.. index:: Configuration; General .. _config-general: Advanced ==================================== Here is some context for more advanced configuration options. For an initial setup, they might not be necessary – except please check out :ref:`setup-networking` about the metrics endpoint. .. code: yaml - ``global.registry`` is the upstream docker registry. It's used for pulling images. You can change it to your own registry if you mirror all your images. Note: if you just customize the :doc:`project's software environment <../ops/software-env>`, then you have to change the ``manage.project.registry`` setting instead! Why? If set, that ``manage.project.registry`` setting overwrites the value of ``global.registry``. - ``global.imagePullSecrets``: see :ref:`private-docker-registry`. - ``global.setup_admin``: see :ref:`initial-admin-setup`, e.g.:: global: setup_admin: email: your.admin@email.address password: R3pLaC3mE name: "Your Name" You can also leave out the password and `set HELM chart params on the command-line `_ via ``helm [...] --set global.setup_admin.password=[password]``. - ``global.setup_registration_token``: if your server is publicly available, you probably don't want anyone to be able to create an account. This sets an initial token, that must be known to a user to be able to sign in. This does not affect SSO logins, because with them you're already in control about who is allowed to get access. See :ref:`ops-admin` for more. - ``global.kubectl`` is the version tag string of an image. It's used for running :term:`Jobs ` that need to run ``kubectl`` commands. The version should roughly match the version of the Kubernetes cluster's API server you're running. - ``global.ingress``: this is used to populate the :term:`Ingress` rules. Look at the ``letsencrypt/README.md`` file for more details. Obviously, this has to match whatever you have set up in :ref:`setup-networking` earlier. - ``global.networkingConfiguration`` allows you to disable all :term:`Ingress` or :term:`NetworkPolicy` rules. This is useful if you have a cluster with a different networking setup. **Note:** If you use the standard NGINX Ingress Controller, please read about the ``server-snippet`` setting in the ``/metrics endpoint`` section in :ref:`setup-networking`. To avoid running into a problem during a deployment, set ``hideMetrics: false``. - ``global.datastore``: see :ref:`datastore`. - ``global.priorityClasses`` and ``global.podDisruptionBudgets``: if enabled, this will define :term:`PriorityClasses` to make some :term:`Pod`\ s more important than others, while the :term:`Pod Disruption Budget` defines how many pods of a replicated service can be interrupted during maintenance, cluster changes, etc.