To further fine-tune your Qovery infrastructure, you can set advanced settings through the Qovery API endpoint.
Cluster advanced settings are not available in the Qovery console yet.
All clusters have access to advanced settings, you can find where they are available in the documentation below with those badges mentioning for which Cloud provider they are available:
![](/img/advanced_settings/gcp.svg)
You will also find badges mentioning for which components it will be applied:
Below is the list of advanced settings currently available for clusters.
#Logs
#aws.cloudwatch.eks_logs_retention_days ![](/img/advanced_settings/aws.svg)
Type | Description | Default Value |
---|
integer | Maximum retention days in Cloudwatch for EKS logs. (possible values: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 2192, 2557, 2922, 3288, 3653) | 90 |
#aws.vpc.enable_s3_flow_logs ![](/img/advanced_settings/aws.svg)
Type | Description | Default Value |
---|
boolean | Enable flow logs on the cluster VPC and store them in an s3 bucket. | false |
#aws.vpc.flow_logs_retention_days ![](/img/advanced_settings/aws.svg)
Type | Description | Default Value |
---|
integer | Set the number of retention days for flow logs. Unlimited retention with value 0 | 365 |
#loki.log_retention_in_week
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Maximum Kubernetes pods (containers/application/jobs/cronjob) retention logs in weeks. | 12 (84 days) |
#gcp.vpc.enable_flow_logs ![](/img/advanced_settings/gcp.svg)
#gcp.vpc.flow_logs_sampling ![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
float | Set VPC logs flow sampling percentage. Value should be within [0.0 (no sampling), 1.0 (all logs)] range. | 0.0 |
#Image registry
#registry.image_retention_time ![](/img/advanced_settings/aws.svg)
Type | Description | Default Value |
---|
integer | Allows you to specify an amount in seconds after which images in the default registry are deleted. | 31536000 (1 year) |
#registry.mirroring_mode ![](/img/advanced_settings/aws.svg)
Type | Description | Default Value |
---|
string | Allows you to specify the image mirroring mode to be used for each image deployed on this cluster. (possible values: Service or Cluster ) | Service |
#cloud_provider.container_registry.tags
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
Map<String, String> | Add additional tags on the cluster dedicated registry | |
#Network
#Load balancer
#load_balancer.size ![](/img/advanced_settings/scaleway.svg)
Type | Description | Default Value |
---|
string | Allows you to specify the load balancer size in front of your cluster. Possible values are: - lb-s : 200 Mbps - lb-gp-m : 500 Mbps - lb-gp-l : 1 Gbps - lb-gp-xl : 4 Gbps | lb-s |
#Nginx
#nginx.vcpu.request_in_milli_cpu
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Vcpu request value in millicores assigned to Nginx pods | 200 |
#nginx.vcpu.limit_in_milli_cpu
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Vcpu limit value in millicores assigned to Nginx pods | 700 |
#nginx.memory.request_in_mib
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Memory limit value in MiB assigned to Nginx pods | 768 |
#nginx.memory.limit_in_mib
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Memory limit value in MiB assigned to Nginx pods | 768 |
#nginx.hpa.cpu_utilization_percentage_threshold
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Hpa (horizontal pod autoscaler) cpu threshold in percentage assigned to Nginx deployment | 50 |
#nginx.hpa.min_number_instances
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Minimum number of Nginx instances running | 2 |
#nginx.hpa.max_number_instances
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
integer | Maximum number of Nginx instances running | 25 |
#nginx.controller.enable_client_ip
![](/img/advanced_settings/gcp.svg)
#nginx.controller.log_format_upstream
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
string | Allows to customize nginx log-format. | null |
#nginx.controller.log_format_escaping
![](/img/advanced_settings/gcp.svg)
Type | Description | Default Value |
---|
string | Allows to customize nginx log-format-escaping setting, possible values are: Default , JSON , None . | Default |
#Database access
#database.postgresql.deny_public_access
![](/img/advanced_settings/database-managed.svg)
Type | Description | Default Value |
---|
boolean | Deny public access to all PostgreSQL databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "any IP"). ⚠️ Public access to managed databases will instantly be removed ⚠️ Public access to container databases will be removed only after a database redeployment | false |
#database.postgresql.allowed_cidrs
![](/img/advanced_settings/database-managed.svg)
#database.mysql.deny_public_access
![](/img/advanced_settings/database-managed.svg)
Type | Description | Default Value |
---|
boolean | Deny public access to all MySQL databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "any IP"). ⚠️ Public access to managed databases will instantly be removed ⚠️ Public access to container databases will be removed only after a database redeployment | false |
#database.mysql.allowed_cidrs
![](/img/advanced_settings/database-managed.svg)
#database.mongodb.deny_public_access
![](/img/advanced_settings/database-managed.svg)
Type | Description | Default Value |
---|
boolean | Deny public access to all MongoDB databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "any IP"). ⚠️ Public access to managed databases will instantly be removed ⚠️ Public access to container databases will be removed only after a database redeployment | false |
#database.mongodb.allowed_cidrs
![](/img/advanced_settings/database-managed.svg)
#database.redis.deny_public_access
![](/img/advanced_settings/database-managed.svg)
Type | Description | Default Value |
---|
boolean | Deny public access to all Redis databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "anyone"). ⚠️ Public access to managed databases will instantly be removed ⚠️ Public access to container databases will be removed only after a database redeployment | false |
#database.redis.allowed_cidrs
![](/img/advanced_settings/database-managed.svg)
#Service
#allow_service_cpu_overcommit
![](/img/advanced_settings/gcp.svg)
Using overcommit on pod resources can lead to instability on your cluster and we strongly discourage it. Be careful when using this feature.
Type | Description | Default Value |
---|
boolean | Authorize CPU overcommit (limit > request) for the services deployed within this cluster | false |
Once enabled, you can update the advanced setting resources.override.limit.cpu_in_mib of your service.
#allow_service_ram_overcommit
![](/img/advanced_settings/gcp.svg)
Using overcommit on pod resources can lead to instability on your cluster and we strongly discourage it. Be careful when using this feature.
Type | Description | Default Value |
---|
boolean | Authorize memory overcommit (limit > request) for the services deployed within this cluster | false |
Once enabled, you can update the advanced setting resources.override.limit.ram_in_mib of your service.
#IAM
#aws.iam.enable_admin_group_sync ![](/img/advanced_settings/aws.svg)
#aws.iam.admin_group ![](/img/advanced_settings/aws.svg)
Type | Description | Default Value |
---|
string | Allows you to specify the IAM group name associated with the Qovery user in the AWS console during the IAM permissions setup to be able to connect to the Kubernetes cluster. Its value can be changed after the cluster installation via a re-deploy without any downtime. | Admins |
#aws.iam.enable_sso ![](/img/advanced_settings/aws.svg)
#aws.iam.sso_role_arn ![](/img/advanced_settings/aws.svg)
#Miscellaneous
#aws.eks.ec2.metadata_imds ![](/img/advanced_settings/aws.svg)
Type | Description | Default Value |
---|
string | Specify the IMDS version you want to use. Possible values are required (IMDS v2 only) and optional (IMDS v1 and V2) | optional |
#aws.eks.encrypt_secrets_kms_key_arn ![](/img/advanced_settings/aws.svg)
It won't be possible to go back once this feature is activated.
Type | Description | Default Value |
---|
string | Allows you to activate KMS encryption of your Kubernetes secrets. Specify the key ARN of your AWS KMS key. | |
#storageclass.fast_ssd
Type | Description | Default Value |
---|
string | Specify the kubernetes storageClass to be used for the storage attached to your container databases and applications | different by cloud provider |