Helm Installation Parameters

The following table lists the parameters that you set during installation of the Helm chart for the Agent in Kubernetes.

For an online list of the parameters that you can set during installation of the Helm chart, run the following command:

helm show values controlm/controlm-agent
For more information about Kubernetes resources that certain parameters are based on, use the kubectl explain command. For example:

kubectl explain statefulset.spec.template.spec.affinity
Object-type and array-type values must be defined in JSON format (using the --set-json switch). If you obtain them in YAML format, convert them to JSON. You can use the JQ command on Linux for this conversion.

Parameter	Description	Required or Optional	Type
api.endpoint	Defines the URL for Control-M Automation API with the following format: https://<controlm>/automation-api	Required	String
api.token	Defines the API token value to authenticate and connect to the Automation API server. For information about obtaining this token, see Creating an API Token. Ensure that the role associated with this API token is associated with your Agents with an access level of UPDATE or FULL or has Configuration Admin Management set to an access level of UPDATE or FULL, and is also associated with your Agent tag (if you use one).	Optional	String
api.username	Defines a Control-M username to use (together with a password) to connect to the Automation API server, instead of using an API token. If you are working in Compatibility mode after an upgrade from Control-M/EM 9.0.20.200, authentication using a username and password is required. Otherwise, BMC recommends using an API token.	Optional	String
api.password	Defines a password for the defined Control-M username to use to connect to the Automation API server, instead of using an API token.	Optional	String
api.secret	Defines the name of a Kubernetes secret that contains the API token value or the API password, instead of using the api.token or api.password parameter, respectively. For more information about Kubernetes secrets, refer to Kubernetes documentation. To create such a Kubernetes secret, use one of the following commands: For API token: kubectl create secret generic <name of secret> --from-literal='apiToken=<token value>' For API password: kubectl create secret generic <name of secret> --from-literal='apiPass=<password value>'	Optional	String
ai.additionalPluginsConfigMapName	Defines the name of a configMap that lists additional Control-M plug-ins to dynamically deploy in the Agent pod, along with the Kubernetes plug-in. Supported plug-ins are plug-ins that were developed in Control-M Application Integrator, including Control-M Integrations. For more information, see Setting Up Dynamic Deployment of Additional Plug-ins.	Optional	String
ai.additionalCertsConfigMapName	Defines the name of a configMap that lists the certifications required by the additional Control-M plug-ins that you deploy in the Agent pod.	Optional	String
ai.proxyConfigMapName	Defines the name of a configMap that contains Application Integrator proxy settings for the additional Control-M plug-ins that you deploy in the Agent pod.	Optional	String
agent.tag	Defines a logical name that is used to label specific Agents into a group with specific authorizations. For more information about agent tags, see Agent General Parameters.	Optional	String
agent.replicas	Determines the number of Agent pods to run. Default: 2 Kubernetes resource: statefulset.spec.replicas	Optional	Integer
agent.ssl	Determines whether the Agent uses SSL for communication with the Control-M/Server. Use this setting only if the Control-M/Server is not set to SSL mode by default and you want to set SSL for a specific Agent. Values: true \| false Default: false	Optional	String
server.name	Defines the logical name of the Control-M/Server that the Agent connects to. To obtain this value, your Control-M Administrator can run the ctm config servers::get API command and copy the returned "name" value.	Required	String
server.host	Defines the hostname of the computer where the Control-M/Server runs. To obtain this value, your Control-M Administrator can run the ctm config servers::get API command and copy the returned "host" value.	Required	String
server.port	Defines the listening port of the Control-M/Server. Obtain this value from your Control-M Administrator.	Required	String
server.ip	Defines the public IPv4 or IPv6 address of the Control-M/Server. This is required only if the hostname cannot be resolved by DNS lookup from the cluster, as is often the case in the cloud.	Optional	String
server.hostgroup	Defines the name of the host group that contains the deployed Agent. Default: k8s_group	Optional	String
server.secondaryHost	Defines the name of the secondary Control-M/Server host used in High Availability configurations.	Optional	String
server.secondaryIp	Defines the public IPv4 or IPv6 address of the secondary Control-M/Server host used in High Availability configurations. This is required only if the secondary hostname cannot be resolved by DNS lookup from the cluster.	Optional	String
server.dr.host	Defines the hostname of the Disaster Recovery (DR) Control-M/Server host.	Optional	String
server.dr.ip	Defines the public IPv4 or IPv6 address of the DR Control-M/Server. This is required only if the DR hostname cannot be resolved by DNS lookup from the cluster, as is often the case in the cloud.	Optional	String
server.dr.secondaryHost	Defines the name of the secondary DR Control-M/Server host used in High Availability configurations.	Optional	String
server.dr.secondaryIp	Defines the public IPv4 or IPv6 address of the secondary DR Control-M/Server host used in High Availability configurations. This is required only if the secondary DR hostname cannot be resolved by DNS lookup from the cluster.	Optional	String
image.repo	Defines the path to the container image repository, in the following format: <registry hostname>/<account name>/<repository name> If you do not define a registry hostname, Kubernetes assumes the Docker public registry (in the Docker Hub). Default: controlm/agent Change the default value only if you created your own non-default container image, as described in Docker Container Image. Kubernetes resource: statefulset.spec.template.spec.containers.image	Optional	String
image.tag	Defines the tag associated with the image. Tags enable you to identify different versions of the same series of images. By default, the Helm chart uses a BMC-provided image with the 9.21.315-k8s-openjdk tag. If you created your own non-default container image, use this parameter to specify its tag. For more information, see Docker Container Image. Kubernetes resource: statefulset.spec.template.spec.containers.image	Optional	String
image.pullPolicy	Determines whether to update the image (by pulling a new version of the image) when the kubelet launches a container. Values: Always Never IfNotPresent Default: IfNotPresent Kubernetes resource: statefulset.spec.template.spec.containers.imagePullPolicy	Optional	String
image.pullSecrets	Defines a secret (password) to access a private registry. --set image.pullSecrets"[0]".name=<secret_name> By default, no secret is used. Define a secret if you created your own non-default container image, as described in Docker Container Image. If so, you might need a secret in your cluster. To create the secret, see the Kubernetes documentation. Kubernetes resource: statefulset.spec.template.spec.imagePullSecrets	Optional	Array
pod.annotations	Defines annotations for pod metadata. In yaml format: Copy `pod: annotations: annotations: ad.datadoghq.com/psr-monitor.checks: '{ "openmetrics": { "init_config": {}, "instances": [ { "openmetrics_endpoint": "http://%%host%%:8080/ ", "namespace": "controlm", "metrics": ["."] } ] } }' key2: 'value2'` Kubernetes resource*: statefulset.spec.template.spec.annotations	Optional	Array
pod.affinity	Defines the pod scheduling constraints. In yaml format: Copy `affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: disktype operator: In values: - ssd` Kubernetes resource: statefulset.spec.template.spec.affinity	Optional	Array
pod.nodeSelector	Defines node labels for the NodeSelector, so that the pod is scheduled on the nodes. Default labels: kubernetes.io/os: linux kubernetes.io/arch: amd64 Kubernetes resource: statefulset.spec.template.spec.nodeSelector	Optional	Array
pod.resources	Defines Kubernetes memory and CPU resource requests and resource limits for the pod. The default memory size is 2Gi. In yaml format: Copy `resources: requests: memory: "2Gi"` Kubernetes resource: statefulset.spec.template.spec.containers.resources	Optional	Array
pod.serviceAccount.create	Determines whether to create a Service Account. If this parameter is set to true, the Service Account has the default name ".Release.Name.-sa". You can use pod.serviceAccount.name to change the default name. Values: true \| false Default: true If you decide to use your own Service Account (for example, if the user responsible for installing this Helm chart is not authorized to create a Service Account), set this parameter to false. If you set this parameter to false, ensure that you have granted the required privileges to your Service Account, as described in Service Account Privileges.	Optional	String
pod.serviceAccount.name	Defines the name of the Service Account to use to run the pod. Optional if pod.serviceAccount.create is set to true. Required if pod.serviceAccount.create is set to false. Default: ".Release.Name.-sa" (where .Release.Name is the name that you assigned to this installation instance) Kubernetes resource: statefulset.spec.template.spec.serviceAccountName	Optional	String
pod.securityContext	Determines which security context constraints (SCCs) control pod permissions on a RedHat OpenShift Kubernetes-based platform. By default (when this parameter is not explicitly set), the Agent is deployed with permission to use the nonroot-v2 SCC. If your IT environment or corporate security policies do not allow you to deploy a privileged pod, set this parameter to a value of auto. This disables the use of the nonroot-v2 SCC and the Agent is instead deployed with permission to use the cluster default SCC (typically, the restricted-v2 SCC). Kubernetes resource: statefulset.spec.template.spec.securityContext	Optional	String
pod.livenessProbe.timeoutSeconds	Determines the number of seconds to wait for a response from the liveness probe before a timeout occurs. The liveness probe verifies that the Agent is running properly. Default: 2 Kubernetes resource: statefulset.spec.template.spec.containers.livenessProbe.timeoutSeconds	Optional	Integer
pvc.accessMode	Determines the required access mode of the volume used by the Persistent Volume Claim (PVC). Values: ReadWriteOnce: The volume is mounted as read-write by a single node. ReadWriteMany: The volume is mounted as read-write by many nodes. Default: ReadWriteMany The default ReadWriteMany is necessary when you deploy 2 or more Agents (as set by agent.replicas) on separate nodes. Kubernetes resource: persistentvolumeclaim.spec.accessModes	Optional	String
pvc.storageClass	Defines the name of the Storage Class required by the Persistent Volume Claim (PVC). Ensure that the Storage Class that you choose is compatible with the access mode that you set through pvc.accessMode. For a list of Storage Classes that support the different access modes, see Access Modes in the Kubernetes documentation. If you use an NFS Storage Class, ensure that the UID and GID, which are Storage Class parameters for dynamic provisioning, are set to the following values: UID=1000 GID=0 Kubernetes resource: persistentvolumeclaim.spec.storageClassName	Required	String
pvc.volumeSize	Determines the minimum amount of persistent volume required. Default: 10Gi, appropriate for 2 Agents (the default value of agent.replicas) Kubernetes resource: persistentvolumeclaim.spec.resources.requests.storage	Optional	String