The module lifecycle stagePreview

How to explicitly enable the module…

You may explicitly enable or disable the module in one of the following ways:

  • Via Deckhouse web UI. In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the development-platform module and enable (or disable) the “Module enabled” toggle. Save changes.

    Example:

    Module enable/disable interface

  • Via Deckhouse CLI (d8).

    Use the d8 system module enable command for enabling, or d8 system module disable command for disabling the module (you need Deckhouse CLI (d8), configured to work with the cluster).

    Example of enabling the module:

    d8 system module enable development-platform

  • Using ModuleConfig development-platform.

    Set spec.enabled to true or false in ModuleConfig development-platform (create it if necessary);

    Example of a manifest to enable module development-platform:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: development-platform
spec:
  enabled: true

How to configure the module…

You can configure the module in one of the following ways:

  • Via Deckhouse web UI.

    In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the development-platform module and enable the “Advanced Settings” switch. Fill in the required fields in the “Configuration” tab or specify the module settings in YAML format on the “YAML” tab, excluding the settings section. Save the changes.

    Example:

    Module Setup Interface

    You can also edit the ModuleConfig object development-platform on the “YAML” tab in the module settings window (“System” → “System Management” → “Deckhouse” → “Modules”, open the module development-platform) by specifying the schema version in the spec.version parameter and the necessary module parameters in the spec.settings section.

  • Via Deckhouse CLI (d8) (requires Deckhouse CLI (d8) configured to work with the cluster).

    Edit the existing ModuleConfig development-platform (for more details on configuring Deckhouse, see the documentation) by executing the following command:

    d8 k edit mc development-platform

    Make the necessary changes in the spec.settings section. If necessary, specify the schema version in the spec.version parameter. Save the changes.

    You can also create a file with manifest for ModuleConfig development-platform using the example below. Fill in the spec.settings section with the required module parameters. If necessary, specify the schema version in the spec.version parameter.

    Apply the manifest using the following command (indicate the manifest file name):

    d8 k apply -f <FILENAME>

    Example of a manifest for ModuleConfig development-platform:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: development-platform
spec:
  version: 1
  enabled: true
  settings: # Module parameters from the "Parameters" section below.

Parameters

Schema version: 1

  • settings
    object
    • settings.datasources
      object

      Default: {}

      • settings.datasources.logging
        object

        Default: {}

        • settings.datasources.logging.enabled
          boolean
          Flag to enable or disable datasource logging to stdout.

          Default: false

    • settings.domain
      object

      Default: {}

      • settings.domain.customDomain
        string
        The custom domain to use if useCustomDomain is true. Must not contain http:// or https://. Required if useCustomDomain is true.

        Default: example.com

        Examples: 


        customDomain: example.com

        customDomain: ddp.example.com
      • settings.domain.customSecretName
        string
        The custom secret name to use if useCustomSecret is true.

        Default: example-tls

        Examples: 


        customSecretName: example-tls

        customSecretName: custom-tls-secret
      • settings.domain.prefix
        string
        Prefix for generating the domain name if not using a custom domain.

        Default: ddp

        Examples: 


        prefix: ddp

        prefix: dev-platform
      • settings.domain.useCustomDomain
        boolean
        If true, use the custom domain. If false, use the generated domain prefix.

        Default: false

      • settings.domain.useCustomSecret
        boolean
        Use custom secret

        Default: false

    • settings.events
      object

      Default: {}

      • settings.events.ttl
        string
        Time to live for events. Format: string in Go duration format.

        Default: 96h

        Examples: 


        ttl: 96h

        ttl: 720h

        ttl: 1d

        ttl: 30m
    • settings.extraCA
      string
      Additional CA certificates in PEM format. Used when accessing any services that DDP may potentially connect to (e.g., dex by FQDN if you have your own CA for dex). The certificate is mounted to /etc/ssl/certs/extraca.crt.

      Default:

      Examples: 


      extraCA: ""

      extraCA: |
  -----BEGIN CERTIFICATE-----
  MIIEKTCCApGgAwIBAgIRAL6BA5jjXYI52wcc3b9UftAwDQYJKoZIhvcNAQELBQAw
  ...
  -----END CERTIFICATE-----
    • settings.logger
      object

      Default: {}

      • settings.logger.format
        string
        Format of the logging.

        Default: logfmt

        Allowed values: json, logfmt

      • settings.logger.level
        string
        Logging level.

        Default: info

        Allowed values: debug, info, warn, error

    • settings.postgres
      object

      Default: {}

      • settings.postgres.database
        string
        Name of the Postgres database.

        Default: ddp

        Examples: 


        database: ddp

        database: development_platform

        database: my_database
      • settings.postgres.host
        string
        Hostname or IP address of the Postgres server. When mode=internal, must be set to postgres.

        Default: postgres

        Examples: 


        host: postgres

        host: localhost

        host: 192.168.1.100

        host: postgres.example.com
      • settings.postgres.mode
        string
        Specifies whether Postgres is internal or external.

        Default: internal

        Allowed values: internal, external

      • settings.postgres.password
        string
        Password for connecting to Postgres.

        Default: ddp

        Examples: 


        password: ddp

        password: secure_password_123
      • settings.postgres.port
        number
        Port number on which Postgres is listening. Not required if using the default value.

        Default: 5432

        Examples: 


        port: 5432

        port: 35432
      • settings.postgres.username
        string
        Username for connecting to Postgres.

        Default: ddp

        Examples: 


        username: ddp

        username: postgres

        username: db_user
    • settings.rbac
      object

      Default: {}

      • settings.rbac.ownerIsAdmin
        boolean
        If true, the resource owner automatically gets administrator rights.

        Default: true

      • settings.rbac.superAdminEmail
        string

        Required value

        Email of the super admin.

        Example: 


        superAdminEmail: admin@example.com
    • settings.redis
      object

      Default: {}

      • settings.redis.database
        string
        Database index to use on the Redis server. Not required if using the default value.

        Default: 0

        Examples: 


        database: "0"

        database: "1"

        database: "15"
      • settings.redis.host
        string
        Hostname or IP address of the Redis server. When mode=internal, must be set to redis.

        Default: redis

        Examples: 


        host: redis

        host: localhost

        host: 192.168.1.101

        host: redis.example.com
      • settings.redis.mode
        string
        Specifies whether Redis is internal or external.

        Default: internal

        Allowed values: internal, external

      • settings.redis.password
        string
        Password for connecting to Redis. Not required if using the default value (empty string).

        Default:

        Examples: 


        password: ""

        password: redis_password
      • settings.redis.port
        number
        Port number on which Redis is listening. Not required if using the default value.

        Default: 6379

        Examples: 


        port: 6379

        port: 6380
    • settings.security
      object

      Default: {}

      • settings.security.headers
        object
        Configuration for HTTP security headers (CSP, X-Frame-Options, etc.).

        Default: {}

        • settings.security.headers.csp
          object
          Content Security Policy (CSP) configuration.

          Default: {}

          • settings.security.headers.csp.additionalSources
            string
            Additional CSP sources (space-separated list of URLs or special values). These sources will be added to img-src, connect-src, frame-src, and frame-ancestors directives.

            Default:

            Examples: 


            additionalSources: ""

            additionalSources: https://cdn.example.com

            additionalSources: https://api.example.com https://cdn.example.com
          • settings.security.headers.csp.allowExternalImages
            boolean
            Allow images from external sources. When true, images can be loaded from any domain (useful for icons from external CDNs). When false, only images from ‘self’ and ‘data:’ are allowed.

            Default: false

            Examples: 


            allowExternalImages: false

            allowExternalImages: true
          • settings.security.headers.csp.allowIframe
            boolean
            Allow iframe embedding. When true, the application can be embedded in iframes from any domain (useful for widgets). When false, only same-origin iframes are allowed.

            Default: false

            Examples: 


            allowIframe: false

            allowIframe: true
        • settings.security.headers.enabled
          boolean
          Enable or disable security headers. When disabled, no security headers will be sent in HTTP responses.

          Default: true

          Examples: 


          enabled: true

          enabled: false
        • settings.security.headers.xFrameOptions
          string
          X-Frame-Options header value. ‘DENY’ prevents the page from being displayed in a frame. ‘SAMEORIGIN’ allows framing only by pages from the same origin.

          Default: SAMEORIGIN

          Allowed values: DENY, SAMEORIGIN

          Examples: 


          xFrameOptions: DENY

          xFrameOptions: SAMEORIGIN
      • settings.security.secretKey
        string

        Required value

        Secret key for security purposes. Must contain 16, 24, or 32 characters (bytes). Only printable ASCII characters are allowed.

        Examples: 


        secretKey: mySecretKeyDefau

        secretKey: 16charssecretkey

        secretKey: 24characterssecretkey!!x

        secretKey: 32characterslongsecretkey1234xyz
    • settings.workers
      object

      Default: {}

      • settings.workers.maxTasks
        integer
        Maximum number of tasks that can be processed in parallel by each worker. This controls the concurrency level per worker instance.

        Default: 10

        Allowed values: 1 <= X

        Examples: 


        maxTasks: 5

        maxTasks: 10

        maxTasks: 20
      • settings.workers.replicas
        integer
        Number of worker replicas to deploy. Workers process tasks from the queue (datasource sync, action execution, health checks).

        Default: 2

        Allowed values: 0 <= X

        Examples: 


        replicas: 1

        replicas: 2

        replicas: 3