Skip to main content

Overview

Service Advanced Settings allow you to fine-tune infrastructure and deployment parameters for your Qovery services. These settings provide granular control over build processes, networking, security, and resource allocation without requiring direct Kubernetes configuration.
Advanced settings are available for Applications, Containers, Cronjobs, Jobs, and Helm charts.

Accessing Advanced Settings

1

Navigate to Service

Open your service (Application, Container, Cronjob, Job, or Helm) in Qovery Console
2

Open Settings

Click on the Settings tab
3

Access Advanced Settings

Scroll to the Advanced Settings sectionAdvanced Settings Location
4

Configure Settings

Click on a setting to modify its value. You can toggle to show only overridden settings.Advanced Settings Interface
Use the Show only overridden toggle to view only settings that differ from defaults.

Quick Reference

Settings by Category

SettingDefaultService TypesDescription
build.timeout_max_sec1800App Cronjob JobBuild timeout in seconds
build.cpu_max_in_milli4000App Cronjob JobBuild CPU allocation (millicores)
build.ram_max_in_gib8App Cronjob JobBuild RAM allocation (GiB)
build.ephemeral_storage_in_gibnullApp Cronjob JobBuild ephemeral storage (GiB)
SettingDefaultService TypesDescription
deployment.termination_grace_period_seconds60App Container Cronjob JobGraceful shutdown timeout
deployment.affinity.node.requiredApp Container Cronjob JobNode affinity requirements
SettingDefaultService TypesDescription
network.ingress.enable_corsfalseApp Container HelmEnable CORS
network.ingress.cors_allow_origin*App Container HelmAllowed origins
network.ingress.cors_allow_methodsGET, PUT, POST, DELETE, PATCH, OPTIONSApp Container HelmAllowed HTTP methods
network.ingress.cors_allow_headersDNT, Keep-Alive, User-Agent, …App Container HelmAllowed headers
SettingDefaultService TypesDescription
network.ingress.proxy_body_size_mb100App Container HelmMax request body size (MB)
network.ingress.proxy_set_headersApp Container HelmCustom request headers
SettingDefaultService TypesDescription
network.ingress.whitelist_source_range0.0.0.0/0App Container HelmIP whitelist (CIDR)
network.ingress.denylist_source_rangenullApp Container HelmIP denylist (CIDR)
network.ingress.basic_auth_env_varnullApp Container HelmBasic auth credentials (env var)
network.ingress.enable_sticky_sessionfalseApp Container HelmSession affinity
network.ingress.sticky_session_cookie_nameQOVERY_COOKIE_IDApp Container HelmSession cookie name
SettingDefaultService TypesDescription
network.ingress.grpcfalseApp Container HelmEnable gRPC protocol
network.ingress.grpc_send_timeout_seconds60App Container HelmgRPC send timeout
SettingDefaultService TypesDescription
network.ingress.add_rate_limitfalseApp Container HelmEnable rate limiting
network.ingress.rate_limit_rpm0App Container HelmRequests per minute limit
SettingDefaultService TypesDescription
hpa.cpu.average_utilization_percent60App Container HelmCPU target for HPA
hpa.memory.average_utilization_percentnullApp Container HelmMemory target for HPA
hpa.scale_down_policy_strategyMaxApp Container HelmScale down strategy
hpa.scale_up_policy_strategyMaxApp Container HelmScale up strategy
SettingDefaultService TypesDescription
job.delete_ttl_seconds_after_finishednullCronjob JobDelete job after completion
cronjob.failed_jobs_history_limit1CronjobFailed jobs history limit
SettingDefaultService TypesDescription
resources.overrideApp Container Cronjob Job HelmOverride resource requests/limits
readiness_probe.initial_delay_seconds30App Container HelmReadiness probe initial delay
SettingDefaultService TypesDescription
security.service_account_namenullApp Container Cronjob Job HelmKubernetes ServiceAccount name
Use the Settings by Category tables above to quickly find settings. The Service Types column shows which services support each setting using icons (App Container Cronjob Job Helm).

Configuring Advanced Settings

Via Qovery Console

  1. Navigate to your service (Application, Container, Job, Cronjob, or Helm)
  2. Click Settings tab
  3. Scroll to Advanced Settings section
  4. Click on any setting to modify its value
  5. Click Save and redeploy your service

Via Qovery API

Advanced settings can be configured using the Qovery API: 
curl -X PATCH "https://api.qovery.com/application/{application_id}/advancedSettings" \
  -H "Authorization: Token YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "build.timeout_max_sec": 3600,
    "network.ingress.enable_cors": true,
    "hpa.cpu.average_utilization_percent": 75
  }'

Via Terraform

Use the Qovery Terraform Provider to manage advanced settings as code: 
resource "qovery_application" "my_app" {
  name                 = "my-application"
  environment_id       = qovery_environment.prod.id

  advanced_settings_json = jsonencode({
    "build.timeout_max_sec" = 3600
    "network.ingress.enable_cors" = true
    "network.ingress.cors_allow_origin" = "https://example.com"
    "hpa.cpu.average_utilization_percent" = 75
  })
}

Best Practices

Begin with Qovery’s default settings and only modify when you have a specific requirement. Defaults are optimized for most use cases.
Always test advanced settings changes in development or staging environments before applying to production.
Keep track of why you changed specific settings. This helps with troubleshooting and knowledge sharing across your team.
After modifying advanced settings, closely monitor your service’s performance, resource usage, and logs for 24-48 hours.
Manage advanced settings through Terraform or API to maintain consistency across environments and enable version control.
  • Always use IP whitelisting for internal services
  • Enable Basic Auth for sensitive endpoints
  • Use HTTPS-only for CORS origins
  • Set appropriate rate limits to prevent abuse
  • Set realistic build timeouts to catch hanging builds early
  • Configure HPA thresholds based on actual traffic patterns
  • Use resource overrides sparingly and monitor cluster impact.

Troubleshooting

Symptoms: Service deployment fails or pods crash after modifying advanced settings.Common Causes:
  • Invalid resource overrides (requests > limits)
  • ServiceAccount doesn’t exist
  • Node affinity requirements can’t be satisfied
  • Build timeout too short
Resolution:
  1. Check deployment logs for specific error messages
  2. Verify resource values are valid (requests ≤ limits)
  3. Confirm ServiceAccount exists: kubectl get sa -n NAMESPACE
  4. Check node labels match affinity requirements
  5. Revert to default settings and apply changes incrementally
Symptoms: Browser shows CORS errors despite enabling CORS settings.Troubleshooting:
  1. Verify network.ingress.enable_cors is true
  2. Check cors_allow_origin includes your domain (not just *)
  3. Ensure cors_allow_methods includes your HTTP method
  4. Verify cors_allow_headers includes required headers
  5. Check browser console for specific CORS error details
  6. Confirm service has redeployed after settings change
Symptoms: Horizontal Pod Autoscaler not scaling pods despite load.Check:
  1. Metrics server is installed: kubectl top pods
  2. CPU/memory requests are set (HPA requires requests)
  3. Current utilization exceeds threshold
  4. Min/max instances configured correctly
  5. HPA events: kubectl describe hpa HPA_NAME
Common Issues:
  • No resource requests defined (HPA can’t calculate percentage)
  • Utilization below threshold
  • Already at max instances
  • Scale down policy set to Disabled
Symptoms: Legitimate requests being blocked by rate limiter.Resolution:
  1. Review rate_limit_rpm value - may be too restrictive
  2. Check if rate limit is per IP (all users behind NAT count as one)
  3. Consider using application-level rate limiting for better control
  4. Monitor Nginx ingress logs for rate limit events
  5. Adjust RPM based on actual traffic patterns
Symptoms: Basic auth not triggering authentication prompt.Verify:
  1. Environment variable specified in basic_auth_env_var exists
  2. Environment variable format is correct: username:encrypted_password
  3. Password encrypted with htpasswd: htpasswd -nb user pass
  4. Service has been redeployed after setting change
  5. Accessing via HTTPS (some browsers skip auth on HTTP)

Next Steps

Cluster Advanced Settings

Configure cluster-level advanced settings

Environment Variables

Manage environment variables and secrets

Qovery API Reference

Explore the full Qovery API
https://mintcdn.com/qovery/bC94RbU5OE288_w9/images/logos/terraform-icon.svg?fit=max&auto=format&n=bC94RbU5OE288_w9&q=85&s=e435f4dfa945bf74f2ed7deff23e009d

Terraform Provider

Manage infrastructure as code