karpenter
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# -- Overrides the chart's name.
2
nameOverride: ""
3
# -- Overrides the chart's computed fullname.
4
fullnameOverride: ""
5
# -- Additional labels to add into metadata.
6
additionalLabels: {}
7
# app: karpenter
8
9
# -- Additional annotations to add into metadata.
10
additionalAnnotations: {}
11
# -- Image pull policy for Docker images.
12
imagePullPolicy: IfNotPresent
13
# -- Image pull secrets for Docker images.
14
imagePullSecrets: []
15
service:
16
# -- Additional annotations for the Service.
17
annotations: {}
18
serviceAccount:
19
# -- Specifies if a ServiceAccount should be created.
20
create: true
21
# -- The name of the ServiceAccount to use.
22
# If not set and create is true, a name is generated using the fullname template.
23
name: ""
24
# -- Additional annotations for the ServiceAccount.
25
annotations: {}
26
# -- Specifies additional rules for the core ClusterRole.
27
additionalClusterRoleRules: []
28
serviceMonitor:
29
# -- Specifies whether a ServiceMonitor should be created.
30
enabled: false
31
# -- Additional labels for the ServiceMonitor.
32
additionalLabels: {}
33
# -- Relabelings for the `http-metrics` endpoint on the ServiceMonitor.
34
# For more details on relabelings, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
35
relabelings: []
36
# -- Metric relabelings for the `http-metrics` endpoint on the ServiceMonitor.
37
# For more details on metric relabelings, see: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
38
metricRelabelings: []
39
# -- Configuration on `http-metrics` endpoint for the ServiceMonitor.
40
# Not to be used to add additional endpoints.
41
# See the Prometheus operator documentation for configurable fields https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#endpoint
42
endpointConfig: {}
43
# -- Specifies the sampleLimit for prometheus scrapes.
44
# Per-scrape limit on the number of scraped samples that will be accepted.
45
# If more than this number of samples are present after metric relabeling
46
# the entire scrape will be treated as failed. 0 means no limit.
47
sampleLimit: null
48
# -- Number of replicas.
49
replicas: 2
50
# -- The number of old ReplicaSets to retain to allow rollback.
51
revisionHistoryLimit: 10
52
# -- Strategy for updating the pod.
53
strategy:
54
rollingUpdate:
55
maxUnavailable: 1
56
# -- Additional labels for the pod.
57
podLabels: {}
58
# -- Additional annotations for the pod.
59
podAnnotations: {}
60
podDisruptionBudget:
61
name: karpenter
62
maxUnavailable: 1
63
# -- SecurityContext for the pod.
64
podSecurityContext:
65
fsGroup: 65532
66
seccompProfile:
67
type: RuntimeDefault
68
# -- PriorityClass name for the pod.
69
priorityClassName: system-cluster-critical
70
# -- Override the default termination grace period for the pod.
71
terminationGracePeriodSeconds:
72
# -- Bind the pod to the host network.
73
# This is required when using a custom CNI.
74
hostNetwork: false
75
# -- Specify which Kubernetes scheduler should dispatch the pod.
76
schedulerName: default-scheduler
77
# -- Configure the DNS Policy for the pod
78
dnsPolicy: ClusterFirst
79
# -- Configure DNS Config for the pod
80
dnsConfig: {}
81
# options:
82
# - name: ndots
83
# value: "1"
84
# -- add additional initContainers to run before karpenter container starts
85
initContainers: {}
86
# - name: list-ec2-instances
87
# image: amazon/aws-cli:latest
88
# command: [ 'aws', 'ec2', 'describe-instance-types']
89
# -- Node selectors to schedule the pod to nodes with labels.
90
nodeSelector:
91
kubernetes.io/os: linux
92
# -- Affinity rules for scheduling the pod. If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels.
93
affinity:
94
nodeAffinity:
95
requiredDuringSchedulingIgnoredDuringExecution:
96
nodeSelectorTerms:
97
- matchExpressions:
98
- key: karpenter.sh/nodepool
99
operator: DoesNotExist
100
podAntiAffinity:
101
requiredDuringSchedulingIgnoredDuringExecution:
102
- topologyKey: "kubernetes.io/hostname"
103
# -- Topology spread constraints to increase the controller resilience by distributing pods across the cluster zones. If an explicit label selector is not provided one will be created from the pod selector labels.
104
topologySpreadConstraints:
105
- maxSkew: 1
106
topologyKey: topology.kubernetes.io/zone
107
whenUnsatisfiable: DoNotSchedule
108
# -- Tolerations to allow the pod to be scheduled to nodes with taints.
109
tolerations:
110
- key: CriticalAddonsOnly
111
operator: Exists
112
# -- Additional volumes for the pod.
113
extraVolumes: []
114
# - name: aws-iam-token
115
# projected:
116
# defaultMode: 420
117
# sources:
118
# - serviceAccountToken:
119
# audience: sts.amazonaws.com
120
# expirationSeconds: 86400
121
# path: token
122
controller:
123
# -- Distinguishing container name (containerName: karpenter-controller).
124
containerName: controller
125
image:
126
# -- Repository path to the controller image.
127
repository: cgr.dev/chainguard-private/karpenter
128
# -- Tag of the controller image.
129
tag: latest
130
# -- SHA256 digest of the controller image.
131
digest: sha256:49857aa6cdbb44df1327608d2f274490be3a913fa597adfeb3dd9a369f82e10b
132
# -- Additional environment variables for the controller pod.
133
env: []
134
# - name: AWS_REGION
135
# value: eu-west-1
136
envFrom: []
137
securityContext:
138
# -- AppArmor profile for the controller container.
139
appArmorProfile: {}
140
# -- SELinux options for the controller container.
141
seLinuxOptions: {}
142
# -- Seccomp profile for the controller container.
143
seccompProfile: {}
144
# -- Resources for the controller container.
145
resources: {}
146
# We usually recommend not to specify default resources and to leave this as a conscious
147
# choice for the user. This also increases chances charts run on environments with little
148
# resources, such as Minikube. If you do want to specify resources, uncomment the following
149
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
150
# requests:
151
# cpu: 1
152
# memory: 1Gi
153
# limits:
154
# cpu: 1
155
# memory: 1Gi
156
# -- Additional volumeMounts for the controller container.
157
extraVolumeMounts: []
158
# - name: aws-iam-token
159
# mountPath: /var/run/secrets/eks.amazonaws.com/serviceaccount
160
# readOnly: true
161
# -- Additional sidecarContainer config
162
sidecarContainer: []
163
# -- Additional volumeMounts for the sidecar - this will be added to the volume mounts on top of extraVolumeMounts
164
sidecarVolumeMounts: []
165
metrics:
166
# -- The container port to use for metrics.
167
port: 8080
168
healthProbe:
169
# -- The container port to use for http health probe.
170
port: 8081
171
# -- Global log level, defaults to 'info'
172
logLevel: info
173
# -- Log outputPaths - defaults to stdout only
174
logOutputPaths:
175
- stdout
176
# -- Log errorOutputPaths - defaults to stderr only
177
logErrorOutputPaths:
178
- stderr
179
# -- Global Settings to configure Karpenter
180
settings:
181
# -- The maximum length of a batch window. The longer this is, the more pods we can consider for provisioning at one
182
# time which usually results in fewer but larger nodes.
183
batchMaxDuration: 10s
184
# -- The maximum amount of time with no new ending pods that if exceeded ends the current batching window. If pods arrive
185
# faster than this time, the batching window will be extended up to the maxDuration. If they arrive slower, the pods
186
# will be batched separately.
187
batchIdleDuration: 1s
188
# -- How the Karpenter scheduler should treat preferences. Preferences include preferredDuringSchedulingIgnoreDuringExecution
189
# node and pod affinities/anti-affinities and ScheduleAnyways topologySpreadConstraints. Can be one of 'Ignore' and 'Respect'
190
preferencePolicy: Respect
191
# -- How the Karpenter scheduler treats min values. Options include 'Strict' (fails scheduling when min values can't be met) and 'BestEffort' (relaxes min values when they can't be met).
192
minValuesPolicy: Strict
193
# -- Cluster CA bundle for TLS configuration of provisioned nodes. If not set, this is taken from the controller's TLS configuration for the API server.
194
clusterCABundle: ""
195
# -- Cluster name.
196
clusterName: ""
197
# -- Cluster endpoint. If not set, will be discovered during startup (EKS only).
198
clusterEndpoint: ""
199
# -- If true then assume we can't reach AWS services which don't have a VPC endpoint.
200
# This also has the effect of disabling look-ups to the AWS pricing endpoint.
201
isolatedVPC: false
202
# -- Marking this true means that your cluster is running with an EKS control plane and Karpenter should attempt to discover cluster details from the DescribeCluster API.
203
eksControlPlane: false
204
# -- The VM memory overhead as a percent that will be subtracted from the total memory for all instance types. The value of `0.075` equals to 7.5%.
205
vmMemoryOverheadPercent: 0.075
206
# -- Interruption queue is the name of the SQS queue used for processing interruption events from EC2.
207
# Interruption handling is disabled if not specified. Enabling interruption handling may
208
# require additional permissions on the controller service account. Additional permissions are outlined in the docs.
209
interruptionQueue: ""
210
# -- Marking this true signals Karpenter to respect zonal shifts when making node claims.
211
# More information about Zonal Shift here: https://docs.aws.amazon.com/eks/latest/userguide/zone-shift-enable.html#zone-shift-enable-steps
212
enableZonalShift: false
213
# -- Reserved ENIs are not included in the calculations for max-pods or kube-reserved.
214
# This is most often used in the VPC CNI custom networking setup https://docs.aws.amazon.com/eks/latest/userguide/cni-custom-network.html.
215
reservedENIs: "0"
216
# -- Ignore pods' DRA requests during scheduling simulations.
217
ignoreDRARequests: true
218
# -- Disable cluster state metrics and events.
219
disableClusterStateObservability: false
220
# -- Disable dry run validation for EC2NodeClasses.
221
disableDryRun: false
222
# -- Feature Gate configuration values. Feature Gates will follow the same graduation process and requirements as feature gates
223
# in Kubernetes. More information here https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/#feature-gates-for-alpha-or-beta-features.
224
featureGates:
225
# -- nodeRepair is ALPHA and is disabled by default.
226
# Setting this to true will enable node repair.
227
nodeRepair: false
228
# -- nodeOverlay is ALPHA and is disabled by default.
229
# Setting this will allow the use of node overlay to impact scheduling decisions
230
nodeOverlay: false
231
# -- reservedCapacity is BETA and is enabled by default.
232
# Setting this will enable native on-demand capacity reservation support.
233
reservedCapacity: true
234
# -- spotToSpotConsolidation is ALPHA and is disabled by default.
235
# Setting this to true will enable spot replacement consolidation for both single and multi-node consolidation.
236
spotToSpotConsolidation: false
237
# -- staticCapacity is ALPHA and is disabled by default.
238
# Setting this to true will enable static capacity provisioning.
239
staticCapacity: false
240
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.