookeeper.persistence.enabled` | Set `zookeeper.persistence.enabled` to `true` to mount a new volume for internal ZooKeeper | `false` |
-| `zookeeper.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
-| `zookeeper.persistence.storageClass` | ZooKeeper data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `registryEtcd.enabled` | If you want to use Etcd for your registry center, change this value to true. And set `zookeeper.enabled` to false | `false` |
-| `registryEtcd.endpoints` | Etcd endpoints | `""` |
-| `registryEtcd.namespace` | Etcd namespace | `dolphinscheduler` |
-| `registryEtcd.user` | Etcd user | `""` |
-| `registryEtcd.passWord` | Etcd passWord | `""` |
-| `registryEtcd.authority` | Etcd authority | `""` |
-| `registryEtcd.ssl.enabled` | If your Etcd server has configured with ssl, change this value to true. About certification files you can see [here](https://github.com/etcd-io/jetcd/blob/main/docs/SslConfig.md) for how to convert. | `false` |
-| `registryEtcd.ssl.certFile` | CertFile file path | `etcd-certs/ca.crt` |
-| `registryEtcd.ssl.keyCertChainFile` | keyCertChainFile file path | `etcd-certs/client.crt` |
-| `registryEtcd.ssl.keyFile` | keyFile file path | `etcd-certs/client.pem` |
-| `registryJdbc.enabled` | If you want to use JDbc for your registry center, change this value to true. And set `zookeeper.enabled` and `registryEtcd.enabled` to false | `false` |
-| `registryJdbc.termRefreshInterval` | Used to schedule refresh the ephemeral data/ lock | `2s` |
-| `registryJdbc.termExpireTimes` | Used to calculate the expire time | `3` |
-| `registryJdbc.hikariConfig.driverClassName` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `com.mysql.cj.jdbc.Driver` |
-| `registryJdbc.hikariConfig.jdbcurl` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `jdbc:mysql://` |
-| `registryJdbc.hikariConfig.username` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
-| `registryJdbc.hikariConfig.password` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
-| `externalRegistry.registryPluginName` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry plugin name | `zookeeper` |
-| `externalRegistry.registryServers` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry servers | `127.0.0.1:2181` |
-|
| | `PASSWORD` |
-| `security.authentication.type` | Authentication types (supported types: PASSWORD,LDAP,CASDOOR_SSO) | `ldap://ldap.forumsys.com:389/` |
-| `security.authentication.ldap.urls` | LDAP urls | `dc=example,dc=com` |
-| `security.authentication.ldap.basedn` | LDAP base dn | `cn=read-only-admin,dc=example,dc=com` |
-| `security.authentication.ldap.username` | LDAP username | `password` |
-| `security.authentication.ldap.password` | LDAP password | `read-only-admin` |
-| `security.authentication.ldap.user.admin` | Admin user account when you log-in with LDAP | `uid` |
-| `security.authentication.ldap.user.identityattribute` | LDAP user identity attribute | `mail` |
-| `security.authentication.ldap.user.emailattribute` | LDAP user email attribute | `CREATE` |
-| `security.authentication.ldap.user.notexistaction` | action when ldap user is not exist,default value: CREATE. Optional values include(CREATE,DENY) | `false` |
-| `security.authentication.ldap.ssl.enable` | LDAP ssl switch | `false` |
-| `security.authentication.ldap.ssl.truststore` | LDAP jks file absolute path, do not change this value | `/opt/ldapkeystore.jks` |
-| `security.authentication.ldap.ssl.jksbase64content` | LDAP jks file base64 content | `""` |
-| `security.authentication.ldap.ssl.truststorepassword` | LDAP jks password | `""` |
-|
| | |
-| `common.configmap.DOLPHINSCHEDULER_OPTS` | The jvm options for dolphinscheduler, suitable for all servers | `""` |
-| `common.configmap.DATA_BASEDIR_PATH` | User data directory path, self configuration, please make sure the directory exists and have read write permissions | `/tmp/dolphinscheduler` |
-| `common.configmap.RESOURCE_STORAGE_TYPE` | Resource storage type: HDFS, S3, OSS, GCS, ABS, NONE | `HDFS` |
-| `common.configmap.RESOURCE_UPLOAD_PATH` | Resource store on HDFS/S3 path, please make sure the directory exists on hdfs and have read write permissions | `/dolphinscheduler` |
-| `common.configmap.FS_DEFAULT_FS` | Resource storage file system like `file:///`, `hdfs://mycluster:8020` or `s3a://dolphinscheduler` | `file:///` |
-| `common.configmap.FS_S3A_ENDPOINT` | S3 endpoint when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `s3.xxx.amazonaws.com` |
-| `common.configmap.FS_S3A_ACCESS_KEY` | S3 access key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
-| `common.configmap.FS_S3A_SECRET_KEY` | S3 secret key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
-| `common.configmap.HADOOP_SECURITY_AUTHENTICATION_STARTUP_STATE` | Whether to startup kerberos | `false` |
-| `common.configmap.JAVA_SECURITY_KRB5_CONF_PATH` | The java.security.krb5.conf path | `/opt/krb5.conf` |
-| `common.configmap.LOGIN_USER_KEYTAB_USERNAME` | The login user from keytab username | `hdfs@HADOOP.COM` |
-| `common.configmap.LOGIN_USER_KEYTAB_PATH` | The login user from keytab path | `/opt/hdfs.keytab` |
-| `common.configmap.KERBEROS_EXPIRE_TIME` | The kerberos expire time, the unit is hour | `2` |
-| `common.configmap.HDFS_ROOT_USER` | The HDFS root user who must have the permission to create directories under the HDFS root path | `hdfs` |
-| `common.configmap.RESOURCE_MANAGER_HTTPADDRESS_PORT` | Set resource manager httpaddress port for yarn | `8088` |
-| `common.configmap.YARN_RESOURCEMANAGER_HA_RM_IDS` | If resourcemanager HA is enabled, please set the HA IPs | `nil` |
-| `common.configmap.YARN_APPLICATION_STATUS_ADDRESS` | If resourcemanager is single, you only need to replace ds1 to actual resourcemanager hostname, otherwise keep default | `http://ds1:%s/ws/v1/cluster/apps/%s` |
-| `common.configmap.HADOOP_HOME` | Set `HADOOP_HOME` for DolphinScheduler's task environment | `/opt/soft/hadoop` |
-| `common.configmap.HADOOP_CONF_DIR` | Set `HADOOP_CONF_DIR` for DolphinScheduler's task environment | `/opt/soft/hadoop/etc/hadoop` |
-| `common.configmap.SPARK_HOME` | Set `SPARK_HOME` for DolphinScheduler's task environment | `/opt/soft/spark` |
-| `common.configmap.PYTHON_LAUNCHER` | Set `PYTHON_LAUNCHER` for DolphinScheduler's task environment | `/usr/bin/python` |
-| `common.configmap.JAVA_HOME` | Set `JAVA_HOME` for DolphinScheduler's task environment | `/opt/java/openjdk` |
-| `common.configmap.HIVE_HOME` | Set `HIVE_HOME` for DolphinScheduler's task environment | `/opt/soft/hive` |
-| `common.configmap.FLINK_HOME` | Set `FLINK_HOME` for DolphinScheduler's task environment | `/opt/soft/flink` |
-| `common.configmap.DATAX_LAUNCHER` | Set `DATAX_LAUNCHER` for DolphinScheduler's task environment | `/opt/soft/datax` |
-| `common.sharedStoragePersistence.enabled` | Set `common.sharedStoragePersistence.enabled` to `true` to mount a shared storage volume for Hadoop, Spark binary and etc | `false` |
-| `common.sharedStoragePersistence.mountPath` | The mount path for the shared storage volume | `/opt/soft` |
-| `common.sharedStoragePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
-| `common.sharedStoragePersistence.storageClassName` | Shared Storage persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
-| `common.sharedStoragePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
-| `common.fsFileResourcePersistence.enabled` | Set `common.fsFileResourcePersistence.enabled` to `true` to mount a new file resource volume for `api` and `worker` | `false` |
-| `common.fsFileResourcePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
-| `common.fsFileResourcePersistence.storageClassName` | Resource persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
-| `common.fsFileResourcePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `master.enabled` | Enable or disable the Master component | true |
-| `master.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
-| `master.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
-| `master.annotations` | The `annotations` for master server | `{}` |
-| `master.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `master.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `master.tolerations` | If specified, the pod's tolerations | `{}` |
-| `master.resources` | The `resource` limit and request config for master server | `{}` |
-| `master.env.JAVA_OPTS` | The jvm options for master server | `-Xms1g -Xmx1g -Xmn512m` |
-| `master.env.MASTER_EXEC_THREADS` | Master execute thread number to limit process instances | `100` |
-| `master.env.MASTER_EXEC_TASK_NUM` | Master execute task number in parallel per process instance | `20` |
-| `master.env.MASTER_DISPATCH_TASK_NUM` | Master dispatch task number per batch | `3` |
-| `master.env.MASTER_HOST_SELECTOR` | Master host selector to select a suitable worker, optional values include Random, RoundRobin, LowerWeight | `LowerWeight` |
-| `master.env.MASTER_HEARTBEAT_INTERVAL` | Master heartbeat interval, the unit is second | `10s` |
-| `master.env.MASTER_TASK_COMMIT_RETRYTIMES` | Master commit task retry times | `5` |
-| `master.env.MASTER_TASK_COMMIT_INTERVAL` | master commit task interval, the unit is second | `1s` |
-| `master.env.MASTER_MAX_CPULOAD_AVG` | Master max cpuload avg, only higher than the system cpu load average, master server can schedule | `-1` (`the number of cpu cores * 2`) |
-| `master.env.MASTER_RESERVED_MEMORY` | Master reserved memory, only lower than system available memory, master server can schedule, the unit is G | `0.3` |
-| `master.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `master.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `master.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `master.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `master.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `master.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `master.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `master.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `master.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `master.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `master.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `master.persistentVolumeClaim.enabled` | Set `master.persistentVolumeClaim.enabled` to `true` to mount a new volume for `master` | `false` |
-| `master.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `master.persistentVolumeClaim.storageClassName` | `Master` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `master.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `worker.enabled` | Enable or disable the Worker component | true |
-| `worker.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
-| `worker.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
-| `worker.annotations` | The `annotations` for worker server | `{}` |
-| `worker.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `worker.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `worker.tolerations` | If specified, the pod's tolerations | `{}` |
-| `worker.resources` | The `resource` limit and request config for worker server | `{}` |
-| `worker.env.WORKER_EXEC_THREADS` | Worker execute thread number to limit task instances | `100` |
-| `worker.env.WORKER_HEARTBEAT_INTERVAL` | Worker heartbeat interval, the unit is second | `10s` |
-| `worker.env.WORKER_MAX_CPU_LOAD_AVG` | Worker max cpu load avg, only higher than the system cpu load average, worker server can be dispatched tasks | `-1` (`the number of cpu cores * 2`) |
-| `worker.env.WORKER_RESERVED_MEMORY` | Worker reserved memory, only lower than system available memory, worker server can be dispatched tasks, the unit is G | `0.3` |
-| `worker.env.HOST_WEIGHT` | Worker host weight to dispatch tasks | `100` |
-| `worker.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `worker.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `worker.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `worker.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `worker.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `worker.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `worker.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `worker.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `worker.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `worker.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `worker.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `worker.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `worker.persistentVolumeClaim.enabled` | Set `worker.persistentVolumeClaim.enabled` to `true` to enable `persistentVolumeClaim` for `worker` | `false` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.dataPersistentVolume.enabled` to `true` to mount a data volume for `worker` | `false` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.storageClassName` | `Worker` data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.logsPersistentVolume.enabled` to `true` to mount a logs volume for `worker` | `false` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.storageClassName` | `Worker` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `alert.enabled` | Enable or disable the Alert-Server component | true |
-| `alert.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
-| `alert.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
-| `alert.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
-| `alert.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
-| `alert.annotations` | The `annotations` for alert server | `{}` |
-| `alert.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `alert.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `alert.tolerations` | If specified, the pod's tolerations | `{}` |
-| `alert.resources` | The `resource` limit and request config for alert server | `{}` |
-| `alert.configmap.ALERT_SERVER_OPTS` | The jvm options for alert server | `-Xms512m -Xmx512m -Xmn256m` |
-| `alert.configmap.XLS_FILE_PATH` | XLS file path | `/tmp/xls` |
-| `alert.configmap.MAIL_SERVER_HOST` | Mail `SERVER HOST ` | `nil` |
-| `alert.configmap.MAIL_SERVER_PORT` | Mail `SERVER PORT` | `nil` |
-| `alert.configmap.MAIL_SENDER` | Mail `SENDER` | `nil` |
-| `alert.configmap.MAIL_USER` | Mail `USER` | `nil` |
-| `alert.configmap.MAIL_PASSWD` | Mail `PASSWORD` | `nil` |
-| `alert.configmap.MAIL_SMTP_STARTTLS_ENABLE` | Mail `SMTP STARTTLS` enable | `false` |
-| `alert.configmap.MAIL_SMTP_SSL_ENABLE` | Mail `SMTP SSL` enable | `false` |
-| `alert.configmap.MAIL_SMTP_SSL_TRUST` | Mail `SMTP SSL TRUST` | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_ENABLE` | `Enterprise Wechat` enable | `false` |
-| `alert.configmap.ENTERPRISE_WECHAT_CORP_ID` | `Enterprise Wechat` corp id | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_SECRET` | `Enterprise Wechat` secret | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_AGENT_ID` | `Enterprise Wechat` agent id | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_USERS` | `Enterprise Wechat` users | `nil` |
-| `alert.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `alert.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `alert.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `alert.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `alert.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `alert.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `alert.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `alert.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `alert.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `alert.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `alert.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `alert.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `alert.persistentVolumeClaim.enabled` | Set `alert.persistentVolumeClaim.enabled` to `true` to mount a new volume for `alert` | `false` |
-| `alert.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `alert.persistentVolumeClaim.storageClassName` | `Alert` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `alert.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `api.enabled` | Enable or disable the API-Server component | true |
-| `api.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
-| `api.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
-| `api.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
-| `api.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
-| `api.annotations` | The `annotations` for api server | `{}` |
-| `api.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `api.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `api.tolerations` | If specified, the pod's tolerations | `{}` |
-| `api.resources` | The `resource` limit and request config for api server | `{}` |
-| `api.configmap.API_SERVER_OPTS` | The jvm options for api server | `-Xms512m -Xmx512m -Xmn256m` |
-| `api.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `api.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `api.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `api.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `api.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `api.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `api.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `api.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `api.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `api.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `api.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `api.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `api.persistentVolumeClaim.enabled` | Set `api.persistentVolumeClaim.enabled` to `true` to mount a new volume for `api` | `false` |
-| `api.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `api.persistentVolumeClaim.storageClassName` | `api` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `api.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
-| `api.service.type` | `type` determines how the Service is exposed. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer | `ClusterIP` |
-| `api.service.clusterIP` | `clusterIP` is the IP address of the service and is usually assigned randomly by the master | `nil` |
-| `api.service.nodePort` | `nodePort` is the port on each node on which this service is exposed when type=NodePort | `nil` |
-| `api.service.externalIPs` | `externalIPs` is a list of IP addresses for which nodes in the cluster will also accept traffic for this service | `[]` |
-| `api.service.externalName` | `externalName` is the external reference that kubedns or equivalent will return as a CNAME record for this service | `nil` |
-| `api.service.loadBalancerIP` | `loadBalancerIP` when service.type is LoadBalancer. LoadBalancer will get created with the IP specified in this field | `nil` |
-| `api.service.annotations` | `annotations` may need to be set when service.type is LoadBalancer | `{}` |
-|
| | |
-| `ingress.enabled` | Enable ingress | `false` |
-| `ingress.host` | Ingress host | `dolphinscheduler.org` |
-| `ingress.path` | Ingress path | `/dolphinscheduler` |
-| `ingress.tls.enabled` | Enable ingress tls | `false` |
-| `ingress.tls.secretName` | Ingress tls secret name | `dolphinscheduler-tls` |
+| Parameter | Description | Default |
+|----------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------|
+| `timezone` | World time and date for cities in all time zones | `Asia/Shanghai` |
+|
| | |
+| `image.repository` | Docker image repository for the DolphinScheduler | `apache/dolphinscheduler` |
+| `image.tag` | Docker image version for the DolphinScheduler | `latest` |
+| `image.pullPolicy` | Image pull policy. Options: Always, Never, IfNotPresent | `IfNotPresent` |
+| `image.pullSecret` | Image pull secret. An optional reference to secret in the same namespace to use for pulling any of the images | `nil` |
+|
| | |
+| `postgresql.enabled` | If not exists external PostgreSQL, by default, the DolphinScheduler will use a internal PostgreSQL | `true` |
+| `postgresql.postgresqlUsername` | The username for internal PostgreSQL | `root` |
+| `postgresql.postgresqlPassword` | The password for internal PostgreSQL | `root` |
+| `postgresql.postgresqlDatabase` | The database for internal PostgreSQL | `dolphinscheduler` |
+| `postgresql.persistence.enabled` | Set `postgresql.persistence.enabled` to `true` to mount a new volume for internal PostgreSQL | `false` |
+| `postgresql.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
+| `postgresql.persistence.storageClass` | PostgreSQL data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `minio.enabled` | Deploy minio and configure it as the default storage for DolphinScheduler, note this is for demo only, not for production. | `false` |
+| `externalDatabase.type` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database type will use it | `postgresql` |
+| `externalDatabase.driver` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database driver will use it | `org.postgresql.Driver` |
+| `externalDatabase.host` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database host will use it | `localhost` |
+| `externalDatabase.port` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database port will use it | `5432` |
+| `externalDatabase.username` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database username will use it | `root` |
+| `externalDatabase.password` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database password will use it | `root` |
+| `externalDatabase.database` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database database will use it | `dolphinscheduler` |
+| `externalDatabase.params` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database params will use it | `characterEncoding=utf8` |
+|
| | |
+| `zookeeper.enabled` | If not exists external ZooKeeper, by default, the DolphinScheduler will use a internal ZooKeeper | `true` |
+| `zookeeper.service.port` | The port of zookeeper | `2181` |
+| `zookeeper.fourlwCommandsWhitelist` | A list of comma separated Four Letter Words commands to use | `srvr,ruok,wchs,cons` |
+| `zookeeper.persistence.enabled` | Set `zookeeper.persistence.enabled` to `true` to mount a new volume for internal ZooKeeper | `false` |
+| `zookeeper.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
+| `zookeeper.persistence.storageClass` | ZooKeeper data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `registryEtcd.enabled` | If you want to use Etcd for your registry center, change this value to true. And set `zookeeper.enabled` to false | `false` |
+| `registryEtcd.endpoints` | Etcd endpoints | `""` |
+| `registryEtcd.namespace` | Etcd namespace | `dolphinscheduler` |
+| `registryEtcd.user` | Etcd user | `""` |
+| `registryEtcd.passWord` | Etcd passWord | `""` |
+| `registryEtcd.authority` | Etcd authority | `""` |
+| `registryEtcd.ssl.enabled` | If your Etcd server has configured with ssl, change this value to true. About certification files you can see [here](https://github.com/etcd-io/jetcd/blob/main/docs/SslConfig.md) for how to convert. | `false` |
+| `registryEtcd.ssl.certFile` | CertFile file path | `etcd-certs/ca.crt` |
+| `registryEtcd.ssl.keyCertChainFile` | keyCertChainFile file path | `etcd-certs/client.crt` |
+| `registryEtcd.ssl.keyFile` | keyFile file path | `etcd-certs/client.pem` |
+| `registryJdbc.enabled` | If you want to use JDbc for your registry center, change this value to true. And set `zookeeper.enabled` and `registryEtcd.enabled` to false | `false` |
+| `registryJdbc.termRefreshInterval` | Used to schedule refresh the ephemeral data/ lock | `2s` |
+| `registryJdbc.termExpireTimes` | Used to calculate the expire time | `3` |
+| `registryJdbc.hikariConfig.driverClassName` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `com.mysql.cj.jdbc.Driver` |
+| `registryJdbc.hikariConfig.jdbcurl` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `jdbc:mysql://` |
+| `registryJdbc.hikariConfig.username` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
+| `registryJdbc.hikariConfig.password` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
+| `externalRegistry.registryPluginName` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry plugin name | `zookeeper` |
+| `externalRegistry.registryServers` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry servers | `127.0.0.1:2181` |
+|
| | `PASSWORD` |
+| `security.authentication.type` | Authentication types (supported types: PASSWORD,LDAP,CASDOOR_SSO) | `ldap://ldap.forumsys.com:389/` |
+| `security.authentication.ldap.urls` | LDAP urls | `dc=example,dc=com` |
+| `security.authentication.ldap.basedn` | LDAP base dn | `cn=read-only-admin,dc=example,dc=com` |
+| `security.authentication.ldap.username` | LDAP username | `password` |
+| `security.authentication.ldap.password` | LDAP password | `read-only-admin` |
+| `security.authentication.ldap.user.admin` | Admin user account when you log-in with LDAP | `uid` |
+| `security.authentication.ldap.user.identityattribute` | LDAP user identity attribute | `mail` |
+| `security.authentication.ldap.user.emailattribute` | LDAP user email attribute | `CREATE` |
+| `security.authentication.ldap.user.notexistaction` | action when ldap user is not exist,default value: CREATE. Optional values include(CREATE,DENY) | `false` |
+| `security.authentication.ldap.ssl.enable` | LDAP ssl switch | `false` |
+| `security.authentication.ldap.ssl.truststore` | LDAP jks file absolute path, do not change this value | `/opt/ldapkeystore.jks` |
+| `security.authentication.ldap.ssl.jksbase64content` | LDAP jks file base64 content | `""` |
+| `security.authentication.ldap.ssl.truststorepassword` | LDAP jks password | `""` |
+|
| | |
+| `common.configmap.DOLPHINSCHEDULER_OPTS` | The jvm options for dolphinscheduler, suitable for all servers | `""` |
+| `common.configmap.DATA_BASEDIR_PATH` | User data directory path, self configuration, please make sure the directory exists and have read write permissions | `/tmp/dolphinscheduler` |
+| `common.configmap.RESOURCE_STORAGE_TYPE` | Resource storage type: HDFS, S3, OSS, GCS, ABS, NONE | `HDFS` |
+| `common.configmap.RESOURCE_UPLOAD_PATH` | Resource store on HDFS/S3 path, please make sure the directory exists on hdfs and have read write permissions | `/dolphinscheduler` |
+| `common.configmap.FS_DEFAULT_FS` | Resource storage file system like `file:///`, `hdfs://mycluster:8020` or `s3a://dolphinscheduler` | `file:///` |
+| `common.configmap.FS_S3A_ENDPOINT` | S3 endpoint when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `s3.xxx.amazonaws.com` |
+| `common.configmap.FS_S3A_ACCESS_KEY` | S3 access key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
+| `common.configmap.FS_S3A_SECRET_KEY` | S3 secret key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
+| `common.configmap.HADOOP_SECURITY_AUTHENTICATION_STARTUP_STATE` | Whether to startup kerberos | `false` |
+| `common.configmap.JAVA_SECURITY_KRB5_CONF_PATH` | The java.security.krb5.conf path | `/opt/krb5.conf` |
+| `common.configmap.LOGIN_USER_KEYTAB_USERNAME` | The login user from keytab username | `hdfs@HADOOP.COM` |
+| `common.configmap.LOGIN_USER_KEYTAB_PATH` | The login user from keytab path | `/opt/hdfs.keytab` |
+| `common.configmap.KERBEROS_EXPIRE_TIME` | The kerberos expire time, the unit is hour | `2` |
+| `common.configmap.HDFS_ROOT_USER` | The HDFS root user who must have the permission to create directories under the HDFS root path | `hdfs` |
+| `common.configmap.RESOURCE_MANAGER_HTTPADDRESS_PORT` | Set resource manager httpaddress port for yarn | `8088` |
+| `common.configmap.YARN_RESOURCEMANAGER_HA_RM_IDS` | If resourcemanager HA is enabled, please set the HA IPs | `nil` |
+| `common.configmap.YARN_APPLICATION_STATUS_ADDRESS` | If resourcemanager is single, you only need to replace ds1 to actual resourcemanager hostname, otherwise keep default | `http://ds1:%s/ws/v1/cluster/apps/%s` |
+| `common.configmap.HADOOP_HOME` | Set `HADOOP_HOME` for DolphinScheduler's task environment | `/opt/soft/hadoop` |
+| `common.configmap.HADOOP_CONF_DIR` | Set `HADOOP_CONF_DIR` for DolphinScheduler's task environment | `/opt/soft/hadoop/etc/hadoop` |
+| `common.configmap.SPARK_HOME` | Set `SPARK_HOME` for DolphinScheduler's task environment | `/opt/soft/spark` |
+| `common.configmap.PYTHON_LAUNCHER` | Set `PYTHON_LAUNCHER` for DolphinScheduler's task environment | `/usr/bin/python` |
+| `common.configmap.JAVA_HOME` | Set `JAVA_HOME` for DolphinScheduler's task environment | `/opt/java/openjdk` |
+| `common.configmap.HIVE_HOME` | Set `HIVE_HOME` for DolphinScheduler's task environment | `/opt/soft/hive` |
+| `common.configmap.FLINK_HOME` | Set `FLINK_HOME` for DolphinScheduler's task environment | `/opt/soft/flink` |
+| `common.configmap.DATAX_LAUNCHER` | Set `DATAX_LAUNCHER` for DolphinScheduler's task environment | `/opt/soft/datax` |
+| `common.sharedStoragePersistence.enabled` | Set `common.sharedStoragePersistence.enabled` to `true` to mount a shared storage volume for Hadoop, Spark binary and etc | `false` |
+| `common.sharedStoragePersistence.mountPath` | The mount path for the shared storage volume | `/opt/soft` |
+| `common.sharedStoragePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
+| `common.sharedStoragePersistence.storageClassName` | Shared Storage persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
+| `common.sharedStoragePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
+| `common.fsFileResourcePersistence.enabled` | Set `common.fsFileResourcePersistence.enabled` to `true` to mount a new file resource volume for `api` and `worker` | `false` |
+| `common.fsFileResourcePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
+| `common.fsFileResourcePersistence.storageClassName` | Resource persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
+| `common.fsFileResourcePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `master.enabled` | Enable or disable the Master component | true |
+| `master.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
+| `master.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
+| `master.annotations` | The `annotations` for master server | `{}` |
+| `master.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `master.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `master.tolerations` | If specified, the pod's tolerations | `{}` |
+| `master.resources` | The `resource` limit and request config for master server | `{}` |
+| `master.env.JAVA_OPTS` | The jvm options for master server | `-Xms1g -Xmx1g -Xmn512m` |
+| `master.env.MASTER_EXEC_THREADS` | Master execute thread number to limit process instances | `100` |
+| `master.env.MASTER_EXEC_TASK_NUM` | Master execute task number in parallel per process instance | `20` |
+| `master.env.MASTER_DISPATCH_TASK_NUM` | Master dispatch task number per batch | `3` |
+| `master.env.MASTER_HOST_SELECTOR` | Master host selector to select a suitable worker, optional values include Random, RoundRobin, LowerWeight | `LowerWeight` |
+| `master.env.MASTER_HEARTBEAT_INTERVAL` | Master heartbeat interval, the unit is second | `10s` |
+| `master.env.MASTER_TASK_COMMIT_RETRYTIMES` | Master commit task retry times | `5` |
+| `master.env.MASTER_TASK_COMMIT_INTERVAL` | master commit task interval, the unit is second | `1s` |
+| `master.env.MASTER_MAX_CPULOAD_AVG` | Master max cpuload avg, only higher than the system cpu load average, master server can schedule | `-1` (`the number of cpu cores * 2`) |
+| `master.env.MASTER_RESERVED_MEMORY` | Master reserved memory, only lower than system available memory, master server can schedule, the unit is G | `0.3` |
+| `master.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `master.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `master.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `master.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `master.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `master.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `master.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `master.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `master.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `master.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `master.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `master.persistentVolumeClaim.enabled` | Set `master.persistentVolumeClaim.enabled` to `true` to mount a new volume for `master` | `false` |
+| `master.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `master.persistentVolumeClaim.storageClassName` | `Master` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `master.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `worker.enabled` | Enable or disable the Worker component | true |
+| `worker.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
+| `worker.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
+| `worker.annotations` | The `annotations` for worker server | `{}` |
+| `worker.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `worker.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `worker.tolerations` | If specified, the pod's tolerations | `{}` |
+| `worker.resources` | The `resource` limit and request config for worker server | `{}` |
+| `worker.env.WORKER_EXEC_THREADS` | Worker execute thread number to limit task instances | `100` |
+| `worker.env.WORKER_HEARTBEAT_INTERVAL` | Worker heartbeat interval, the unit is second | `10s` |
+| `worker.env.WORKER_MAX_CPU_LOAD_AVG` | Worker max cpu load avg, only higher than the system cpu load average, worker server can be dispatched tasks | `-1` (`the number of cpu cores * 2`) |
+| `worker.env.WORKER_RESERVED_MEMORY` | Worker reserved memory, only lower than system available memory, worker server can be dispatched tasks, the unit is G | `0.3` |
+| `worker.env.HOST_WEIGHT` | Worker host weight to dispatch tasks | `100` |
+| `worker.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `worker.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `worker.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `worker.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `worker.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `worker.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `worker.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `worker.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `worker.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `worker.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `worker.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `worker.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `worker.persistentVolumeClaim.enabled` | Set `worker.persistentVolumeClaim.enabled` to `true` to enable `persistentVolumeClaim` for `worker` | `false` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.dataPersistentVolume.enabled` to `true` to mount a data volume for `worker` | `false` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.storageClassName` | `Worker` data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.logsPersistentVolume.enabled` to `true` to mount a logs volume for `worker` | `false` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.storageClassName` | `Worker` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `alert.enabled` | Enable or disable the Alert-Server component | true |
+| `alert.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
+| `alert.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
+| `alert.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
+| `alert.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
+| `alert.annotations` | The `annotations` for alert server | `{}` |
+| `alert.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `alert.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `alert.tolerations` | If specified, the pod's tolerations | `{}` |
+| `alert.resources` | The `resource` limit and request config for alert server | `{}` |
+| `alert.configmap.ALERT_SERVER_OPTS` | The jvm options for alert server | `-Xms512m -Xmx512m -Xmn256m` |
+| `alert.configmap.XLS_FILE_PATH` | XLS file path | `/tmp/xls` |
+| `alert.configmap.MAIL_SERVER_HOST` | Mail `SERVER HOST ` | `nil` |
+| `alert.configmap.MAIL_SERVER_PORT` | Mail `SERVER PORT` | `nil` |
+| `alert.configmap.MAIL_SENDER` | Mail `SENDER` | `nil` |
+| `alert.configmap.MAIL_USER` | Mail `USER` | `nil` |
+| `alert.configmap.MAIL_PASSWD` | Mail `PASSWORD` | `nil` |
+| `alert.configmap.MAIL_SMTP_STARTTLS_ENABLE` | Mail `SMTP STARTTLS` enable | `false` |
+| `alert.configmap.MAIL_SMTP_SSL_ENABLE` | Mail `SMTP SSL` enable | `false` |
+| `alert.configmap.MAIL_SMTP_SSL_TRUST` | Mail `SMTP SSL TRUST` | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_ENABLE` | `Enterprise Wechat` enable | `false` |
+| `alert.configmap.ENTERPRISE_WECHAT_CORP_ID` | `Enterprise Wechat` corp id | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_SECRET` | `Enterprise Wechat` secret | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_AGENT_ID` | `Enterprise Wechat` agent id | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_USERS` | `Enterprise Wechat` users | `nil` |
+| `alert.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `alert.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `alert.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `alert.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `alert.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `alert.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `alert.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `alert.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `alert.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `alert.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `alert.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `alert.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `alert.persistentVolumeClaim.enabled` | Set `alert.persistentVolumeClaim.enabled` to `true` to mount a new volume for `alert` | `false` |
+| `alert.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `alert.persistentVolumeClaim.storageClassName` | `Alert` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `alert.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `api.enabled` | Enable or disable the API-Server component | true |
+| `api.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
+| `api.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
+| `api.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
+| `api.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
+| `api.annotations` | The `annotations` for api server | `{}` |
+| `api.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `api.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `api.tolerations` | If specified, the pod's tolerations | `{}` |
+| `api.resources` | The `resource` limit and request config for api server | `{}` |
+| `api.configmap.API_SERVER_OPTS` | The jvm options for api server | `-Xms512m -Xmx512m -Xmn256m` |
+| `api.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `api.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `api.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `api.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `api.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `api.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `api.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `api.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `api.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `api.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `api.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `api.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `api.persistentVolumeClaim.enabled` | Set `api.persistentVolumeClaim.enabled` to `true` to mount a new volume for `api` | `false` |
+| `api.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `api.persistentVolumeClaim.storageClassName` | `api` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `api.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
+| `api.service.type` | `type` determines how the Service is exposed. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer | `ClusterIP` |
+| `api.service.clusterIP` | `clusterIP` is the IP address of the service and is usually assigned randomly by the master | `nil` |
+| `api.service.nodePort` | `nodePort` is the port on each node on which this service is exposed when type=NodePort | `nil` |
+| `api.service.externalIPs` | `externalIPs` is a list of IP addresses for which nodes in the cluster will also accept traffic for this service | `[]` |
+| `api.service.externalName` | `externalName` is the external reference that kubedns or equivalent will return as a CNAME record for this service | `nil` |
+| `api.service.loadBalancerIP` | `loadBalancerIP` when service.type is LoadBalancer. LoadBalancer will get created with the IP specified in this field | `nil` |
+| `api.service.annotations` | `annotations` may need to be set when service.type is LoadBalancer | `{}` |
+| `api.taskTypeFilter.enabled` | Enable or disable the task type filter. If set to true, the API-Server will return tasks of a specific type set in api.taskTypeFilter.task.Note: This feature only filters tasks to return a specific type on the WebUI. However, you can still create any task that DolphinScheduler supports via the API. | `false` |
+| `api.taskTypeFilter.task` | Task type ref: [task-type-config.yaml](https://github.com/apache/dolphinscheduler/blob/dev/dolphinscheduler-api/src/main/resources/task-type-config.yaml) | `{}` |
+|
| | |
+| `ingress.enabled` | Enable ingress | `false` |
+| `ingress.host` | Ingress host | `dolphinscheduler.org` |
+| `ingress.path` | Ingress path | `/dolphinscheduler` |
+| `ingress.tls.enabled` | Enable ingress tls | `false` |
+| `ingress.tls.secretName` | Ingress tls secret name | `dolphinscheduler-tls` |
diff --git a/docs/docs/zh/guide/installation/kubernetes.md b/docs/docs/zh/guide/installation/kubernetes.md
index 5bf047d78b..f2156f36bb 100644
--- a/docs/docs/zh/guide/installation/kubernetes.md
+++ b/docs/docs/zh/guide/installation/kubernetes.md
@@ -527,257 +527,259 @@ helm install dolphinscheduler-gpu-worker . \
## 附录-配置
-| Parameter | Description | Default |
-|----------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------|
-| `timezone` | World time and date for cities in all time zones | `Asia/Shanghai` |
-|
| | |
-| `image.repository` | Docker image repository for the DolphinScheduler | `apache/dolphinscheduler` |
-| `image.tag` | Docker image version for the DolphinScheduler | `latest` |
-| `image.pullPolicy` | Image pull policy. Options: Always, Never, IfNotPresent | `IfNotPresent` |
-| `image.pullSecret` | Image pull secret. An optional reference to secret in the same namespace to use for pulling any of the images | `nil` |
-|
| | |
-| `postgresql.enabled` | If not exists external PostgreSQL, by default, the DolphinScheduler will use a internal PostgreSQL | `true` |
-| `postgresql.postgresqlUsername` | The username for internal PostgreSQL | `root` |
-| `postgresql.postgresqlPassword` | The password for internal PostgreSQL | `root` |
-| `postgresql.postgresqlDatabase` | The database for internal PostgreSQL | `dolphinscheduler` |
-| `postgresql.persistence.enabled` | Set `postgresql.persistence.enabled` to `true` to mount a new volume for internal PostgreSQL | `false` |
-| `postgresql.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
-| `postgresql.persistence.storageClass` | PostgreSQL data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `minio.enabled` | Deploy minio and configure it as the default storage for DolphinScheduler, note this is for demo only, not for production. | `false` |
-| `externalDatabase.type` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database type will use it | `postgresql` |
-| `externalDatabase.driver` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database driver will use it | `org.postgresql.Driver` |
-| `externalDatabase.host` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database host will use it | `localhost` |
-| `externalDatabase.port` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database port will use it | `5432` |
-| `externalDatabase.username` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database username will use it | `root` |
-| `externalDatabase.password` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database password will use it | `root` |
-| `externalDatabase.database` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database database will use it | `dolphinscheduler` |
-| `externalDatabase.params` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database params will use it | `characterEncoding=utf8` |
-|
| | |
-| `zookeeper.enabled` | If not exists external ZooKeeper, by default, the DolphinScheduler will use a internal ZooKeeper | `true` |
-| `zookeeper.service.port` | The port of zookeeper | `2181` |
-| `zookeeper.fourlwCommandsWhitelist` | A list of comma separated Four Letter Words commands to use | `srvr,ruok,wchs,cons` |
-| `zookeeper.persistence.enabled` | Set `zookeeper.persistence.enabled` to `true` to mount a new volume for internal ZooKeeper | `false` |
-| `zookeeper.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
-| `zookeeper.persistence.storageClass` | ZooKeeper data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `registryEtcd.enabled` | If you want to use Etcd for your registry center, change this value to true. And set `zookeeper.enabled` to false | `false` |
-| `registryEtcd.endpoints` | Etcd endpoints | `""` |
-| `registryEtcd.namespace` | Etcd namespace | `dolphinscheduler` |
-| `registryEtcd.user` | Etcd user | `""` |
-| `registryEtcd.passWord` | Etcd passWord | `""` |
-| `registryEtcd.authority` | Etcd authority | `""` |
-| `registryEtcd.ssl.enabled` | If your Etcd server has configured with ssl, change this value to true. About certification files you can see [here](https://github.com/etcd-io/jetcd/blob/main/docs/SslConfig.md) for how to convert. | `false` |
-| `registryEtcd.ssl.certFile` | CertFile file path | `etcd-certs/ca.crt` |
-| `registryEtcd.ssl.keyCertChainFile` | keyCertChainFile file path | `etcd-certs/client.crt` |
-| `registryEtcd.ssl.keyFile` | keyFile file path | `etcd-certs/client.pem` |
-| `registryJdbc.enabled` | If you want to use JDbc for your registry center, change this value to true. And set `zookeeper.enabled` and `registryEtcd.enabled` to false | `false` |
-| `registryJdbc.termRefreshInterval` | Used to schedule refresh the ephemeral data/ lock | `2s` |
-| `registryJdbc.termExpireTimes` | Used to calculate the expire time | `3` |
-| `registryJdbc.hikariConfig.driverClassName` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `com.mysql.cj.jdbc.Driver` |
-| `registryJdbc.hikariConfig.jdbcurl` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `jdbc:mysql://` |
-| `registryJdbc.hikariConfig.username` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
-| `registryJdbc.hikariConfig.password` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
-| `externalRegistry.registryPluginName` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry plugin name | `zookeeper` |
-| `externalRegistry.registryServers` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry servers | `127.0.0.1:2181` |
-|
| | `PASSWORD` |
-| `security.authentication.type` | Authentication types (supported types: PASSWORD,LDAP,CASDOOR_SSO) | `ldap://ldap.forumsys.com:389/` |
-| `security.authentication.ldap.urls` | LDAP urls | `dc=example,dc=com` |
-| `security.authentication.ldap.basedn` | LDAP base dn | `cn=read-only-admin,dc=example,dc=com` |
-| `security.authentication.ldap.username` | LDAP username | `password` |
-| `security.authentication.ldap.password` | LDAP password | `read-only-admin` |
-| `security.authentication.ldap.user.admin` | Admin user account when you log-in with LDAP | `uid` |
-| `security.authentication.ldap.user.identityattribute` | LDAP user identity attribute | `mail` |
-| `security.authentication.ldap.user.emailattribute` | LDAP user email attribute | `CREATE` |
-| `security.authentication.ldap.user.notexistaction` | action when ldap user is not exist,default value: CREATE. Optional values include(CREATE,DENY) | `false` |
-| `security.authentication.ldap.ssl.enable` | LDAP ssl switch | `false` |
-| `security.authentication.ldap.ssl.truststore` | LDAP jks file absolute path, do not change this value | `/opt/ldapkeystore.jks` |
-| `security.authentication.ldap.ssl.jksbase64content` | LDAP jks file base64 content | `""` |
-| `security.authentication.ldap.ssl.truststorepassword` | LDAP jks password | `""` |
-|
| | |
-| `common.configmap.DOLPHINSCHEDULER_OPTS` | The jvm options for dolphinscheduler, suitable for all servers | `""` |
-| `common.configmap.DATA_BASEDIR_PATH` | User data directory path, self configuration, please make sure the directory exists and have read write permissions | `/tmp/dolphinscheduler` |
-| `common.configmap.RESOURCE_STORAGE_TYPE` | Resource storage type: HDFS, S3, OSS, GCS, ABS, NONE | `HDFS` |
-| `common.configmap.RESOURCE_UPLOAD_PATH` | Resource store on HDFS/S3 path, please make sure the directory exists on hdfs and have read write permissions | `/dolphinscheduler` |
-| `common.configmap.FS_DEFAULT_FS` | Resource storage file system like `file:///`, `hdfs://mycluster:8020` or `s3a://dolphinscheduler` | `file:///` |
-| `common.configmap.FS_S3A_ENDPOINT` | S3 endpoint when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `s3.xxx.amazonaws.com` |
-| `common.configmap.FS_S3A_ACCESS_KEY` | S3 access key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
-| `common.configmap.FS_S3A_SECRET_KEY` | S3 secret key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
-| `common.configmap.HADOOP_SECURITY_AUTHENTICATION_STARTUP_STATE` | Whether to startup kerberos | `false` |
-| `common.configmap.JAVA_SECURITY_KRB5_CONF_PATH` | The java.security.krb5.conf path | `/opt/krb5.conf` |
-| `common.configmap.LOGIN_USER_KEYTAB_USERNAME` | The login user from keytab username | `hdfs@HADOOP.COM` |
-| `common.configmap.LOGIN_USER_KEYTAB_PATH` | The login user from keytab path | `/opt/hdfs.keytab` |
-| `common.configmap.KERBEROS_EXPIRE_TIME` | The kerberos expire time, the unit is hour | `2` |
-| `common.configmap.HDFS_ROOT_USER` | The HDFS root user who must have the permission to create directories under the HDFS root path | `hdfs` |
-| `common.configmap.RESOURCE_MANAGER_HTTPADDRESS_PORT` | Set resource manager httpaddress port for yarn | `8088` |
-| `common.configmap.YARN_RESOURCEMANAGER_HA_RM_IDS` | If resourcemanager HA is enabled, please set the HA IPs | `nil` |
-| `common.configmap.YARN_APPLICATION_STATUS_ADDRESS` | If resourcemanager is single, you only need to replace ds1 to actual resourcemanager hostname, otherwise keep default | `http://ds1:%s/ws/v1/cluster/apps/%s` |
-| `common.configmap.HADOOP_HOME` | Set `HADOOP_HOME` for DolphinScheduler's task environment | `/opt/soft/hadoop` |
-| `common.configmap.HADOOP_CONF_DIR` | Set `HADOOP_CONF_DIR` for DolphinScheduler's task environment | `/opt/soft/hadoop/etc/hadoop` |
-| `common.configmap.SPARK_HOME` | Set `SPARK_HOME` for DolphinScheduler's task environment | `/opt/soft/spark` |
-| `common.configmap.PYTHON_LAUNCHER` | Set `PYTHON_LAUNCHER` for DolphinScheduler's task environment | `/usr/bin/python` |
-| `common.configmap.JAVA_HOME` | Set `JAVA_HOME` for DolphinScheduler's task environment | `/opt/java/openjdk` |
-| `common.configmap.HIVE_HOME` | Set `HIVE_HOME` for DolphinScheduler's task environment | `/opt/soft/hive` |
-| `common.configmap.FLINK_HOME` | Set `FLINK_HOME` for DolphinScheduler's task environment | `/opt/soft/flink` |
-| `common.configmap.DATAX_LAUNCHER` | Set `DATAX_LAUNCHER` for DolphinScheduler's task environment | `/opt/soft/datax` |
-| `common.sharedStoragePersistence.enabled` | Set `common.sharedStoragePersistence.enabled` to `true` to mount a shared storage volume for Hadoop, Spark binary and etc | `false` |
-| `common.sharedStoragePersistence.mountPath` | The mount path for the shared storage volume | `/opt/soft` |
-| `common.sharedStoragePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
-| `common.sharedStoragePersistence.storageClassName` | Shared Storage persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
-| `common.sharedStoragePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
-| `common.fsFileResourcePersistence.enabled` | Set `common.fsFileResourcePersistence.enabled` to `true` to mount a new file resource volume for `api` and `worker` | `false` |
-| `common.fsFileResourcePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
-| `common.fsFileResourcePersistence.storageClassName` | Resource persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
-| `common.fsFileResourcePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `master.enabled` | Enable or disable the Master component | true |
-| `master.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
-| `master.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
-| `master.annotations` | The `annotations` for master server | `{}` |
-| `master.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `master.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `master.tolerations` | If specified, the pod's tolerations | `{}` |
-| `master.resources` | The `resource` limit and request config for master server | `{}` |
-| `master.env.JAVA_OPTS` | The jvm options for master server | `-Xms1g -Xmx1g -Xmn512m` |
-| `master.env.MASTER_EXEC_THREADS` | Master execute thread number to limit process instances | `100` |
-| `master.env.MASTER_EXEC_TASK_NUM` | Master execute task number in parallel per process instance | `20` |
-| `master.env.MASTER_DISPATCH_TASK_NUM` | Master dispatch task number per batch | `3` |
-| `master.env.MASTER_HOST_SELECTOR` | Master host selector to select a suitable worker, optional values include Random, RoundRobin, LowerWeight | `LowerWeight` |
-| `master.env.MASTER_HEARTBEAT_INTERVAL` | Master heartbeat interval, the unit is second | `10s` |
-| `master.env.MASTER_TASK_COMMIT_RETRYTIMES` | Master commit task retry times | `5` |
-| `master.env.MASTER_TASK_COMMIT_INTERVAL` | master commit task interval, the unit is second | `1s` |
-| `master.env.MASTER_MAX_CPULOAD_AVG` | Master max cpuload avg, only higher than the system cpu load average, master server can schedule | `-1` (`the number of cpu cores * 2`) |
-| `master.env.MASTER_RESERVED_MEMORY` | Master reserved memory, only lower than system available memory, master server can schedule, the unit is G | `0.3` |
-| `master.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `master.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `master.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `master.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `master.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `master.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `master.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `master.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `master.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `master.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `master.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `master.persistentVolumeClaim.enabled` | Set `master.persistentVolumeClaim.enabled` to `true` to mount a new volume for `master` | `false` |
-| `master.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `master.persistentVolumeClaim.storageClassName` | `Master` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `master.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `worker.enabled` | Enable or disable the Worker component | true |
-| `worker.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
-| `worker.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
-| `worker.annotations` | The `annotations` for worker server | `{}` |
-| `worker.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `worker.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `worker.tolerations` | If specified, the pod's tolerations | `{}` |
-| `worker.resources` | The `resource` limit and request config for worker server | `{}` |
-| `worker.env.WORKER_EXEC_THREADS` | Worker execute thread number to limit task instances | `100` |
-| `worker.env.WORKER_HEARTBEAT_INTERVAL` | Worker heartbeat interval, the unit is second | `10s` |
-| `worker.env.WORKER_MAX_CPU_LOAD_AVG` | Worker max cpu load avg, only higher than the system cpu load average, worker server can be dispatched tasks | `-1` (`the number of cpu cores * 2`) |
-| `worker.env.WORKER_RESERVED_MEMORY` | Worker reserved memory, only lower than system available memory, worker server can be dispatched tasks, the unit is G | `0.3` |
-| `worker.env.HOST_WEIGHT` | Worker host weight to dispatch tasks | `100` |
-| `worker.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `worker.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `worker.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `worker.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `worker.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `worker.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `worker.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `worker.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `worker.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `worker.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `worker.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `worker.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `worker.persistentVolumeClaim.enabled` | Set `worker.persistentVolumeClaim.enabled` to `true` to enable `persistentVolumeClaim` for `worker` | `false` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.dataPersistentVolume.enabled` to `true` to mount a data volume for `worker` | `false` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.storageClassName` | `Worker` data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `worker.persistentVolumeClaim.dataPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.logsPersistentVolume.enabled` to `true` to mount a logs volume for `worker` | `false` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.storageClassName` | `Worker` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `worker.persistentVolumeClaim.logsPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `alert.enabled` | Enable or disable the Alert-Server component | true |
-| `alert.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
-| `alert.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
-| `alert.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
-| `alert.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
-| `alert.annotations` | The `annotations` for alert server | `{}` |
-| `alert.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `alert.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `alert.tolerations` | If specified, the pod's tolerations | `{}` |
-| `alert.resources` | The `resource` limit and request config for alert server | `{}` |
-| `alert.configmap.ALERT_SERVER_OPTS` | The jvm options for alert server | `-Xms512m -Xmx512m -Xmn256m` |
-| `alert.configmap.XLS_FILE_PATH` | XLS file path | `/tmp/xls` |
-| `alert.configmap.MAIL_SERVER_HOST` | Mail `SERVER HOST ` | `nil` |
-| `alert.configmap.MAIL_SERVER_PORT` | Mail `SERVER PORT` | `nil` |
-| `alert.configmap.MAIL_SENDER` | Mail `SENDER` | `nil` |
-| `alert.configmap.MAIL_USER` | Mail `USER` | `nil` |
-| `alert.configmap.MAIL_PASSWD` | Mail `PASSWORD` | `nil` |
-| `alert.configmap.MAIL_SMTP_STARTTLS_ENABLE` | Mail `SMTP STARTTLS` enable | `false` |
-| `alert.configmap.MAIL_SMTP_SSL_ENABLE` | Mail `SMTP SSL` enable | `false` |
-| `alert.configmap.MAIL_SMTP_SSL_TRUST` | Mail `SMTP SSL TRUST` | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_ENABLE` | `Enterprise Wechat` enable | `false` |
-| `alert.configmap.ENTERPRISE_WECHAT_CORP_ID` | `Enterprise Wechat` corp id | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_SECRET` | `Enterprise Wechat` secret | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_AGENT_ID` | `Enterprise Wechat` agent id | `nil` |
-| `alert.configmap.ENTERPRISE_WECHAT_USERS` | `Enterprise Wechat` users | `nil` |
-| `alert.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `alert.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `alert.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `alert.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `alert.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `alert.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `alert.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `alert.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `alert.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `alert.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `alert.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `alert.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `alert.persistentVolumeClaim.enabled` | Set `alert.persistentVolumeClaim.enabled` to `true` to mount a new volume for `alert` | `false` |
-| `alert.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `alert.persistentVolumeClaim.storageClassName` | `Alert` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `alert.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
-|
| | |
-| `api.enabled` | Enable or disable the API-Server component | true |
-| `api.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
-| `api.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
-| `api.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
-| `api.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
-| `api.annotations` | The `annotations` for api server | `{}` |
-| `api.affinity` | If specified, the pod's scheduling constraints | `{}` |
-| `api.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
-| `api.tolerations` | If specified, the pod's tolerations | `{}` |
-| `api.resources` | The `resource` limit and request config for api server | `{}` |
-| `api.configmap.API_SERVER_OPTS` | The jvm options for api server | `-Xms512m -Xmx512m -Xmn256m` |
-| `api.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
-| `api.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
-| `api.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `api.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `api.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `api.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `api.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
-| `api.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `api.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
-| `api.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `api.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
-| `api.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
-| `api.persistentVolumeClaim.enabled` | Set `api.persistentVolumeClaim.enabled` to `true` to mount a new volume for `api` | `false` |
-| `api.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
-| `api.persistentVolumeClaim.storageClassName` | `api` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
-| `api.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
-| `api.service.type` | `type` determines how the Service is exposed. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer | `ClusterIP` |
-| `api.service.clusterIP` | `clusterIP` is the IP address of the service and is usually assigned randomly by the master | `nil` |
-| `api.service.nodePort` | `nodePort` is the port on each node on which this service is exposed when type=NodePort | `nil` |
-| `api.service.externalIPs` | `externalIPs` is a list of IP addresses for which nodes in the cluster will also accept traffic for this service | `[]` |
-| `api.service.externalName` | `externalName` is the external reference that kubedns or equivalent will return as a CNAME record for this service | `nil` |
-| `api.service.loadBalancerIP` | `loadBalancerIP` when service.type is LoadBalancer. LoadBalancer will get created with the IP specified in this field | `nil` |
-| `api.service.annotations` | `annotations` may need to be set when service.type is LoadBalancer | `{}` |
-|
| | |
-| `ingress.enabled` | Enable ingress | `false` |
-| `ingress.host` | Ingress host | `dolphinscheduler.org` |
-| `ingress.path` | Ingress path | `/dolphinscheduler` |
-| `ingress.tls.enabled` | Enable ingress tls | `false` |
-| `ingress.tls.secretName` | Ingress tls secret name | `dolphinscheduler-tls` |
+| Parameter | Description | Default |
+|----------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------|
+| `timezone` | World time and date for cities in all time zones | `Asia/Shanghai` |
+|
| | |
+| `image.repository` | Docker image repository for the DolphinScheduler | `apache/dolphinscheduler` |
+| `image.tag` | Docker image version for the DolphinScheduler | `latest` |
+| `image.pullPolicy` | Image pull policy. Options: Always, Never, IfNotPresent | `IfNotPresent` |
+| `image.pullSecret` | Image pull secret. An optional reference to secret in the same namespace to use for pulling any of the images | `nil` |
+|
| | |
+| `postgresql.enabled` | If not exists external PostgreSQL, by default, the DolphinScheduler will use a internal PostgreSQL | `true` |
+| `postgresql.postgresqlUsername` | The username for internal PostgreSQL | `root` |
+| `postgresql.postgresqlPassword` | The password for internal PostgreSQL | `root` |
+| `postgresql.postgresqlDatabase` | The database for internal PostgreSQL | `dolphinscheduler` |
+| `postgresql.persistence.enabled` | Set `postgresql.persistence.enabled` to `true` to mount a new volume for internal PostgreSQL | `false` |
+| `postgresql.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
+| `postgresql.persistence.storageClass` | PostgreSQL data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `minio.enabled` | Deploy minio and configure it as the default storage for DolphinScheduler, note this is for demo only, not for production. | `false` |
+| `externalDatabase.type` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database type will use it | `postgresql` |
+| `externalDatabase.driver` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database driver will use it | `org.postgresql.Driver` |
+| `externalDatabase.host` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database host will use it | `localhost` |
+| `externalDatabase.port` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database port will use it | `5432` |
+| `externalDatabase.username` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database username will use it | `root` |
+| `externalDatabase.password` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database password will use it | `root` |
+| `externalDatabase.database` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database database will use it | `dolphinscheduler` |
+| `externalDatabase.params` | If exists external PostgreSQL, and set `postgresql.enabled` value to false. DolphinScheduler's database params will use it | `characterEncoding=utf8` |
+|
| | |
+| `zookeeper.enabled` | If not exists external ZooKeeper, by default, the DolphinScheduler will use a internal ZooKeeper | `true` |
+| `zookeeper.service.port` | The port of zookeeper | `2181` |
+| `zookeeper.fourlwCommandsWhitelist` | A list of comma separated Four Letter Words commands to use | `srvr,ruok,wchs,cons` |
+| `zookeeper.persistence.enabled` | Set `zookeeper.persistence.enabled` to `true` to mount a new volume for internal ZooKeeper | `false` |
+| `zookeeper.persistence.size` | `PersistentVolumeClaim` size | `20Gi` |
+| `zookeeper.persistence.storageClass` | ZooKeeper data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `registryEtcd.enabled` | If you want to use Etcd for your registry center, change this value to true. And set `zookeeper.enabled` to false | `false` |
+| `registryEtcd.endpoints` | Etcd endpoints | `""` |
+| `registryEtcd.namespace` | Etcd namespace | `dolphinscheduler` |
+| `registryEtcd.user` | Etcd user | `""` |
+| `registryEtcd.passWord` | Etcd passWord | `""` |
+| `registryEtcd.authority` | Etcd authority | `""` |
+| `registryEtcd.ssl.enabled` | If your Etcd server has configured with ssl, change this value to true. About certification files you can see [here](https://github.com/etcd-io/jetcd/blob/main/docs/SslConfig.md) for how to convert. | `false` |
+| `registryEtcd.ssl.certFile` | CertFile file path | `etcd-certs/ca.crt` |
+| `registryEtcd.ssl.keyCertChainFile` | keyCertChainFile file path | `etcd-certs/client.crt` |
+| `registryEtcd.ssl.keyFile` | keyFile file path | `etcd-certs/client.pem` |
+| `registryJdbc.enabled` | If you want to use JDbc for your registry center, change this value to true. And set `zookeeper.enabled` and `registryEtcd.enabled` to false | `false` |
+| `registryJdbc.termRefreshInterval` | Used to schedule refresh the ephemeral data/ lock | `2s` |
+| `registryJdbc.termExpireTimes` | Used to calculate the expire time | `3` |
+| `registryJdbc.hikariConfig.driverClassName` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `com.mysql.cj.jdbc.Driver` |
+| `registryJdbc.hikariConfig.jdbcurl` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `jdbc:mysql://` |
+| `registryJdbc.hikariConfig.username` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
+| `registryJdbc.hikariConfig.password` | Default use same Dolphinscheduler's database if you don't change this value. If you set this value, Registry jdbc's database type will use it | `""` |
+| `externalRegistry.registryPluginName` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry plugin name | `zookeeper` |
+| `externalRegistry.registryServers` | If exists external registry and set `zookeeper.enable` && `registryEtcd.enabled` && `registryJdbc.enabled` to `false`, specify the external registry servers | `127.0.0.1:2181` |
+|
| | `PASSWORD` |
+| `security.authentication.type` | Authentication types (supported types: PASSWORD,LDAP,CASDOOR_SSO) | `ldap://ldap.forumsys.com:389/` |
+| `security.authentication.ldap.urls` | LDAP urls | `dc=example,dc=com` |
+| `security.authentication.ldap.basedn` | LDAP base dn | `cn=read-only-admin,dc=example,dc=com` |
+| `security.authentication.ldap.username` | LDAP username | `password` |
+| `security.authentication.ldap.password` | LDAP password | `read-only-admin` |
+| `security.authentication.ldap.user.admin` | Admin user account when you log-in with LDAP | `uid` |
+| `security.authentication.ldap.user.identityattribute` | LDAP user identity attribute | `mail` |
+| `security.authentication.ldap.user.emailattribute` | LDAP user email attribute | `CREATE` |
+| `security.authentication.ldap.user.notexistaction` | action when ldap user is not exist,default value: CREATE. Optional values include(CREATE,DENY) | `false` |
+| `security.authentication.ldap.ssl.enable` | LDAP ssl switch | `false` |
+| `security.authentication.ldap.ssl.truststore` | LDAP jks file absolute path, do not change this value | `/opt/ldapkeystore.jks` |
+| `security.authentication.ldap.ssl.jksbase64content` | LDAP jks file base64 content | `""` |
+| `security.authentication.ldap.ssl.truststorepassword` | LDAP jks password | `""` |
+|
| | |
+| `common.configmap.DOLPHINSCHEDULER_OPTS` | The jvm options for dolphinscheduler, suitable for all servers | `""` |
+| `common.configmap.DATA_BASEDIR_PATH` | User data directory path, self configuration, please make sure the directory exists and have read write permissions | `/tmp/dolphinscheduler` |
+| `common.configmap.RESOURCE_STORAGE_TYPE` | Resource storage type: HDFS, S3, OSS, GCS, ABS, NONE | `HDFS` |
+| `common.configmap.RESOURCE_UPLOAD_PATH` | Resource store on HDFS/S3 path, please make sure the directory exists on hdfs and have read write permissions | `/dolphinscheduler` |
+| `common.configmap.FS_DEFAULT_FS` | Resource storage file system like `file:///`, `hdfs://mycluster:8020` or `s3a://dolphinscheduler` | `file:///` |
+| `common.configmap.FS_S3A_ENDPOINT` | S3 endpoint when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `s3.xxx.amazonaws.com` |
+| `common.configmap.FS_S3A_ACCESS_KEY` | S3 access key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
+| `common.configmap.FS_S3A_SECRET_KEY` | S3 secret key when `common.configmap.RESOURCE_STORAGE_TYPE` is set to `S3` | `xxxxxxx` |
+| `common.configmap.HADOOP_SECURITY_AUTHENTICATION_STARTUP_STATE` | Whether to startup kerberos | `false` |
+| `common.configmap.JAVA_SECURITY_KRB5_CONF_PATH` | The java.security.krb5.conf path | `/opt/krb5.conf` |
+| `common.configmap.LOGIN_USER_KEYTAB_USERNAME` | The login user from keytab username | `hdfs@HADOOP.COM` |
+| `common.configmap.LOGIN_USER_KEYTAB_PATH` | The login user from keytab path | `/opt/hdfs.keytab` |
+| `common.configmap.KERBEROS_EXPIRE_TIME` | The kerberos expire time, the unit is hour | `2` |
+| `common.configmap.HDFS_ROOT_USER` | The HDFS root user who must have the permission to create directories under the HDFS root path | `hdfs` |
+| `common.configmap.RESOURCE_MANAGER_HTTPADDRESS_PORT` | Set resource manager httpaddress port for yarn | `8088` |
+| `common.configmap.YARN_RESOURCEMANAGER_HA_RM_IDS` | If resourcemanager HA is enabled, please set the HA IPs | `nil` |
+| `common.configmap.YARN_APPLICATION_STATUS_ADDRESS` | If resourcemanager is single, you only need to replace ds1 to actual resourcemanager hostname, otherwise keep default | `http://ds1:%s/ws/v1/cluster/apps/%s` |
+| `common.configmap.HADOOP_HOME` | Set `HADOOP_HOME` for DolphinScheduler's task environment | `/opt/soft/hadoop` |
+| `common.configmap.HADOOP_CONF_DIR` | Set `HADOOP_CONF_DIR` for DolphinScheduler's task environment | `/opt/soft/hadoop/etc/hadoop` |
+| `common.configmap.SPARK_HOME` | Set `SPARK_HOME` for DolphinScheduler's task environment | `/opt/soft/spark` |
+| `common.configmap.PYTHON_LAUNCHER` | Set `PYTHON_LAUNCHER` for DolphinScheduler's task environment | `/usr/bin/python` |
+| `common.configmap.JAVA_HOME` | Set `JAVA_HOME` for DolphinScheduler's task environment | `/opt/java/openjdk` |
+| `common.configmap.HIVE_HOME` | Set `HIVE_HOME` for DolphinScheduler's task environment | `/opt/soft/hive` |
+| `common.configmap.FLINK_HOME` | Set `FLINK_HOME` for DolphinScheduler's task environment | `/opt/soft/flink` |
+| `common.configmap.DATAX_LAUNCHER` | Set `DATAX_LAUNCHER` for DolphinScheduler's task environment | `/opt/soft/datax` |
+| `common.sharedStoragePersistence.enabled` | Set `common.sharedStoragePersistence.enabled` to `true` to mount a shared storage volume for Hadoop, Spark binary and etc | `false` |
+| `common.sharedStoragePersistence.mountPath` | The mount path for the shared storage volume | `/opt/soft` |
+| `common.sharedStoragePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
+| `common.sharedStoragePersistence.storageClassName` | Shared Storage persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
+| `common.sharedStoragePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
+| `common.fsFileResourcePersistence.enabled` | Set `common.fsFileResourcePersistence.enabled` to `true` to mount a new file resource volume for `api` and `worker` | `false` |
+| `common.fsFileResourcePersistence.accessModes` | `PersistentVolumeClaim` access modes, must be `ReadWriteMany` | `[ReadWriteMany]` |
+| `common.fsFileResourcePersistence.storageClassName` | Resource persistent volume storage class, must support the access mode: ReadWriteMany | `-` |
+| `common.fsFileResourcePersistence.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `master.enabled` | Enable or disable the Master component | true |
+| `master.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
+| `master.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
+| `master.annotations` | The `annotations` for master server | `{}` |
+| `master.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `master.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `master.tolerations` | If specified, the pod's tolerations | `{}` |
+| `master.resources` | The `resource` limit and request config for master server | `{}` |
+| `master.env.JAVA_OPTS` | The jvm options for master server | `-Xms1g -Xmx1g -Xmn512m` |
+| `master.env.MASTER_EXEC_THREADS` | Master execute thread number to limit process instances | `100` |
+| `master.env.MASTER_EXEC_TASK_NUM` | Master execute task number in parallel per process instance | `20` |
+| `master.env.MASTER_DISPATCH_TASK_NUM` | Master dispatch task number per batch | `3` |
+| `master.env.MASTER_HOST_SELECTOR` | Master host selector to select a suitable worker, optional values include Random, RoundRobin, LowerWeight | `LowerWeight` |
+| `master.env.MASTER_HEARTBEAT_INTERVAL` | Master heartbeat interval, the unit is second | `10s` |
+| `master.env.MASTER_TASK_COMMIT_RETRYTIMES` | Master commit task retry times | `5` |
+| `master.env.MASTER_TASK_COMMIT_INTERVAL` | master commit task interval, the unit is second | `1s` |
+| `master.env.MASTER_MAX_CPULOAD_AVG` | Master max cpuload avg, only higher than the system cpu load average, master server can schedule | `-1` (`the number of cpu cores * 2`) |
+| `master.env.MASTER_RESERVED_MEMORY` | Master reserved memory, only lower than system available memory, master server can schedule, the unit is G | `0.3` |
+| `master.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `master.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `master.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `master.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `master.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `master.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `master.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `master.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `master.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `master.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `master.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `master.persistentVolumeClaim.enabled` | Set `master.persistentVolumeClaim.enabled` to `true` to mount a new volume for `master` | `false` |
+| `master.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `master.persistentVolumeClaim.storageClassName` | `Master` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `master.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `worker.enabled` | Enable or disable the Worker component | true |
+| `worker.podManagementPolicy` | PodManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down | `Parallel` |
+| `worker.replicas` | Replicas is the desired number of replicas of the given Template | `3` |
+| `worker.annotations` | The `annotations` for worker server | `{}` |
+| `worker.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `worker.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `worker.tolerations` | If specified, the pod's tolerations | `{}` |
+| `worker.resources` | The `resource` limit and request config for worker server | `{}` |
+| `worker.env.WORKER_EXEC_THREADS` | Worker execute thread number to limit task instances | `100` |
+| `worker.env.WORKER_HEARTBEAT_INTERVAL` | Worker heartbeat interval, the unit is second | `10s` |
+| `worker.env.WORKER_MAX_CPU_LOAD_AVG` | Worker max cpu load avg, only higher than the system cpu load average, worker server can be dispatched tasks | `-1` (`the number of cpu cores * 2`) |
+| `worker.env.WORKER_RESERVED_MEMORY` | Worker reserved memory, only lower than system available memory, worker server can be dispatched tasks, the unit is G | `0.3` |
+| `worker.env.HOST_WEIGHT` | Worker host weight to dispatch tasks | `100` |
+| `worker.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `worker.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `worker.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `worker.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `worker.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `worker.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `worker.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `worker.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `worker.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `worker.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `worker.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `worker.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `worker.persistentVolumeClaim.enabled` | Set `worker.persistentVolumeClaim.enabled` to `true` to enable `persistentVolumeClaim` for `worker` | `false` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.dataPersistentVolume.enabled` to `true` to mount a data volume for `worker` | `false` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.storageClassName` | `Worker` data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `worker.persistentVolumeClaim.dataPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.enabled` | Set `worker.persistentVolumeClaim.logsPersistentVolume.enabled` to `true` to mount a logs volume for `worker` | `false` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.storageClassName` | `Worker` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `worker.persistentVolumeClaim.logsPersistentVolume.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `alert.enabled` | Enable or disable the Alert-Server component | true |
+| `alert.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
+| `alert.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
+| `alert.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
+| `alert.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
+| `alert.annotations` | The `annotations` for alert server | `{}` |
+| `alert.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `alert.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `alert.tolerations` | If specified, the pod's tolerations | `{}` |
+| `alert.resources` | The `resource` limit and request config for alert server | `{}` |
+| `alert.configmap.ALERT_SERVER_OPTS` | The jvm options for alert server | `-Xms512m -Xmx512m -Xmn256m` |
+| `alert.configmap.XLS_FILE_PATH` | XLS file path | `/tmp/xls` |
+| `alert.configmap.MAIL_SERVER_HOST` | Mail `SERVER HOST ` | `nil` |
+| `alert.configmap.MAIL_SERVER_PORT` | Mail `SERVER PORT` | `nil` |
+| `alert.configmap.MAIL_SENDER` | Mail `SENDER` | `nil` |
+| `alert.configmap.MAIL_USER` | Mail `USER` | `nil` |
+| `alert.configmap.MAIL_PASSWD` | Mail `PASSWORD` | `nil` |
+| `alert.configmap.MAIL_SMTP_STARTTLS_ENABLE` | Mail `SMTP STARTTLS` enable | `false` |
+| `alert.configmap.MAIL_SMTP_SSL_ENABLE` | Mail `SMTP SSL` enable | `false` |
+| `alert.configmap.MAIL_SMTP_SSL_TRUST` | Mail `SMTP SSL TRUST` | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_ENABLE` | `Enterprise Wechat` enable | `false` |
+| `alert.configmap.ENTERPRISE_WECHAT_CORP_ID` | `Enterprise Wechat` corp id | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_SECRET` | `Enterprise Wechat` secret | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_AGENT_ID` | `Enterprise Wechat` agent id | `nil` |
+| `alert.configmap.ENTERPRISE_WECHAT_USERS` | `Enterprise Wechat` users | `nil` |
+| `alert.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `alert.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `alert.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `alert.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `alert.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `alert.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `alert.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `alert.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `alert.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `alert.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `alert.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `alert.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `alert.persistentVolumeClaim.enabled` | Set `alert.persistentVolumeClaim.enabled` to `true` to mount a new volume for `alert` | `false` |
+| `alert.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `alert.persistentVolumeClaim.storageClassName` | `Alert` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `alert.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
+|
| | |
+| `api.enabled` | Enable or disable the API-Server component | true |
+| `api.replicas` | Replicas is the desired number of replicas of the given Template | `1` |
+| `api.strategy.type` | Type of deployment. Can be "Recreate" or "RollingUpdate" | `RollingUpdate` |
+| `api.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods | `25%` |
+| `api.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update | `25%` |
+| `api.annotations` | The `annotations` for api server | `{}` |
+| `api.affinity` | If specified, the pod's scheduling constraints | `{}` |
+| `api.nodeSelector` | NodeSelector is a selector which must be true for the pod to fit on a node | `{}` |
+| `api.tolerations` | If specified, the pod's tolerations | `{}` |
+| `api.resources` | The `resource` limit and request config for api server | `{}` |
+| `api.configmap.API_SERVER_OPTS` | The jvm options for api server | `-Xms512m -Xmx512m -Xmn256m` |
+| `api.livenessProbe.enabled` | Turn on and off liveness probe | `true` |
+| `api.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
+| `api.livenessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `api.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `api.livenessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `api.livenessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `api.readinessProbe.enabled` | Turn on and off readiness probe | `true` |
+| `api.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `api.readinessProbe.periodSeconds` | How often to perform the probe | `30` |
+| `api.readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `api.readinessProbe.failureThreshold` | Minimum consecutive successes for the probe | `3` |
+| `api.readinessProbe.successThreshold` | Minimum consecutive failures for the probe | `1` |
+| `api.persistentVolumeClaim.enabled` | Set `api.persistentVolumeClaim.enabled` to `true` to mount a new volume for `api` | `false` |
+| `api.persistentVolumeClaim.accessModes` | `PersistentVolumeClaim` access modes | `[ReadWriteOnce]` |
+| `api.persistentVolumeClaim.storageClassName` | `api` logs data persistent volume storage class. If set to "-", storageClassName: "", which disables dynamic provisioning | `-` |
+| `api.persistentVolumeClaim.storage` | `PersistentVolumeClaim` size | `20Gi` |
+| `api.service.type` | `type` determines how the Service is exposed. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer | `ClusterIP` |
+| `api.service.clusterIP` | `clusterIP` is the IP address of the service and is usually assigned randomly by the master | `nil` |
+| `api.service.nodePort` | `nodePort` is the port on each node on which this service is exposed when type=NodePort | `nil` |
+| `api.service.externalIPs` | `externalIPs` is a list of IP addresses for which nodes in the cluster will also accept traffic for this service | `[]` |
+| `api.service.externalName` | `externalName` is the external reference that kubedns or equivalent will return as a CNAME record for this service | `nil` |
+| `api.service.loadBalancerIP` | `loadBalancerIP` when service.type is LoadBalancer. LoadBalancer will get created with the IP specified in this field | `nil` |
+| `api.service.annotations` | `annotations` may need to be set when service.type is LoadBalancer | `{}` |
+| `api.taskTypeFilter.enabled` | Enable or disable the task type filter. If set to true, the API-Server will return tasks of a specific type set in api.taskTypeFilter.task.Note: This feature only filters tasks to return a specific type on the WebUI. However, you can still create any task that DolphinScheduler supports via the API. | `false` |
+| `api.taskTypeFilter.task` | Task type ref: [task-type-config.yaml](https://github.com/apache/dolphinscheduler/blob/dev/dolphinscheduler-api/src/main/resources/task-type-config.yaml) | `{}` |
+|
| | |
+| `ingress.enabled` | Enable ingress | `false` |
+| `ingress.host` | Ingress host | `dolphinscheduler.org` |
+| `ingress.path` | Ingress path | `/dolphinscheduler` |
+| `ingress.tls.enabled` | Enable ingress tls | `false` |
+| `ingress.tls.secretName` | Ingress tls secret name | `dolphinscheduler-tls` |